ITILITIL : 82 84 85 88 93 97 98 105 107 108….

82 84 85 88 93 97 98 105 107 108 110 111 111 112 113 114 119 124 125 128 128 131 135 136 137 138 138 139 140 142 147 148 150 153 155 156 157 157 Computer-aided facility management Computer-aided manufacturing Computer-aided process planning Computer-integrated manufacturing Computerized Maintenance Management System Configuration Management (ITSM) Configuration management database Consumer privacy Contract management Corporate taxonomy Croquet Project Cumulus (software) Customer communications management Customer intelligence Customer to customer Data farming Data warehouse Data warehouse appliance Dataspaces Definitive Media Library Demand chain Desktop Outsourcing Device Management Forum DevOps Digital asset management VFinity Digital Fuel DigitalFusion Platform Direct digital manufacturing Disintermediation Distributed development Document imaging DocSTAR Document management system Dot-com bubble Downtime Drill down Dynamic business process management 159 161 165 166 170 172 173 175 177 180 181 185 186 189 190 194 195 202 206 209 209 213 213 214 219 222 224 225 226 228 231 234 235 237 240 246 250 251 E-Booking (UK government project) E-HRM Early-arriving fact ETM (Economic Traffic Management) EDIFACT EFx Factory Electronic commerce Electronic data processing Electronic Document and Records Management System Electronic Human Resources Enterprise bus matrix Enterprise content management Enterprise information management Enterprise IT Management Enterprise Output Management Enterprise portal Enterprise project management Enterprise wiki Epitechnology ERP for IT eSCM (eSourcing Capability Model) eSCM-CL eSCM-SP European Research Center for Information Systems Executive information system Financial Management for IT Services (ITSM) Financial Management Standard FORTRAS GESMES/TS Global delivery model Corporate Governance of ICT Corporate governance of information technology Granular Configuration Automation Grey problem Hierarchical storage management High Availability Application Architecture Holistic Data Management HP FutureSmart firmware 252 253 254 254 255 258 261 266 268 269 271 273 287 288 289 290 294 295 297 297 299 299 301 305 306 310 313 314 314 315 316 317 320 322 323 326 327 329 HP Open Extensibility Platform (OXP) Human interaction management IBM Tivoli Unified Process (ITUP) Identity Governance Framework IFPUG Imaging for Windows Incident Management (ITSM) Information management Information model Information protection policy Information security governance Information Services Procurement Library Information technology consulting Information Technology Infrastructure Library Information technology planning Infra Corporation Integrated Data Management Intelligent device management Intelligent workload management International Association for Human Resource Information Management The International Records Management Trust Intranet strategies ISO/IEC 19770 ISO/IEC 20000 ISO/IEC 27000-series IT Asset & Service Management IT asset management IT baseline protection IT cost transparency IT Interaction Model IT portfolio management IT risk IT risk management IT service continuity IT service management IT Service Management Forum ITIL Planning to implement service management ITIL security management 332 334 335 340 342 343 344 346 348 351 352 352 364 366 382 383 384 386 386 387 388 390 392 394 395 397 397 399 403 405 405 409 422 437 437 440 441 448 jAPS Key server (software licensing) Knowledge management software Knowledge spillover League Lab Lean IT Legal matter management Library Review Local information systems Management information system Many-to-many Master data management Master of Business Informatics Material requirements planning Microsoft Customer Care Framework Microsoft Operations Framework Mobile business development Mobile document access MobShop Multifunction printer Mung (computer term) National Biological Information Infrastructure Network configuration and change management ODMA OMII-UK One-to-many One-to-one (communication) Online analytical processing Open Cobalt OpenACS OpenIT Operational database Operational intelligence Operational level agreement Operational system Information technology operations Operations architecture OPIDIS 460 461 462 463 466 467 477 478 479 483 485 486 490 491 495 498 499 503 505 506 514 515 517 517 518 519 519 520 525 531 532 535 536 538 539 539 540 541 Optimization (Infrastructure & Application Platform) Organizational Memory System Pathology Messaging Implementation Project People Capability Maturity Model Performance engineering Permission marketing Personalized marketing Piazza Telematica Pop-up ad Problem management Process-centered design Process-driven application Product Data Record Product lifecycle management Production Support Project portfolio management Purchase order request Razorfish (company) Real time enterprise Records Life Cycle Records management Clinger–Cohen Act Remote access policy Revere, Inc.

RPR Problem Diagnosis Run Book Automation Selerant Sensemaking Service Catalog Service Desk (ITSM) Service Integration Maturity Model Service level agreement Service level requirement Service Measurement Index SFIAPlus Shadow system SigmaQuest Skills Framework for the Information Age 542 547 548 549 551 556 558 559 562 565 568 569 571 572 580 581 585 585 588 588 590 596 601 602 603 605 606 607 611 612 613 614 617 618 619 621 624 625 SmoothIT project SMPI Socitm Software Asset Management Software factory Spam (electronic) Spam Lit Speech analytics Spreadmart Strategic enterprise management Customer support Sysload Software Technology management Telematics Test effort The UK Government’s Knowledge Network Programme Ubiquitous city UC4 Unstructured data User account policy Virtual chargeback Virtual filing cabinet Virtual management Virtual team Visual CMDB Visual learning Web commerce Web operations Website promotion X12 EDIFACT Mapping Xinet XML/EDIFACT 629 633 634 634 636 637 649 650 652 653 654 655 656 657 665 667 670 671 672 673 674 675 676 678 685 686 689 690 691 691 694 695 — 64 Video motion detection Video Motion Detection refers to the ability of a computer algorithm to automatically identify motion in a video clip.

The basic motion detection can identify any motion on the video.

Such algorithm may be affected by changes in weather such as cloud movement, rain, etc.

More advanced motion detection algorithm can identify motion in a specific area of the picture (such as crossing a border), mark the location of the moving object and possibly follow it. Information technology management IT Management is the discipline whereby all of the technology resources of the firm are managed in accord with the company’s needs and priorities.

Those resources include tangible investments like computer hardware, software, data, networks and data centre facilities, as well as the staffs who are hired to maintain them.

Managing this responsibility within a company entails many of the basic management functions, like budgeting, staffing, organizing and controlling, plus aspects that are unique to technology, like change management, software design, network planning, tech support and others.[1] IT Management is a different subject from Management Information Systems.

Management Information Systems refer to information management methods tied to the automation or support of human decision making.[2] IT Management, as stated in the above definition, refers to the IT related management activities in organizations.

MIS as it is referred to is focused mainly on the business aspect with a strong input into the technology phase of the business/organization.

A primary focus of IT Management is the value creation made possible by technology.

This requires the alignment of technology and business strategies.

While the value creation for an organization is a network of relationships between internal and external environments, technology plays an important role in improving the overall value chain of an organization.

However, this increase requires business and technology management to work as a creative, synergistic, and collaborative team instead of a purely mechanistic span of control according to Bird.[3] IT Infrastructure The term IT Infrastructure is defined in ITIL v3 as combined set of hardware, software, networks, facilities, etc. (including all of the Information Technology), in order to develop, test, deliver, monitor, control or support IT services.

Associated people, Processes and documentation are not part of IT Infrastructure.[4] List of IT Management disciplines The below concepts are commonly listed or investigated under the broad term IT Management:[5] [6] [7] [8] • • • • • • Business/IT alignment IT Governance IT Financial Management IT Service Management Sourcing IT configuration management Information technology management 65 IT Managers IT Managers have a lot in common with Project Managers but their main difference is one of focus: IT Managers are responsible and accountable for an ongoing program of IT services while the Project Managers’ responsibility and accountability are both limited to a project with a clear start and end date.[9] Most of the IT management programs are designed to educate and develop managers who can effectively manage the planning, design, selection, implementation, use, and administration of emerging and converging information and communications technologies.

The program curriculum provides students with the technical knowledge and management knowledge and skills needed to effectively integrate people, information and communication technologies, and business processes in support of organizational strategic goals.

Graduates should be able 1.

To explain the important terminology, facts, concepts, principles, analytic techniques, and theories used in IT management. 2.

To apply important terminology, facts, concepts, principles, analytic techniques, and theories in IT management when analyzing complex factual situations. 3.

To integrate (or synthesize) important facts, concepts, principles, and theories in IT management when developing solutions to IT management multifaceted problems in complex situations. References [1] McNurlin, Barbara, et.

Al. (2009). “Information Systems Management in Practice (8th ed.)”.

Prentice Hall. [2] O’Brien, J (1999).

Management Information Systems – Managing Information Technology in the Internetworked Enterprise.

Boston: Irwin McGraw-Hill.

ISBN 0071123733. [3] Bird, M. (2010).

Modern Management Guide to Information Technology.

Create Space. (http:/ / harvardbookstore.

Biz) [4] Veen, Annelies van der; Jan van Bon (2007).

Foundations of ITIL V3.

Van Haren Publishing.

ISBN 9789087530570. [5] 28 Nov. 2008 http:/ / it/ products/ research/ topics/ topics.

Jsp [6] 28 Nov. 2008 http:/ / it/ products/ research/ research_services.

Jsp [7] McKeen, James D., and Smith, Heather A., Making IT Happen: Critical Issues in IT Management, Wiley Series in Information Systems, 2003 [8] CIO Wisdom: Best Practise from Silicon Valley’s Leading IT Experts, Lane, D. (ed), Prentice Hall 2004 [9] Thomas, Rhané (June 15, 2009). “IT Managers and Project Management” (http:/ / it-managers-and-project-management).

PM Hut. .

Retrieved December 13, 2009. Data proliferation 66 Data proliferation Data proliferation refers to the prodigious amount of data, structured and unstructured, that businesses and governments continue to generate at an unprecedented rate and the usability problems that result from attempting to store and manage that data.

While originally pertaining to problems associated with paper documentation, data proliferation has become a major problem in primary and secondary data storage on computers.

While digital storage has become cheaper, the associated costs, from raw power to maintenance and from metadata to search engines, have not kept up with the proliferation of data.

Although the power required to maintain a unit of data has fallen, the cost of facilities which house the digital storage has tended to rise. [1] “ At the simplest level, company e-mail systems spawn large amounts of data.

Business e-mail – some of it important to the enterprise, some much less so – is estimated to be growing at a rate of 25-30% annually.

And whether it’s relevant or not, the load on the system is being magnified by practices such as multiple addressing and the attaching of large text, audio and even video files. ” [2] — 2.

Günther, H.O.

And Van Beek, P. (2003).

Advanced Planning and Scheduling Solutions in Process Industry.


Berlin-Heidelberg. External links • IT toolbox ( Peer reviewed industry and academic literature with topics including constraint-based planning, simulation, optimisation and machine set-up and sequencing. • Production Planning Portal ( A web-based resource for the latest production planning news, articles and information. • Planning Engineers Organisation ( Global professional association serving planners and schedulers. Application Services Library 85 Application Services Library ASL is a methodology used in the IT industry.

The Application Services Library (ASL) is a public domain standard, which describes a standard for processes within Application Management (the discipline of producing and maintaining information systems and applications).

The term “library” is used because the ASL standard is based on the descriptions of best practices from the industry.

This standard was developed in the late nineties in the Netherlands, originally as the proprietary R2C model, which evolved into ASL in 2000.

In 2001 it was donated by the IT Service Provider PinkRoccade to the ASL Foundation, now the ASL BiSL Foundation.

ASL is closely related to ITIL, BiSL and CMM.

It is described in several books and articles (most of them only available in Dutch), as well as on the official website of the ASL BiSL Foundation.

The standard was developed because of the inability to structure the way of working within the Application Management departments by only using the ITIL framework, an older library embraced by the IT infrastructure departments for structuring their way of working.

At the time of development, ITIL was very useful for infrastructure management but lacked specific guidance for application design, development, maintenance and support.

Newer ITIL versions, particularly V3, have increasingly addressed the Application Development and Application Management domains.

A reference to a white paper comparing ITIL V3 and ASL is included.

ASL was defined in order to fill this gap for Application Management.

A similar development has led to the definition of the BiSL-standard for Information Management / Functional Management. Purpose The ASL is intended to support Application Management by providing tools.

Two main categories of aids are defined: • Descriptions of the processes for Application Management.

Plus the use of best-practises • Standard terminology, avoiding the pitfall of talking about different topics while using the same words.

The goal of ASL is to assist in the professionalisation of Application Management. Structure of ASL Application Services Library 86 ASL contains six clusters of processes, three on the operational level, one on the tactical level and two on the strategic level. Operational level Service organisation There are five processes within the cluster Service Organisation.

The processes in the Service Organisation cluster support the daily use of the information systems.

The processes in this cluster are: • • • • • incident management continuity management capacity management availability management configuration management These processes have as well been defined in the ITIL framework.

The processes are similar, but are viewed from another point of view, therefore the activities in each of these processes may differ from the activities in an ITIL-environment.

Development and Maintenance Within this cluster the majority of the work of Application Development is done.

A major part of the work of Application Management deals with designing, programming and testing applications and information systems.

Processes are • • • • • impact analysis design realization testing implementation These processes are not described at all in the ITIL V1 framework, but do have their counterparts in BiSL, the model for Information management / Functional Management.

Connecting processes The connecting processes aim at the synchronisation of the activities between Service Organisation/operations (using the applications) and development and maintenance (changing the applications).

The two processes included are: • change management • release management. Application Services Library 87 Tactical level Management processes The processes in this cluster are used in the management of the activities within the clusters on the operational level.

The processes are located on the tactical level, are used for steering the operational processes.

The processes included are: • • • • quality management service level management cost management planning & control. Strategic level Application Cycle Management Applications live for longer than expected.

Systems, functionality, concepts and structure of information systems remain stable over many years.

This knowledge is rarely used.

It is important that, while maintaining and enhancing systems, there is a clear view needed what the demands are in the future, and based on that, what and how the future of these applications should look like.

This view, the application management strategies, is created within the cluster application cycle management.

The processes in this cluster are: • • • • • life cycle management information portfolio management customer organisation strategy customer environment strategy ICT development strategy. Organisation Cycle Management Also the future of the Application Management organisation, with aspects as skills and capabilities, markets and customers, is very important.

Creating the organisation management strategies for this is the aim of Organization Cycle Management.

Processes in this cluster include: • • • • • account definition market definition skills definition technology definition service delivery definition Information For more information, many articles, best practises and information are available at the website of the ASL BiSL Foundation. References • ASL BiSL Foundation website [1] • ASL, a framework for Application Management (book on ASL, ISBN 90-77212-05-1) • Comparison ASL & ITIL V3 [2] Application Services Library 88 References [1] http:/ / [2] http:/ / Knowledge-Centre/ White-Papers/ Autonomic Networking Autonomic Networking follows the concept of Autonomic Computing, an initiative started by IBM in 2001.

Its ultimate aim is to create self-managing networks to overcome the rapidly growing complexity of the Internet and other networks and to enable their further growth, far beyond the size of today. Increasing size and complexity The ever-growing management complexity of the Internet caused by its rapid growth is seen by some experts as a major problem that limits its usability in the future.

What’s more, increasingly popular smartphones, PDAs, networked audio and video equipment, and game consoles need to be interconnected.

Pervasive Computing not only adds features, but also burdens existing networking infrastructure with more and more tasks that sooner or later will not be manageable by human intervention alone.

Another important aspect is the price of manually controlling huge numbers of vitally important devices of current network infrastructures. Autonomic nervous system — Business Informatics (BI) shows many similarities to the Information Systems (IS), which is a well established discipline originating from the Northern American hemisphere.

However, there are a few major differences that make Business Informatics a unique own discipline: 1.

Business Informatics includes Information Technology, like the relevant portions of Applied Computer Science, to a much larger extent than Information Systems does. 2.

Business Informatics includes significant construction and implementation oriented elements.

IE one major focus lies in the development of solutions for business problems rather than the ex post investigation of their impact.

Information Systems strongly focuses on empirically explaining phenomena of the real world.

Often, IS has been said to have an “explanation-oriented” focus in contrast to the “solution-oriented” focus that dominates BI.

IS researchers make an effort to explain phenomena of acceptance and influence of IT in organizations and the society applying an empirical approach.

In order to do that usually qualitative and quantitative empirical studies are conducted and evaluated.

In contrast to that, BI researchers mainly focus on the creation of IT solutions for challenges they have observed or assumed.

Tight integration between research and teaching following the Humboldtian ideal is another tradition in Business Informatics.

Recent insights gained in actual research projects become part of the curricula quite fast because most researchers are also lecturers at the same time.[1] The pace of scientific and technological progress in BI is quite rapid, therefore subjects taught are under permanent reconsideration and revision.[2] In its evolution, the BI discipline is fairly young.

Therefore, significant hurdles have to be overcome in oder to further establish its vision.[3] Business informatics 112 References [1] Virtual Global University: Virtual Global University (http:/ /

De) [2] Ives, B., J.

Valacich, R.

Watson, R.

Zmud and et al., What Every Business Student Needs to Know About Information Systems, Communications of the Association for Information Systems, (9:30) December, 2002 [3] Lyytinen, K., R.

Baskerville, J.

Livari, D.

Te’eni, Why the old world cannot publish? Overcoming challenges in publishing high-impact IS research, European Journal of Information Systems (EJIS), 16, 2007, p. 317-326. Business Information Services Library Business Information Services Library (BISL), previously known as Business Information Service Management Library, is a framework used for functional management and information management.

BiSL is a public domain standard since 2005, governed by the ASL BiSL foundation (previously ASL Foundation).

The framework describes a standard for processes within business information management at the strategy, management and operations level.[1] .

BiSL is closely related to the ITIL and ASL framework, yet the main difference between these frameworks is that ITIL and ASL focus on the supply side of information (the purpose of an IT organisation), whereas BiSL focuses on the demand side (arising from the end-user organisation).[2] [3] History BiSL was developed in the Netherlands by Getronics (formerly PinkRoccade) for the applications division BAS that was later bought by Capgemini in 2008.

The ASL-BiSL Foundation was founded in 2002 to propagate knowledge of ICT Service management and to write whitepapers on popular ICT demand management subjects such as Outsourcing, Compliance & Governance, and Metrics.[4] The body of knowledge on BiSl is currently public domain, but Capgemini actively supports application of BiSL theory, and application of BiSL tools such as the BiSL game, a project management game using roleplaying that can be played in one day by up to 25 players, designed to teach the BiSL concepts in the field of ICT management.

Since so many aspects of BiSL in real life are based on business strategy, the game creates a sense of urgency in projects by causing interruptions of normal business by external or internal factors.

The method uses the Learning-by-doing concept. BiSL in ICT demand management Information management, or ICT demand management, can be split in three major areas: • Technical / Infrastructure Management (framed by ITIL) Technical management is the group of processes focusing on the management of the IT infrastructure itself and is supported by the ITIL standard.

The IT infrastructure is the underlying layer made of computer systems, network connectivity and end-user devices allowing to operate the application layer and provide them with application functionalities.

Technical management is owned by the IT organisation. • Application Management (framed by ASL) Application management is the group of processes that takes care of the implementation of the evolutions in the applications required to comply with technical or functional requirements.

These changes may be required either because the application doesn’t work like expected (corrective application maintenance) or because the expectations have changed (what the application needs to deliver has changed).

Application management focuses on incremental changes on existing applications, not on the development of new applications, and is supported by the ASL standard, which is subsequent to and partially inspired by the ITIL standard. • Functional Management (framed by BiSL) Business Information Services Library Functional management is the group of processes that frames the provisioning and control of the functional requirements that the applications have to deliver to the end-users.

Functional management is owned by end-user organisations and enables them to control that the required functionalities are implemented in the applications that the end-users use, or that changes to the applications comply to the expectations.

Functional management is supported by the most recent BiSL standard. 113 References [1] http:/ / content/ view/ 12/ 17/ lang,en/ [2] http:/ / component/ option,com_docman/ task,doc_download/ gid,338/ Itemid,70/ lang,en/ [3] Remko van der Pols, Ralph Donatz, Frank van Outvorst.

BiSL, Framework for Business Information Management. (2007) ISBN 978-90-8753-042-6 [4] Dutch Article (http:/ / www.computable.

Nl/ artikel/ ict_topics/ beheer/ 2924006/ 1277800/ nieuwe-voorzitter-voor-stichting-aslbisl.

Html) in Computable magazine over the ASL-BiSL Foundation External links • ASL BiSL Foundation ( Business Object Model Within Business Process Management all business objects, their attributes and their relations are defined in the business-object model (BOM).

To describe the information processed by software modules, the semantics must be unified.

That is called “semantic integration”.

The business-object model is a result of semantic integration and is a representation of enterprise semantics.

Besides BOM, there is also the use case model, for use within the software engineering of services. External links — [1] Tas, J. & Sunder, S. 2004, Financial Services Business Process Outscourcing, Communications of the ACM, Vol 47, No. 5 [2] Cover Story (http:/ / www.nasscom.

In/ Nasscom/ templates/ NormalPage.

Aspx?id=53402) [3] NASSCOM Announces Top-15 ITES-BPO Exporters Rankings for FY 09-10 (http:/ / www.nasscom.

In/ Nasscom/ templates/ NormalPage.

Aspx?id=59704) [4] Willcocks, L., Hindle, J., Feeny, D. & Lacity, M. 2004, IT and Business Process Outsourcing: The Knowledge Potential, Information Systems Management, Vol. 21, pp 7–15 [5] Gilley, K.M., Rasheed, A. 2000.

Making More by Doing Less: An Analysis of Outsourcing and its Effects on Firm Performance.

Journal of Management, 26 (4): 763-790. [6] Kakabadse, A., Kakabadse.

N. 2002.

Trends in Outsourcing: Contrasting USA and Europe.

European Management Journal Vol. 20, No. 2: 189–198 [7] Weerakkody, Vishanth, Currie, L.

Wendy and Ekanayake, Yamaya. 2003.

Re-engineering business processes through application service providers – challenges, issues and complexities.

Business Process Management Journal Vol. 9 No. 6: 776-794 [8] Leavy, B. 2004.

Outsourcing strategies: opportunities and risk.

Strategy and Leadership, 32 (6) : 20-25. [9] Tas, Jeroen, Sunder, Shyam. 2004.

Financial Services Business Process Outsourcing.comMUNICATIONS OF THE ACM Vol. 47, No. 5 [10] Fischer, L.M. 2001.

From vertical to Virtual; How Nortel’s Supplier Alliances Extend the enterprise [online].

Strategy+Business, Available from http:/ / press/ 16635507/ 11153 [Accessed 5 February 2008] [11] (Leavy 2004, 20-25) [12] Michel, Vaughan, Fitzgerald, Guy. 1997.

The IT outsourcing market place: vendors and their selection.

Journal of Information Technology 12: 223-237 [13] Adsit, D. (2009) Will a Toyota Emerge from the Pack of Me-Too BPO’s?, In Queue http:/ / pubs/ In_Queue/ vol3no21.

Html [14] Bunmi Cynthia Adeleye, Fenio Annansingh and Miguel Baptista Nunes. “Risk management practices in IS outsourcing: an investigation into commercial banks in Nigeria”, International Journal of Information Management 24 (2004): 167-180. [15] K.

Altinkemer, A.

Chaturvedi and R.

Gulati. “Information systems outsourcing: Issues and evidence”, International Journal of Information Management 14- 4 (1994): 252- 268. [16] Forbes Gibb, and Steven Buchanan. “A framework for business continuity management”, International Journal of Information Management 26- 2 (2006): 128- 141. [17] Chyan Yang and Jen-Bor Huang. “A decision model for IS outsourcing”, International Journal of Information Management 20- 3 (2000): 225- 239. [18] L.

Willcocks, M.

Lacity and G.

Fitzgerald. “Information technology outsourcing in Europe and the USA: Assessment issues”, International Journal of Information Management 15- 5 (1995): 333- 351. Business record 128 Business record A business record is a document that records a business dealing.

Business records include meeting minutes, memoranda, employment contracts, and accounting source documents.

It must be retrievable at a later date so that the business dealings can be accurately reviewed as required.

Since business is dependent upon confidence and trust, not only must the record be accurate and easily retrieved, the processes surrounding its creation and retrieval must be perceived by customers and the business community to consistently deliver a full and accurate record with no gaps or additions.

Most business records have specified retention periods based on legal requirements or internal company policies.

This is important because in many countries (including the United States) documents are required by law be disclosed to government regulatory agencies or to the general public.

Likewise, they may be discoverable if the business is sued.

Under the business records exception in the Federal Rules of Evidence, certain types of business records, particularly those made and kept with regularity, may be considered admissible in court despite containing hearsay. Business service management Business service management (BSM) is a methodology for monitoring and measuring information technology (IT) services from a business perspective; in other words, BSM is a set of management software tools, processes and methods to manage IT via a business-centered approach.[1] BSM technology tools are designed to help IT organizations view and manage technology environments to better support and maintain the main services they provide to the business.[2] BSM tools are critical enablers for the increasingly popular process that focuses on IT Service Management (ITSM) approach.

BSM consists of both structured process and enabling software.

The Information Technology Infrastructure Library (ITIL), a set of IT management frameworks and concepts, has recently identified BSM as a best practice for IT infrastructure management and operations.

BSM allows IT departments to operate by service rather than by individual configuration items or technology silo, enabling prioritization of efforts, ultimately improving the service that is delivered to the business or organization.

Major vendors who offer BSM software and services include Accelops,[3] BMC Software, HP Business Service Management software,[4] Oracle Enterprise Manager software,[5] IBM Tivoli Software, Novell Business Service Management [6][7] , Zyrion Traverse.,[8] CA Technologies Computer Associates, and Compuware.[9] [10] Touching on all the lifecycle processes within the Information Technology Infrastructure Library, BSM is a way to bring together many disparate processes and tools, and creating quantifiable improvement in efficiency and the ability to view technology as it is germane to business process.[11] Compared to traditional network monitoring BSM software is an outgrowth of network management systems as the software tracks the performance and availability of the networks components across a data center.[12] Traditional network management systems focus on measuring and monitoring the technical metrics and trends of IT applications and infrastructure.

The primary users of these systems are technicians and systems administrators in the IT operations organization.

Although these systems enable the IT operations team to identify problem areas from a technical point-of-view for a given piece of the infrastructure, significant gaps exist in determining the business impact of a specific problem.

For example, if a router and a server fail at the same time, these systems offer no way for the network operations center operator to determine which of these is more critical or which business services have been impacted by the failure of these devices. Business service management Additionally, newer technologies such as service-oriented architectures (SOA), virtualization, cloud computing, portal frameworks, grid architectures, and mashups within an organizations make troubleshooting and monitoring of business services very difficult.[13] A single business process or service may be supported by a number of composite applications, all of which could be dependent on a diverse set of distributed computing and communications elements.[14] An isolated issue anywhere in this complex web may impact one or more tasks in the business process.

Traditional network management systems and technology-centric monitoring approaches are incapable of determining the business impact of an issue in such a complicated infrastructure environment.

Newer BSM systems provide a unified view of the data center, allowing data center administrators to view and manage applications, networks and events, usually from a common dashboard.

This means data center managers can see and troubleshoot problems before business customers do.[15] 129 Business Management Methodology Although BSM is known as a methodology for information technology management by aligning IT services and the IT infrastructure supporting those services with business processes,[16] it is also a methodology for business management by helping businesses, including their IT departments, view their activities as services that are provided to external and internal customers.[17] BSM provides a critical framework to make sure that the work of customer-facing and internal teams within an organization is defined and transparent to their customers, who can then influence the functionality and quality of the services they receive.

BSM complements business process management (BPM) by helping an organization deliver more effective services across business processes.

Together, BSM and BPM form the basis for all-encompassing, full-stack process-optimization platforms.[18] BSM adds a service-centered view across business processes and facilitates economies of scale for services that contribute to multiple processes.[19] BSM also goes beyond IT service management (ITSM).

BSM helps organizations better understand the business services that operate on top of the IT infrastructure, combining IT and non-IT management tools into a cohesive system for service delivery.[20] BSM is team-focused and can be used by any team in an organisation to improve performance, based on ownership, pride, commitment and teamwork.[21] Through BSM, teams can formalise the services they provide as internal service level agreements (SLAs) or operational level agreements (OLAs).[22] BSM can also help teams review their “People, Process and Technology” capabilities and limitations to see how they can improve them and consequently improve the services they provide.[23] External links • • • • BSM Review [24] Bitpipe Tech Library [25] InformationWeek – IT Service Management Options [26] Business Service Management Hub [27] References — 147 References [1] Crosby, Philip B. (1979).

Quality is Free (http:/ / Quality-Mentor-Books-Philip-Crosby/ dp/ 0451622472/ ref=sr_1_1?s=books& ie=UTF8& qid=1297880287& sr=1-1).

McGraw Hill.

ISBN 0451622472. . [2] Nolan, Richard (July 1973). “Managing the computer resource: a stage hypothesis” (http:/ / portal. citation.

Cfm?id=362284).communications of the ACM (Association for Computing Machinery) 16 (7): 399–405.

Doi:10.1145/362280.362284. . [3] Humphrey, Watts (March 1988). “Characterizing the software process: a maturity framework” (http:/ / www.sei.


Edu/ reports/ 87tr011.


IEEE Software 5 (2): 73–79.

Doi:10.1109/52.2014. . [4] Humphrey, Watts (1989).

Managing the Software Process (http:/ / Managing-Software-Process-Watts-Humphrey/ dp/ 0201180952/ ref=sr_1_1?s=books& ie=UTF8& qid=1297880472& sr=1-1).

Addison Wesley.

ISBN 0201180952. . [5] Paulk, Mark C.; Weber, Charles V; Curtis, Bill; Chrissis, Mary Beth (February 1993). “Capability Maturity Model for Software, Version 1.1” (http:/ / www.sei.


Edu/ library/ abstracts/ reports/ 93tr024.


Technical Report (Carnegie Mellon University / Software Engineering Institute).

CMU/SEI-93-TR-024 ESC-TR-93-177. . [6] Paulk, Mark C.; Weber, Charles V; Curtis, Bill; Chrissis, Mary Beth (1995).

The Capability Maturity Model: Guidelines for Improving the Software Process (http:/ / Capability-Maturity-Model-Guidelines-Improving/ dp/ 0201546647/ ref=sr_1_1?s=books& ie=UTF8& qid=1297880523& sr=1-1).

Boston: Addison Wesley.

ISBN 0201546647. . External links • Official website ( • Capability Maturity Model ( Capability_Maturity_Model/) at the Open Directory Project Capacity management Capacity Management is a process used to manage information technology (IT).

Its primary goal is to ensure that IT capacity meets current and future business requirements in a cost-effective manner.

One common interpretation of Capacity Management is described in the ITIL framework.[1] ITIL version 3 views capacity management as comprising three sub-processes: business capacity management, service capacity management, and component capacity management (known as resource capacity management in ITIL version 2).

As the usage of IT Services change and functionality evolves, the amount of processing power, memory etc also changes.

If it is possible to understand the demands being made currently, and how they will change over time, this approach proposes that planning for IT Service growth becomes easier and less reactive.

If there are spikes in, for example, processing power at a particular time of the day, it proposes analyzing what is happening at that time and make changes to maximize the existing infrastructure, for example, tune the application, or move a batch cycle to a quieter period.

These activities are intended to optimize performance and efficiency, and to plan for and justify financial investments.

Capacity management is concerned with: • • • • • • Monitoring the performance and throughput or load on a server, server farm, or property Performance analysis of measurement data, including analysis of the impact of new releases on capacity Performance tuning of activities to ensure the most efficient use of existing infrastructure Understanding the demands on the Service and future plans for workload growth (or shrinkage) Influences on demand for computing resources Capacity planning – developing a plan for the Service Capacity management interacts with the discipline of Performance Engineering, both during the requirements and design activities of building a system, and when using performance monitoring as an input for managing capacity of deployed systems. Capacity management 148 References [1] ITIL Capacity Management (http:/ / index.

Php?page=Capacity_Management) – The ITIL Open Guide CatDV CatDV Developer(s) Stable release Square Box Systems Ltd. 8.1.10 / November 25, 2010 Operating system Mac OS X and Microsoft Windows License Website Proprietary [1] CatDV is an asset manager program for handling multimedia production workflow. Features CatDV is a scalable, cross-platform, multimedia asset database from UK-based software company, Square Box Systems Ltd.

It handles a wide range of file types, with enhanced support for video content.

CatDV includes media analysis tools and automatic scene detection to extract the metadata inherent in most media files, together with support for importing and exporting edit decision lists and other video-oriented file formats.

The software works on Mac and Windows platforms and is designed to work as a librarian, logging and workflow improvement tool for non-linear editing systems.

The software provides a searchable catalogue for the large number of multimedia file types that exist, with log notes and thumbnails available using either on-line or off-line lower resolution proxy videos.

The off-line file browsing facility enables re-use in multiple projects, especially when network connectivity or bandwidth issues apply.

CatDV can be used as a standalone regular desktop application or, for networked operation via the optional CatDV Server. Versions The full family of CatDV Products is as follows: CatDV Standalone Products • CatDV 8.1 Standard Edition • CatDV 8.1 Pro – Professional Edition • CatDV Live Capture Plus 2.2 CatDV Networked Products • CatDV Pro Workgroup Server – available for most common server platforms including Linux, Windows and Mac OS X. • CatDV Enterprise Server – for MySQL or Oracle databases and most common server platforms including Linux, Windows and Mac OS X. • Worker Node 3.0 – automatic file processing based on changes occurring in specified “watch” folders.

For Windows and Mac OS X. — 151 Merger During the late 1990s, its strategic role was eroded by the Cabinet Office’s Central IT Unit (CITU – created by Michael Heseltine in November 1995), and in 2000 CCTA was fully subsumed into the Office of Government Commerce (OGC). [2] Current organisations tasked for similar functions Since then, the non-procurement IT / Telecommunications coordination role has remained in the Cabinet Office, under a number of successive guises: • The Office of the E-Envoy (OeE) • The eGovernment Unit (eGU) • The Transformational Government (TG) Group Activities CCTA was the sponsor of a number of methodologies, including: • Structured Systems Analysis and Design Method (SSADM) • PRojects IN Controlled Environments (PRINCE, PRINCE2), which is an evolution of PROMPT, a project management method created by Simpact Systems Ltd in 1975 that was adopted by CCTA in 1979 for Government information system projects • Information Technology Infrastructure Library (ITIL), which has largely evolved through BS15000 into the ISO20000 series • The CCTA Risk Analysis and Management Method (CRAMM)[3] , developed at the request of the Cabinet Office in 1985 In addition to the development of methodologies, CCTA produced a comprehensive set of managerial guidance covering the development of Information Systems under 5 major headings: A. – Management and Planning of IS; B. – Systems Development; C. – Service Management; D – Office Usrs; E. – IS Srvices Industry.

The guidance consisted of 27 individual guides and were published commercialy as “The Information Systems Guides” (ISBN 0-471-92556-X) by John Wiley and Sons.

The publication is no longer available, although 1 or 2 copies are still thought to exist with exc-members of CCTA.

This guidance was developed from the practical experience and lessons learned from many UK Government Departments in planning, designing, implementing and monitoring Information Systems and was highly regarded as “best practice”.

Some parts were translated into other European languages and adopted as national standards.

It also was involved in technical developments, for instance as the sponsor of Project Spaceman in the mid 1980s.

Under Project Spaceman, the ICL Defence Technology Centre (DTC), working closely with technical staff from CCTA and key security-intensive projects in the Ministry of Defence (such as OPCON CCIS) and in other sensitive Central Computer and Telecommunications Agency departments, developed an enhanced security variant of VME.

It managed (ran the servers) of UK national government websites, including those such as the Royal Family’s and 152 Structure CCTA’s Headquarters were based in London at Riverwalk House, Vauxhall Bridge Road, SW1, since used by the [Government Office for London].

This housed the main Divisions with a satellite office in Norwich which focused on IS/IT Procurement – a function which had been taken over from HMSO (the Stationery Office) when CCTA was formed.

The office in Norwich was in the east of the city, off the former A47 (now A1042 [4]), just west of the present A47 interchange near the former St Andrew’s Hospital [5].

The site is now used by the OGC.

The HQ in London had four divisions: • • • • Project support – major IT programmes – software engineering Specialist support – evaluation of individual items of hardware and software Strategic Planning and Promotion – project management and office technology (hardware and office automation) Advance Technology – telecommunications and advanced technology (latest generation of computers) References [1] New DfEE website (http:/ / news.



Uk/ 1/ hi/ education/ 226689.

Stm) [2] Office of Government Commerce Open for Business (http:/ / www.ogc.


Uk/ 7023_4215.

Asp) – OGC press release, retrieved 28 August 2007 [3] History of CRAMM (http:/ / overview/ history.

Htm) [4] http:/ /

Uk/ photo/ 1179929 [5] http:/ /

Uk/ photo/ 91349 Change Management (ITSM) 153 Change Management (ITSM) Change Management is an IT Service Management discipline.

The objective of Change Management in this context is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to control IT infrastructure, in order to minimize the number and impact of any related incidents upon service.

Changes in the IT infrastructure may arise reactively in response to problems or externally imposed requirements, EG legislative changes, or proactively from seeking improved efficiency and effectiveness or to enable or reflect business initiatives, or from programs, projects or service improvement initiatives.

Change Management can ensure standardized methods, processes and procedures which are used for all changes, facilitate efficient and prompt handling of all changes, and maintain the proper balance between the need for change and the potential detrimental impact of changes. ITIL Change Management within ITSM (as opposed to software engineering or project management) is often associated with ITIL, but the origins of change as an IT management process predate ITIL considerably, at least according to the IBM publication A Management System for the Information Business.[1] In the ITIL framework, change management is responsible for controlling change to all configuration items in the configuration management database, (or “CIs” in the CMDB) within the live environment, test and training environments (all environments under the control of ‘ICT Operations’.

It is not typically responsible for change within development projects (see below).† Change management in development projects ITSM Change Management is not typically responsible for overseeing changes that occur within deployment or development projects which are typically delegated to a change management process dictated by the project management methodology adopted for the project.

However close liaison between development project managers and the Change Manager is expected and the project manager may be required to utilize Change Management for items within the production or test environments that are required for testing or release. Process overview Change Management would typically be composed of the raising and recording of changes, assessing the impact, cost, benefit and risk of proposed changes, developing business justification and obtaining approval, managing and co-ordinating change implementation, monitoring and reporting on implementation, reviewing and closing change requests.

ITIL defines the change management process this way: The goal of the Change Management process is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes, in order to minimize the impact of change-related incidents upon service quality, and consequently improve the day-to-day operations of the organization.

ISO 20000 defines the objective of Change management (part 1, 9.2) as: To ensure all changes are assessed, approved, implemented and reviewed in a controlled manner.

Change management is responsible for managing change process involving: • Hardware • Communications equipment and software • System software • All documentation and procedures associated with the running, support and maintenance of live systems. Change Management (ITSM) Any proposed change must be approved in the change management process.

While change management makes the process happen, the decision authority is the Change Advisory Board (CAB), which is made up for the most part of people from other functions within the organization.

The main activities of the change management are: • • • • • Filtering changes Managing changes and the change process Chairing the CAB and the CAB/Emergency committee Reviewing and closing of Requests for Change (RFCs) Management reporting and providing management information 154 Controversies The ITIL concept of Change Management includes developing business justification.

This is a broadening of scope from other concepts of Change Management, and overlaps into the concerns of IT portfolio management and those areas covered by the initiation phases within programme management and project management.

For example, the IBM “Yellow Book” conception of Change Control (as a subset of Resource Control) was strictly concerned with the transfer of deliverables from projects into production.[2] Similarly, Schiesser in IT Systems Management defines Change Management as “a process to control and coordinate all changes to an IT production environment.” [3] References [1] IBM Global Services (2003). “IBM and the IT Infrastructure Library” (http:/ / www-935. services/ au/ igs/ pdf/ wp-g510-3008-03f-supports-provides-itil-capabilities-solutions.

Pdf) (PDF). .

Retrieved 2007-12-10. [2] IBM (1980).

A Management System for the Information Business.

White Plains, New York: IBM. [3] Schiesser, Rick, 2002.

IT Systems Management.

New Jersey, Prentice Hall.

ISBN 0-13-087678-X External links • Change management auditing 155 Change management auditing Change management is an auditing procedure for mitigating risks associated with the changes made to an IT system.

Limiting unauthorized changes and having proper segregation of duties controls in place is essential to reduce the risk of implementing IT changes into production environments which could contain untested errors, malicious code, segregation of duties violations, any of which could ultimately result in negatively impacting critical IT systems for a company.

Change management is an essential component to a company’s IT security. Change risks Proper change control auditing can mitigate the following risks: • • • • Security features of the network turn off.

Harmful code is distributed to users.

Sensitive data is lost or becomes insecure.

Financial report errors occur. Control procedure — Closed Loop Lifecycle Management Closed Loop Lifecycle Management (CL2M) is a natural development and extension of PLM (Product Lifecycle Management).

The concept of CL2M was first adopted during the EU funded PROMISE project (http:/ /

A consortium of 22 organisations set out to close the gaps in information flow between the various stages of life of any product, IE BOL – Beginning of Life MOL – Middle of Life EOL – End of Life.

It involves collecting identification and sensor data, plus any other kind of useful ‘lifecycle event’ data.

This is then filtered and aggregated into meaningful information.

The information may then be converted into knowledge by applying decision support or other analysis routines.

Ultimately the resulting knowledge may be fed back into the various processes which make up the total life of the product or service.

The end result of the PROMISE project was the basis of a technology independent and vendor neutral architecture that will lend itself to not only products but also services and healthcare.

A standardisation effort is being initiated in cooperation with The Open Group (http:/ / qlm).

Currently organisations interested in joining this effort should make contact using the link just given.

A CL2M community site (http:/ / has been established to provide a single information exchange for unbiased information on the wide range of complex technologies and disciplines that this approach demands. COBIT COBIT is a framework created by ISACA.

It is a framework for information technology (IT) management and IT Governance.

It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Overview COBIT was first released in 1996, the current version, COBIT 4.1 was published in 2007 and is currently being updated (COBIT 5 [1]).

Its mission is “to research, develop, publicize and promote an authoritative, up-to-date, international set of generally accepted information technology control objectives for day-to-day use by business managers, IT professionals and assurance professionals.”. [2] COBIT defines 34 generic processes to manage IT.

Each process is defined together with process inputs and outputs, key process activities, process objectives, performance measures and an elementary maturity model.

The framework supports governance of IT by defining and aligning business goals with IT goals and IT processes. COBIT Framework The framework provides good practices across a domain and process framework.

The business orientation of COBIT consists of linking business goals to IT goals, providing metrics and maturity models to measure their achievement, and identifying the associated responsibilities of business and IT process owners.

The process focus of COBIT is illustrated by a process model that subdivides IT into four domains (Plan and Organize, Acquire and Implement, Deliver and Support and Monitor and Evaluate) and 34 processes in line with the responsibility areas of plan, build, run and monitor.

COBIT is focused on what is required to achieve adequate management and control of IT, and is positioned at a high level.

It has been aligned and harmonized with other, more detailed, IT standards and good practices as COSO, ITIL, ISO 27000, CMMI, TOGAF and PMBOK.

COBIT acts as an integrator of these different guidance materials, summarizing key objectives under one umbrella framework that link the good practice models with governance and business requirements. COBIT 158 Releases COBIT has had four major releases: • In 1996, the first edition of COBIT was released. • In 1998, the second edition added “Management Guidelines”. • In 2000, the third edition was released. • In 2003, an on-line version became available. • In December 2005, the fourth edition was initially released. • In May 2007, the current 4.1 revision was released. Components The COBIT components include:: • Framework: Organise IT governance objectives and good practices by IT domains and processes, and links them to business requirements • Process descriptions: A reference process model and common language for everyone in an organisation.

The processes map to responsibility areas of plan, build, run and monitor. • Control objectives: Provide a complete set of high-level requirements to be considered by management for effective control of each IT process. • Management guidelines: Help assign responsibility, agree on objectives, measure performance, and illustrate interrelationship with other processes • Maturity models: Assess maturity and capability per process and helps to address gaps.

Other ISACA Publications [3] based on the COBIT framework include: • • • • • • • • • • • • Board Briefing for IT Governances, 2nd Edition COBIT and Application Controls COBIT Control Practices, 2nd Edition IT Assurance Guide: Using COBIT Implementing and Continually Improving IT Governance COBIT Quickstart, 2nd Edition COBIT Security Baseline, 2nd Edition IT Control Objectives for Sarbanes-Oxley, 2nd Edition IT Control Objectives for Basel II COBIT User Guide for Service Managers COBIT Mappings (to ISO/IEC 27002, CMMI, ITIL, TOGAF, PMBOK etc.) COBIT Online COBIT 159 COBIT and Sarbanes Oxley Companies that are publicly traded in the US are subject to the Sarbanes-Oxley Act of 2002.

COBIT is the framework used by most companies to comply with Sarbanes-Oxley. References • • • • ISACA [4] Custodians of COBIT COBITCampus [5] COBIT education provided by ISACA ISO/IEC 20000 international standard for IT Service Management ISO/IEC 27000 Information Security Management Systems standards Notes [1] http:/ / cobit5 [2] ITGI. “COBIT 4.1 Executive Summary” (http:/ / Knowledge-Center/ cobit/ Documents/ COBIT4.


COBIT 4.1 Executive Summary.

ITGI. . [3] http:/ / Knowledge-Center/ cobit/ Pages/ Products.

Aspx [4] http:/ / [5] http:/ / cobitcampus. Computer-aided facility management — Management of permits and other documentation required for the processing of safety requirements.

These safety requirements can include Lockout-Tagout, confined space, foreign material exclusion (FME), electrical safety, and others. System integration CMMS packages often link to enterprise software and process control systems: • • • • • Scheduling Fixed assets Details the machines being maintained and their associated tooling Parts inventory / Parts locations / purchasing Costing SCADA Scheduled maintenance based on number of units of output or condition of machines Configuration Management (ITSM) 172 Configuration Management (ITSM) Configuration Management (CM) is an Information Technology Infrastructure Library (ITIL) IT Service Management (ITSM) process that tracks all of the individual Configuration Items (CI) in an IT system which may be as simple as a single server, or as complex as the entire IT department.

In large organizations a configuration manager may be appointed to oversee and manage the CM process. Configuration Item A Configuration item (CI) is an IT asset or a combination of IT assets that may depend and have relationships with other IT processes.

A CI will have attributes which may be hierarchical and relationships that will be assigned by the configuration manager in the CM database. CI attributes 1.

Technical – Data that describes the CI’s capabilities which include software version and model numbers, hardware and manufacturer specifications and other technical details like networking speeds and data storage size.

Keyboards, mice and cables are considered consumables. 2.

Ownership – Part of financial asset management, ownership attributes record purchase date, warranty, location and responsible person for the CI.

Identification numbers like bar codes and type, like software, hardware and documentation are also ownership attributes. 3.

Relationship – The relationships between hardware items (EG a printer), software (EG drivers), and users (IE Alice). Configuration Management Database The fundamental component of CM is the CM database (CMDB) which contains the CI information and is used to understand the CI relationships and track their configuration and more Activities The information in the CMDB is used for five basic activities: 1.

Planning: The CM plan covers the next three to six months in detail, and the following twelve months in outline.

It is reviewed at least twice a year and will include a strategy, policy, scope, objectives, roles and responsibilities, the CM processes, activities and procedures, the CMDB, relationships with other processes and third parties, as well as tools and number of CI categories to track in the CMDB determines the scope.

The detail of the CI information is the depth. 2.

Identification: The selection, identification and labeling of all CIs which creates a parts list of every CI in the system.

This covers the recording of information about CI’s, including hardware and software versions, documentation, ownership and other unique identifiers.

CIs should be recorded at a level of detail justified by the business need, typically to the level of “independent change”.

This includes defining the relationships of the CIs in the system. 3.

Control: This gives the assurance that only authorized and identifiable CIs are accepted and recorded from receipt to disposal.

It ensures that no CI is added, modified, replaced or removed without the appropriate controlling documentation EG approved Requests for Change of a CI, updated specification.

All CIs will be under Change Management (ITSM) control. 4.

Monitoring: Concerned with each CI throughout its life-cycle.

It enables changes to CIs and tracking of their records through various statuses, EG ordered, received, under test, live, under repair, withdrawn or for disposal. Configuration Management (ITSM) 5.

Verification: The reviews and audits that verify the physical existence of CIs, and checks that they are correctly recorded in the CMDB and parts list.

It includes the process of verifying Release Management (ITSM) and CM documentation before changes are made to the live environment. 173 Configuration management database A configuration management database (CMDB) is a repository of information related to all the components of an information system.

It contains the details of the configuration items (CI) in the IT infrastructure.

Although repositories similar to CMDBs have been used by IT departments for many years, the term CMDB stems from ITIL.

In the ITIL context, a CMDB represents the authorized configuration of the significant components of the IT environment.

A CMDB helps an organization understand the relationships between these components and track their configuration.

The CMDB is a fundamental component of the ITIL framework’s Configuration Management process.

CMDB implementations often involve federation, the inclusion of data into the CMDB from other sources, such as Asset Management, in such a way that the source of the data retains control of the data.

Federation is usually distinguished from Extract, transform, load (ETL) solutions in which data is copied into the CMDB.

The CMDB records CIs and details about the important attributes and relationships between CIs.

Configuration managers usually describe CIs using three configurable attributes: 1.

Technical 2.

Ownership 3.

Relationship A key success factor in implementing a CMDB is the ability to automatically discover information about the CIs (auto-discovery) and track changes as they happen.

CMDBs contain metadata, and thus the concept overlaps with that of a metadata repository which are both used in running large IT organizations.

Configuration management addresses how the data is to be kept up to date, which has historically been a weakness of metadata repositories. Federated CMDBs Information-technology managers can use a federated CMDB – an enterprise-level CMDB – to accumulate information about configurations, changes and other data from disparate sources.[1] The goal is to enable management data providers to integrate their data into a coherent, seamless CMDB, using an industry-standard interface.[2] The architecture for this standard was proposed in a 2007 white paper, written by representatives from several CMDB vendors: ASG, BMC Software, CA, Fujitsu, HP Software Division, IBM and Microsoft.[3] These members represented the CMDB Federation Workgroup, or CMDBf.[4] In 2009, the Distributed Management Task Force (DMTF) standardized the CMDBf specification to provide a cross-vendor, standardized solution for federating system-management data.[5] Configuration management database 174 References • Office of Government Commerce (OGC), ed.: Service Support.

IT Infrastructure Library (ITIL).

The Stationery Office, Norwich, UK (2000) • OGC, ed.: Introduction to ITIL.

IT Infrastructure Library.

The Stationery Office (2005) [1] [2] [3] [4] [5] “The federated CMDB vision.” (http:/ / features. networking/ 3221/ the-federated-cmdb-vision/ ) The Federated CMDB Vision white paper. (http:/ / CMDB-Federation-white-paper-vision-v1. 0.

Pdf) The Federated CMDB Vision white paper. (http:/ / CMDB-Federation-white-paper-vision-v1. 0.

Pdf) CMDBf Workgroup (http:/ / ) Configuration Management Database (CMDB) Federation Specification (http:/ / xml. DMTF-DSP0252-CMDB-Federation.

Pdf) External links • LiveTime’s Cloud based CMDB ( configuration-management-cmdb/) • How to build a CMDB ( with open source software • Get your OpenSource CMDB with iTop. ( iTop is developed by Combodo a French OpenSource Software editor • IBM Tivoli Configuration and Change Management Database IBM CCMDB • HP Universal CMDB ( cp=1-11-15-25^1059_4000_100__&jumpid=reg_R1002_USEN) • Configuration Management Database (CMDB) Federation Specification ( DMTF-DSP0252-CMDB-Federation.pdf) • CMDBuild – Configuration and Management Database Open Source ( • i-doit Open Source CMDB ( • CMDB ( References Consumer privacy 175 Consumer privacy Consumer privacy laws and regulations seek to protect any individual from loss of privacy due to failures or limitations of corporate customer privacy measures.

They recognize that the damage done by privacy loss is typically not measurable, nor can it be undone, and that commercial organizations have little or no interest in taking unprofitable measures to drastically increase privacy of customers – indeed, their motivation is very often quite the opposite, to share data for commercial advantage, and to fail to officially recognize it as sensitive, so as to avoid legal liability for lapses of security that may occur.

Consumer privacy concerns date back to the first commercial couriers and bankers, who in every culture took strong measures to protect customer privacy, but also in every culture tended to be subject to very harsh punitive measures for failures to keep a customer’s information private.

The Hippocratic Oath includes a requirement for doctors to avoid mentioning ills of patients to others, not only to protect them, but to protect their families – the same basic idea as modern consumer privacy law and regulation, which recognizes that innocent third parties can be harmed by the loss of control of sensitive information, and that therefore there is a responsibility beyond that to the ‘customer’ or ‘client’.

Today the ethical codes of most professions very clearly specify privacy measures beyond that for the ‘consumer’ of an arbitrary service.

Those measures are discussed in other articles on medical privacy, client confidentiality and national security – and to a degree in carceral state (where no privacy in any form nor limits on state oversight or data use exist).

Modern consumer privacy law in a recognizable form originated in telecom regulation, when it was recognized that a telco, especially a monopoly (known in most nations as a PTT), had access to unprecedented levels of information about not only the direct customer’s communications habits and correspondents, but also that of those who shared his or her household.

It was also often the case that telephone operators could hear conversations, inadvertently or deliberately, and were required to dial the exact numbers.

The data gathering required for billing began to become an obvious privacy risk as well.

Accordingly, strong rules on operator behavior, customer confidentiality, records keeping and destruction were enforced on telcos in every country.

Typically only police and military authorities had powers to ‘wiretap’ or see records.

Even stricter requirements emerged for banks’ electronic records – in some countries financial privacy is a major focus of the economy, and penalties for violating it are severe and criminal penalties applied.

In Austria in the 1990s mere mention of a client’s name in a semi-public social setting was enough to earn a junior bank executive a stiff jail sentence.

Through the 1970s many other organizations in developed nations began to acquire sensitive data, but there were few or no regulations in place to prevent them from sharing or abusing it.

Customer trust and goodwill was generally thought to be sufficient in some nations, notably the United States, to ensure protection of truly sensitive data. ‘Caveat emptor’ applied.

But in the 1980s much smaller organizations began to get access to computer hardware and software, and these simply did not have the procedures or personnel or expertise, nor less the time, to take rigorous measures to protect their customers.

Meanwhile, via target marketing and rewards programs, they were acquiring ever more data.

Gradually, customer privacy measures alone proved insufficient to deal with the many hazards of corporate data sharing, corporate mergers, employee turnover, theft of hard drives or other data-carrying hardware from work.

Talk began to turn to explicit regulation, especially in the European Union, where each nation had laws that were incompatible, EG some restricted the collection, some the compilation, and some the dissemination of data, and it was possible to violate anyone’s privacy within the EU simply by doing these things from different places in the European Common Market as it existed before 1992.

Through the 1990s the proliferation of mobile telecom (which typically bills every call), the introduction of customer relationship management and the use of the Internet by the public in all developed nations, brought the situation to a Consumer privacy head, and most countries had to implement strong consumer privacy laws, usually over the objections of business.

The European Union and New Zealand passed particularly strong laws that were used as a template for more limited laws in Australia and Canada and some states of the United States (where no federal law for consumer privacy exists, although there are requirements specific to banking and telecom privacy).

After the September 11, 2001, terrorist attacks on the United States, privacy took a back-seat to national security in most legislators’ minds.

Accordingly concerns of consumer privacy in the United States have tended to go unheard as questions of citizen privacy versus the state, and the development of a police state or carceral state, have occupied advocates of strong privacy measures.

Whereas it may have appeared prior to 2002 that commercial organizations and the consumer data they gathered were of primary concern, it has appeared since then in most developed nations to be much less of a concern than political privacy and medical privacy, EG as violated by biometrics.

Indeed, people have been stopped at airports solely due to their political views recently (see No-fly list) and there appears to be little public will to stop practices of this nature.

Privacy of body or habits may be ‘dead’, for all practical purposes, until political approaches or threats change. 176 Customer privacy — Needs • • • • • • More and smaller changes–mean less risk Giving developers more environment control Giving infrastructure more application-centric understanding Clearly articulating simple processes Automating as much as possible Collaboration between dev and ops In summary, as companies seek to streamline the cumbersome transition between development and operations, they typically confront 3 different types of problems: Release Management Problems Companies with release management problems are looking for better release planning than spreadsheets.

They want an easy way to understand release risks, dependencies, stage gates adherence and an ensure compliance.

Release/Deployment Coordination Problems Teams with release/deployment coordination problems are focused on better execution of release/deployment events.

They want better tracking of discrete activities, faster escalation of issues, documented process control and granular reporting.

Release/Deployment Automation Problems Companies with release/deployment automation problems usually have existing automation but want to more flexibly manage and drive this automation – without needing to enter everything manually at the command-line.

Ideally, this automation can be invoked by non-operations resources in specific non-production environments.

One way to start streamlining release process is to identify which of the above problems is the overall team’s highest priority. Release coordinator A relatively new role in enterprise IT which is primarily tasked with coordinating deployments of enterprise software to pre-production environments.

The need for the release coordinator has been driven by: 1. 2. 3. 4.

The need to fill the Devops “gap” Increased infrastructure complexity – multiple layers and platforms which form web applications Growth in rate of releases – due to agile and iterative development Distributed teams – globally deployed, outsourced and hybrid development, testing and infrastructure teams The release co-ordinator role (also referred to as a deployment or integration co-ordinator) has emerged from the release management or release engineering teams.

This role is similar to an air traffic controller—performing real time co-ordination activities across diverse teams to achieve a group goal (safe landing and take-off) using shared resources (airspace, flight paths, airport runways, and terminal gates).

Release co-ordination contrasts with release management, which is often focused on planning and reporting on software changes, in order to control the release of specific application changes into production.

Release engineering DevOps is concerned with the systematic and technical work related to building and deploying code into environments.

Change management is the infrastructure discipline for tracking all types of changes in the enterprise IT environment—including both application and infrastructure changes.

Change management is a core part of ITIL v3. 218 Criticisms of Devops Some in the IT blogging field have cited criticisms of the “Devops” label as just a primarily elitist sysadmin club to rebrand an existing problem[23] or a marketing scheme to sell already well-understood methodologies. [24] References [1] Pant, Rajiv (2009-03-17). “devops” (http:/ / blog/ 2009/ 03/ 17/ technology-department/ ).organizing a Technology Department. . [2] Samovskiy, Dmitriy (2010-03-02). “The Rise of devops” (http:/ / 2010/ 03/ 02/ the-rise-of-devops/ ).

Fubaredness Is Contagious. . [3] Edwards, Damon. “What is devops?” (http:/ / blog/ 2010/ 2/ 22/ what-is-devops.

Html). . [4] Vambenepe, William. “Steve Ballmer gets Cloud” (http:/ / stage. archives/ 1393). . [5] Lyman, Jay. “devops mixing dev, ops, agile, cloud, open source and business” (http:/ / blogs. opensource/ 2010/ 03/ 03/ devops-mixing-dev-ops-agile-cloud-open-source-and-business/ ). 451 CAOS Theory. . [6] Nasrat, Paul. “Agile Infrastructure” (http:/ / presentations/ agile-infrastructure).

InfoQ. .

Retrieved 31 March 2011. [7] http:/ / [8] Debois, Patrick. “devops Cafe Episode 12” (http:/ / show/ 2010/ 9/ 15/ episode-12.


Devops Cafe. .

Retrieved 31 March 2011. [9] Debois, Patrick. “Devops Days Ghent 2009” (http:/ / events/ 2009-ghent/ ).

DevopsDays. .

Retrieved 31 March 2011. [10] Debois, Patrick. “Devops Days” (http:/ / ).

Devops Days. .

Retrieved 31 March 2011. [11] Turnbull, James. “What Devops means to me…” (http:/ / 2010/ 02/ what-devops-means-to-me/ ). . [12] “10+ Deploys Per Day: Dev and Ops Cooperation at Flickr” (http:/ / jallspaw/ 10-deploys-per-day-dev-and-ops-cooperation-at-flickr). . [13] “SAM SIG: Applied Lean Startup Ideas: Continuous Deployment at kaChing” (http:/ / index.


EventDetail& eventID=13703).

SDForum. . [14] “Applied Lean Startup Ideas: Continuous Deployment at kaChing” (http:/ / pascallouis/ applied-lean-startup-ideas-continuous-deployment-at-kaching). . [15] “Devops Group” (http:/ / groups?mostPopular=& gid=2825397).

LinkedIn. . [16] “Devops Days 2009 Conference” (http:/ / ghent09/ programme/ ). . [17] Edwards, Damon. “Devops Meetup Recap” (http:/ / blog/ 2010/ 4/ 26/ devops-meetup-recap.

Html). . [18] Lyman, Jay. “Devops mixing dev, ops, agile, cloud, open source and business” (http:/ / blogs. opensource/ 2010/ 03/ 03/ devops-mixing-dev-ops-agile-cloud-open-source-and-business/ ). 451 CAOS Theory. . [19] “Virtual Infrastructure products: features comparison” (http:/ / www.it20.

Info/ misc/ virtualizationscomparison.


Welcome to IT 2.0: Next Generation IT infrastructures. . [20] Ellard, Jennifer. “Bringing Order to Chaos through Data Center Automation” (http:/ / infodirect/ 20071026/ 10000120-1.


Information Management.

SourceMedia, Inc.. . [21] Debois, Patrick. “The leaning of life – History of the Silos” (http:/ / www.jedi.

Be/ blog/ 2010/ 06/ 07/ the-leaning-of-life/ ). . [22] Booth, David. “How to Measure the Effects of Development + Operations improvements, an OpenSpace conversation” (http:/ / blog/ how-to-measure-the-effectiveness-of-implementing-devops). . [23] Nelson-Smith, Stephen. “What Is This Devops Thing, Anyway?” (http:/ / www.jedi.

Be/ blog/ 2010/ 02/ 12/ what-is-this-devops-thing-anyway/ ). . [24] Dziuba, Ted. “Devops Is a Poorly Executed Scam” (http:/ / 2011/ 03/ devops-scam.

Html). . Digital asset management 219 Digital asset management Digital asset management (DAM) consists of management tasks and decisions surrounding the ingestion, annotation, cataloguing, storage, retrieval and distribution of digital assets.

Digital photographs, animations, videos and music exemplify the target-areas of media asset management (a sub-category of DAM).[1] Digital asset management systems (DAMS) include computer software and hardware systems that aid in the process of digital asset management.

The term “digital asset management” (DAM) also refers to the protocol for downloading, renaming, backing up, rating, grouping, archiving, optimizing, maintaining, thinning, and exporting files.

The “media asset management” (MAM) sub-category of digital asset management mainly addresses audio, video and other media content.

The more recent concept of enterprise content management (ECM) often deals with solutions which address similar features but in a wider range of industries or applications.[2] Smaller DAM systems are easier to categorize as to content and usage since they normally operate in a particular operational context.

This would hold true for systems attached to audio or video production systems.

The key differentiators here are the type of decoders and I/O (input/output) used for the asset ingest, use and outgest.

Since metadata describes the essence (and proxy copies), the metadata can serve as a guide to the playout decoders, transcoders, and channels as well as an input to access control rules.

This means that the essence can be treated as a non-described storage object except when being accessed for viewing or editing.

There is relevance to this when considering the overall design and use of larger implementations.

The closer the asset is to the ingest/edit/playout tool, the greater the technical architecture needs to accommodate delivery requirements such as bandwidth, latency, capacity, access control, availability of resources, etc.

The further the asset moves into a general storage architecture (EG hierarchical storage management [HSM]) the more it can be treated as a general blob (binary large object) that is typically held in the filesystem, not the database.

The impact of this set of needs means that it is possible and reasonable to design larger systems using smaller, more expensive performance-systems at the edge of the network where the essence is being used in its intended form and less expensive systems further back for storage and archival.

This type of design exemplifies Infrastructure Convergence Architecture, where the line-of-business operations technology and IT technologies depend on one another for functional and performance (non-functional) requirements. — Reproduction Document/image reproduction is key when thinking about implementing a system.

It’s all well and good being able to put things in, but how are you going to get it out? An example of this is building plans.

How will plans be scanned and scale be retained when printed? Document management system 239 Standardization Many industry associations publish their own lists of particular document control standards that are used in their particular field.

Following is a list of some of the relevant ISO documents.

Divisions ICS 01.140.10 and 01.140.20.[5] [6] The ISO has also published a series of standards regarding the technical documentation, covered by the division of 01.110.[7] ISO 2709 Information and documentation — Format for information exchange ISO 15836 [8] Information and documentation — The Dublin Core metadata element set ISO 15489 [9] Information and documentation — Records management ISO 21127 [10] Information and documentation — A reference ontology for the interchange of cultural heritage information • ISO 23950 Information and documentation — Information retrieval (Z39.50) — Application service definition and protocol specification • ISO 10244 [11] Document management — Business process baselining and analysis • ISO 32000 Document management — Portable document format • • • • Document Control Compliance adds requirements that transform document management into a document control issue.

Document control is a regulatory requirement within accounting (EG, 8th EU Directive, Sarbanes-Oxley), food safety (EG, Food Safety Modernization Act), ISO (mentioned above), Medical device manufacturing (FDA), Healthcare (JCAHO), and Information technology (ITIL)[12] .

Your documents — procedures, work instructions, policy statements, etc. — provide evidence of documents under control .

Failing to comply could cause fines, the loss of business, or damage to your business reputation.

The basic requirement for document control require that you establish and document a procedure for: • • • • • • Reviewing and approving documents prior to release Reviews and approvals Ensuring changes and revisions are clearly identified Ensuring that relevant versions of applicable documents are available at their “points of use” Ensuring that documents remain legible and identifiable Ensuring that external documents like customer supplied documents or supplier manuals are identified and controlled • Preventing “unintended” use of obsolete documents References [1] Papergear: Electronic Document Management Systems, (http:/ / xerox-news/ electronic-document-management-systems.

Html?SSScrollPosition=0) [2] International Organization for Standardization. “01.140.40: Publishing” (http:/ / iso/ products/ standards/ catalogue_ics_browse.

Htm?ICS1=01& ICS2=140& ICS3=40& ). .

Retrieved 14 July 2008. [3] International Organization for Standardization. “35.240.30: IT applications in information, documentation and publishing” (http:/ / iso/ catalogue_ics_browse?ICS1=35& ICS2=240& ICS3=30& ). .

Retrieved 14 July 2008. [4] OnSphere Corporation. “SOP Document Management in a Validated Environments” (http:/ / docushare/ dsweb/ Get/ Document-9101/ Standard Operation Procedure (SOP) Document Management in Validated Environments.

Pdf). .

Retrieved 25 April 2011. [5] International Organization for Standardization. “01.140.10: Writing and transliteration” (http:/ / iso/ products/ standards/ catalogue_ics_browse.

Htm?ICS1=01& ICS2=140& ICS3=10& ). .

Retrieved 14 July 2008. [6] International Organization for Standardization. “01.140.20: Information sciences” (http:/ / iso/ products/ standards/ catalogue_ics_browse.

Htm?ICS1=01& ICS2=140& ICS3=20& ). .

Retrieved 14 July 2008. [7] International Organization for Standardization. “01.110: Technical product documentation” (http:/ / iso/ products/ standards/ catalogue_ics_browse.

Htm?ICS1=01& ICS2=110& ). .

Retrieved 15 July 2008. [8] http:/ / iso/ iso_catalogue/ catalogue_tc/ catalogue_detail.

Htm?csnumber=52142 Document management system [9] http:/ / iso/ iso_catalogue/ catalogue_tc/ catalogue_detail.

Htm?csnumber=31908 [10] http:/ / iso/ iso_catalogue/ catalogue_tc/ catalogue_detail.

Htm?csnumber=34424 [11] http:/ / iso/ iso_catalogue/ catalogue_tc/ catalogue_detail.

Htm?csnumber=45935 [12] Anderson, Chris.

Is Document Control Really That Important? (http:/ / blog/ standards/ is-document-control-really-that-important.

Html), Bizmanualz, December 17th, 2010. 240 External links • Software/Document Management ( at the Open Directory Project • Miles L.

Mathieu, Ernest A.

Capozzoli (2002) (PDF).

The Paperless Office: Accepting Digitized data (http:// Office_Troy State.pdf).

Troy State University. • Kevin Craine.

Excerpts from Designing a Document Strategy (


Craine Communications Group. Dot-com bubble The dot-com bubble (or sometimes IT bubble[1] or TMT bubble) was a speculative bubble covering roughly 1995–2000 (with a climax on March 10, 2000 with the NASDAQ peaking at 5132.52 in intraday trading before closing at 5048.62) during which stock markets in industrialized nations saw their equity value rise rapidly from growth in the more recent Internet sector and related fields.

While the latter part was a boom and bust cycle, the Internet boom is sometimes meant to refer to the steady commercial growth of the Internet with the advent of the world wide web, as exemplified by the first release of the Mosaic web browser in 1993, and continuing through the 1990s.

The period was marked by the founding (and, in many cases, spectacular failure) of a group of new Internet-based companies commonly referred to as dot-coms.companies were seeing their stock prices shoot up if they simply added an “e-” prefix to their name and/or a “.com” to the end, which one author called “prefix investing”.[2] A combination of rapidly increasing stock prices, market confidence that the companies would turn future profits, individual speculation in stocks, and widely available venture capital created an environment in which many investors were willing to overlook traditional metrics such as P/E ratio in favor of confidence in technological advancements. — • Thierauf, Robert J.

Executive Information System: A Guide for Senior Management and MIS Professionals.

Quorum Books, 1991 • Executive information systems (January 1994).

Retrieved June 17, 2006, from sjarif/eis.htm • Salmeron, Jose L.

And Herrero, Ines.

An AHP-based methodology to rank critical success factors of executive information Standards & Interfaces, Volume 28, Issue 1, July 2005, pp. 1-12. • Salmeron, Jose L.

EIS Success: Keys and difficulties in major companies.

Technovation Volume 23, Issue 1, 2003, pp. 35-38 • Salmeron, Jose L.

EIS Evolution in Large Spanish Businesses.

Information & Management Volume 40, Issue 1, 2002, pp. 41-50 Executive information system • Salmeron, Jose L.

EIS profitability, costs and benefits: An evolutionary approach.

Industrial Management & Data Systems Volume 102, Issue 5-6, 2002, pp. 284-288 • Salmeron, Jose L.

EIS data: Findings from an evolutionary study.

Journal of Systems and Software Volume 64, Issue 2, 2002, pp. 111-114 310 External links • Executive Support Systems ( • The development and use of Executive Information Systems ( Executive-Information-Systems.html) Financial Management for IT Services (ITSM) Financial Management for IT Services (ITSM) is an IT Service Management process area.

It is an element of the Service Delivery section of the ITIL best practice framework.

The aim of Financial Management for IT Services is to give accurate and cost effective stewardship of IT assets and resources used in providing IT Services.

It is used to plan, control and recover costs expended in providing the IT Service negotiated and agreed to in the Service Level Agreement (SLA). Goals Overall, the basic goal behind ITSM is to offer a truly transparent analysis of what an organization is spending on IT resources.

In many cases, this analysis of efficiency is used to create intelligent, metric-based cost-cutting strategies. [1] [2] For an internal IT organisation, the goal is described as: To provide cost-effective stewardship of the IT assets and resources used in providing IT services For an outsourced IT organisation or an IT organisation which is run as if it were a separate entity (ie, with full charging) the goal may be described as: To be able to account fully for the spend on IT services and to be able to attribute these costs to the services delivered to the organisation’s customers and to assist management by providing detailed and costed business cases for proposed changes to IT services Sub-Processes Financial Management for IT Services contains 3 sub-processes: • Budgeting • IT Accounting • Charging Budgeting Budgeting enables an organization to plan future IT expenditure, thus reducing the risk of over-spending and ensuring the revenues are available to cover the predicted spend.

Additionally it allows an organization to compare actual costs with previously predicted costs in order to improve the reliability of budgeting predictions. Financial Management for IT Services (ITSM) 311 IT Accounting IT Accounting is concerned with the amount of money spent in providing IT Services.

It allows an organization to perform various financial analyses to gauge the efficiency of the IT service provision and determine areas where cost savings can be made.

It will also provide financial transparency to aid management in the decision making process.

Several Cost Elements can be used to control your accounting: Capital Costs: Any type of purchases which would have a residual value as hardware and building infrastructure Operational Costs: Day to day recurring expenses cost like rental fees, monthly electrical invoices and salaries.

Direct Costs: Any cost expenses which are directly attributed to one single or specific service or customer.

A typical example would be the purchase of a dedicated server which cannot be shared and is needed to host a new application for a specific service or customer.

Indirect Costs: One specific service provision which cost needs to be distributed in between several customers in a fair breakdown.

A fair example is the cost associated to overall Local Area Network on which every customer are connected to.

Breakdown could be done using total amount of users per customer or total amount of bandwidth usage per customer to accurately distribute the cost of providing this service.

Fixed Costs: Any expenses established for long periods of time like annual maintenance contracts or a lease contracts.

These expenses do not vary in the short-term.

Variable Costs: Any expenses that vary in the short-term based on the level of services provided, resources consumed, or other factors.

For example, energy costs are variable based on the amount consumed. Charging Charging provides the ability to assign costs of an IT Service proportionally and fairly to the users of that service.

It may be used as a first step towards an IT organization operating as an autonomous business.

It may also be used to encourage users to move in a strategically important direction – for example by subsidising newer systems and imposing additional charges for the use of legacy systems.

Transparency of charging will encourage users to avoid expensive activities where slightly more inconvenient but far cheaper alternatives are available.

For example, a user might browse a dump on screen rather than printing it off.

Charging is arguably the most complex of the three sub-processes, requiring a large investment of resources and a high degree of care to avoid anomalies, where an individual department may benefit from behaviour which is detrimental to the company as a whole.

Charging policy needs to be simultaneously simple, fair and realistic.

Charging need not necessarily mean money changing hands (Full Charging).

It may take the form of information passed to management on the cost of provision of IT services (No Charging), or may detail what would be charged if full charging were in place without transactions actually being applied to the financial ledgers (Notional Charging).

Notional Charging may also be used as a way of piloting Full Charging. Related ITIL Processes Several processes in the ITIL model provide information to the Financial Management for IT process.. Service Level Management Service Level Management provides key information regarding the level of service required by the customer (SLAs) and therefore forms the basis for calculations of all three sub-processes.

Customers can only be charged for services agreed in the SLAs and based on the Service Catalog.IT SLA & KPI Management is a SaaS business application that allows IT organizations to track, set, report, and analyze IT performance and value measures for all services, vendors, and customers, as well as perform root cause and business impact analysis.[3] Financial Management for IT Services (ITSM) 312 Configuration Management Given that the aim of Financial Management for IT is the stewardship of IT assets and resources, it is imperative that information from Configuration Management and in particular from the CMDB is available. Capacity Management Capacity Management are charged with planning and controlling the IT capacity requirements of the organisation.

Changes in capacity requirements – which usually increase – will inevitably lead to changes in costs.

This may mean unit costs will increase because capacity has to be increased in an emergency or it may mean unit costs will drop as a result of purchasing newer technology, economies of scale or increased purchasing power from an external supplier. Change Management — Corporate governance of information technology not directly related to IT governance, Sarbanes-Oxley and Basel-II in Europe have influenced the development of information technology governance since the early 2000s.

Following corporate collapses in Australia around the same time, working groups were established to develop standards for corporate governance.

A series of Australian Standards for Corporate Governance were published in 2003, these were: • • • • • Good Governance Principles (AS8000) Fraud and Corruption Control (AS8001) Organisational Codes of Conduct (AS8002) Corporate Social Responsibility (AS8003) Whistle Blower protection programs (AS8004) 318 AS8015 Corporate Governance of ICT was published in January 2005.

It was fast-track adopted as ISO/IEC 38500 in May 2008.Introduction to ISO 38500 [3] Problems with IT governance Is IT governance different from IT management and IT controls? The problem with IT governance is that often it is confused with good management practices and IT control frameworks.

ISO 38500 has helped clarify IT governance by describing it as the management system used by directors.

In other words, IT governance is about the stewardship of IT resources on behalf of the stakeholders who expect a return from their investment.

The directors responsible for this stewardship will look to the management to implement the necessary systems and IT controls.

Whilst managing risk and ensuring compliance are essential components of good governance, it is more important to be focused on delivering value and measuring performance. Frameworks There are quite a few supporting references that may be useful guides to the implementation of information technology governance.

Some of them are: • AS8015-2005 Australian Standard for Corporate Governance of Information and Communication Technology.

AS8015 was adopted as ISO/IEC 38500 in May 2008 • ISO/IEC 38500:2008 Corporate governance of information technology [4], (very closely based on AS8015-2005) provides a framework for effective governance of IT to assist those at the highest level of organizations to understand and fulfill their legal, regulatory, and ethical obligations in respect of their organizations’ use of IT.

ISO/IEC 38500 is applicable to organizations from all sizes, including public and private companies, government entities, and not-for-profit organizations.

This standard provides guiding principles for directors of organizations on the effective, efficient, and acceptable use of Information Technology (IT) within their organizations. • Control Objectives for Information and related Technology (COBIT) is regarded as the world’s leading IT governance and control framework.

CobiT provides a reference model of 34 IT processes typically found in an organization.

Each process is defined together with process inputs and outputs, key process activities, process objectives, performance measures and an elementary maturity model.

Originally created by ISACA, COBIT is now the responsibility of the ITGI [5] (IT Governance Institute). • The IT Infrastructure Library [6] (ITIL) is a high-level framework with information on how to achieve a successful operational Service management of IT, developed and maintained by the United Kingdom’s Office of Government Commerce, in partnership with the IT Service Management Forum.

While not specifically focused on IT governance, the process related information is a useful reference source for tackling the improvement of the service management function.

Others include: • ISO27001 – focus on IT security Corporate governance of information technology • CMM – The Capability Maturity Model – focus on software engineering • TickIT is a quality-management certification program for software development Non-IT specific frameworks of use include: • The Balanced Scorecard (BSC) – method to assess an organization’s performance in many different areas. • Six Sigma – focus on quality assurance • TOGAF – The Open Group Architectural Framework – methodology to align business and IT, resulting in useful projects and effective governance. 319 Professional certification Certified in the Governance of Enterprise Information Technology (CGEIT) is an advanced certification created in 2007 by the Information Systems Audit and Control Association (ISACA).

It is designed for experienced professionals, who can demonstrate 5 or more years experience, serving in a managing or advisory role focused on the governance and control of IT at an enterprise level.

It also requires passing a 4-hour test, designed to evaluate an applicant’s understanding of enterprise IT management.

The first examination was held in December 2008. Footnotes [1] Weill, P. & Ross, J.

W., 2004, IT Governance: How Top Performers Manage IT Decision Rights for Superior Results”, Harvard Business School Press, Boston. [2] IT Governance Institute 2003, “Board Briefing on IT Governance, 2nd Edition”.

Retrieved January 18, 2006 from http:/ / Content/ ContentGroups/ ITGI3/ Resources1/ Board_Briefing_on_IT_Governance/ 26904_Board_Briefing_final.

Pdf [3] http:/ / www.itsmf.

Nl/ imagesfile/ PRESENTATIES%20JC%2008%20tbv%20publicatie/ Christophe%20Feltus%20Introduction%20to%20ISO%2038500%20v1_0.

Pdf [4] http:/ / iso/ pressrelease.

Htm?refid=Ref1135 [5] http:/ / [6] http:/ / www.itil.


Uk/ Further reading • Lutchen, M. (2004).

Managing IT as a business : a survival guide for CEOs.

Hoboken, N.J., J.

Wiley., ISBN 0-471-47104-6 • Van Grembergen W., Strategies for Information technology Governance, IDEA Group Publishing, 2004, ISBN 1-59140-284-0 • Van Grembergen, W., and S.

De Haes, Enterprise Governance of IT: Achieving Strategic Alignment and Value, Springer, 2009. • W.

Van Grembergen, and S.

De Haes, “A Research Journey into Enterprise Governance of IT, Business/IT Alignment and Value Creation”, International Journal of IT/Business Alignment and Governance, Vol.

No. 1, 2010, pp. 1–13. • S.

De Haes, and W.

Van Grembergen, “An Exploratory Study into the Design of an IT Governance Minimum Baseline through Delphi Research”, Communications of AIS, No. 22, 2008, pp.443–458. • S.

De Haes, and W.

Van Grembergen, “An Exploratory Study into IT Governance Implementations and its Impact on Business/IT Alignment”, Information Systems Management, Vol. 26, 2009, pp.123–137. • S.

De Haes, and W.

Van Grembergen, “Exploring the relationship between IT governance practices and business/IT alignment through extreme case analysis in Belgian mid-to-large size financial enterprises”, Journal of Enterprise Information Management, Vol. 22, No. 5, 2009, pp. 615–637. • Georgel F., IT Gouvernance : Maitrise d’un systeme d’information, Dunod, 2004(Ed1) 2006(Ed2), 2009(Ed3), ISBN 2-10-052574-3. “Gouvernance, audit et securite des TI”, CCH, 2008(Ed1) ISBN 978-289366577-1 See also the bibliography sections of IT Portfolio Management and IT Service Management Corporate governance of information technology • Renz, Patrick S. (2007). “Project Governance.” Heidelberg, Physica-Verl. (Contributions to Economics) ISBN 978-3-7908-1926-7 • Wood, David J., 2011. “Assessing IT Governance Maturity: The Case of San Marcos, Texas”.

Applied Research Projects, Texas State University-San Marcos. 320 External links Institutes and associations • The IT Governance Institute ( • Informations Systems Audit and Control Association ( • International Association of Information Technology Asset Managers, Inc. – IAITAM ( Corp_Bios.htm) • Australian Computer Society Governance of ICT Committee ( • IT Governance Network ( • ( • IT Governance Portal ( Granular Configuration Automation Granular Configuration Automation (GCA) is a specialized area in the field of Configuration Management which focuses on visibility and control of an IT Environment’s configuration and bill-of-material at the most granular level.

This framework focuses on improving the stability of IT environments by analyzing granular information.

It responds to the requirement to determine a threat level of an environment risk, and to allow IT organizations to focus on those risks with the highest impact on performance.[1] Granular Configuration Automation combines two major trends in configuration management: the move to collect detailed and comprehensive environment information and the growing utilization of automation tools.[2] Driving factors For IT Personnel, IT systems have grown in complexity [3] , supporting a wider and growing range of technologies and platforms.

Application release schedules are accelerating, requiring greater attention to more information.[4] The average Global 2000 firm has more than a thousand applications that their IT organization deploys and supports.[5] New technology platforms like cloud and virtualization offer benefits to IT with less server space, and energy savings, but complicate configuration management from issues like sprawl.[6] The need to ensure high availability and consistent delivery of business services have led many companies to develop automated configuration, change and release management processes.[7] Downtime and system outages undermine the environments that IT professionals manage.

Despite advances in infrastructure robustness, occasional hardware, software and database downtime occurs.

Dunn & Bradstreet reports that 49% of Fortune 500 companies experience at least 1.6 hours of downtime per week, translating into more than 80 hours annually.[8] The growing costs of downtime has provided IT organizations with ample evidence for the need to improve processes.

A conservative estimate from Gartner pegs the hourly cost of downtime for computer networks at $42,000, so a company that suffers from worse than average downtime of 175 hours a year can lose more than $7 million per year.[9] The demands and complexity of Incident Investigation have put further strain on IT professionals, where their current experience cannot address incidents to the scale of environments in their organizations.

The incident may be captured, monitored and the results reported using standardized forms, most of the time even using a help-desk or trouble tickets software system to automate it and sometimes even a formal process methodology like ITIL.

But the Granular Configuration Automation core activity is still handled by a technical specialist “nosing around” the system trying to “figure out” what is wrong based on previous experience and personal expertise.[10] 321 Potential applications • Release validation — validating releases and mitigating the risk of production outages • Incident prevention — identifying and alerting of undesired changes; hence avoiding costly environment incidents • Incident investigation — pinpointing the root-cause of the incident and significantly cutting the time and effort spent on investigation • Disaster Recovery Verification — the accurate validation of disaster recovery plans and eliminating surprises at the most vulnerable times • Security — identifying deviations from security policy and best-practices • Compliance — discovering non-compliant situations and providing a detailed audit-trail References [1] Risk Management Broken in Many Organizations, says Gartner, Government Technology, ” (http:/ / gt/ 324452)” [2] Ken Jackson, The Dawning of the IT Automation Era (http:/ / cm/ community/ features/ guestopinions/ blog/ the-dawning-of-the-it-automation-era/ ?cs=37375), IT Business Edge. [3] Bob Violino, Reducing IT Complexity (http:/ / articles/ 2007winter/ coverstory.

Jhtml), Smart Enterprise. [4] Change, Configuration, and Release: What’s Really Driving Top Performance? (http:/ / files/ ITPI_Executive_Snapshot_CCR Study.

Pdf), IT Process Institute. [5] Improving Application Quality by Controlling Application Infrastructure (http:/ / cm-journal-articles/ 6957-improving-application-quality-by-controlling-application-infrastructure), Configuration Management Crossroads. [6] Cameron Sturdevant, How to Tame Virtualization Sprawl (http:/ / c/ a/ IT-Infrastructure/ How-to-Tame-Virtualization-Sprawl/ ), eweek. [7] Challenges and Priorities for Fortune 1000 Companies (http:/ / pridham.

Files. 2007/ 06/ mvalent_survey_results_2007.

Pdf). [8] How Much Does Downtime Really Cost? (http:/ / infodirect/ 2009_133/ downtime_cost-10015855-1.

Html), Information Management. [9] How to quantify downtime (http:/ / careers/ 2004/ 0105man.

Html), NetworkWorld. [10] Root Cause Analysis for IT Incidents Investigation (http:/ / hosteddocs. GJ102105.

Pdf), IT Toolbox. Grey problem 322 — Background Combining frequency and causing technology information can provide a view of the complexity of a problem and so indicate how difficult it will be to investigate (see Figure 1).

The problems in each quadrant have certain characteristics: Q1 – In a typical IT department 80 to 90% of problems are solid faults that are easily tracked down to a causing technology.

The appropriate technical or platform support team efficiently deals with these problems every day.

Q2 – Some recurring problems are due to a Known Error, or are obviously being caused by a particular hardware or software component.

These problems are typically handled by technical support people working with suppliers.

Q3 – Every so often a one-off problem occurs, and the cause of these may never be found.

Q4 – The technical ownership of these issues is unclear and so they are referred to as “grey problems” IE not black and white. Impact Grey problems have a significant impact on IT service and typically: • • • • Form the bulk of ongoing recurring problems Create a disproportionately high IT support workload Give a pointer to more serious problems to come Cause the business to adjust practices around the problem Grey problem 323 ITIL perspective ITIL Service Operations implies that grey problems should be handled through a Problem Solving Group under the direction of the Problem Management function.

In practice, even those IT organisations that have adopted ITIL rarely have a procedure to handle a grey problem, leaving it to bounce between Technical Support Teams as each denies that their technology is to blame. Further reading • Grey problem case study [1] • Presentation to the British Computer Society [2] References [1] http:/ / content/ 19065 [2] http:/ / www.beds.

Uk/ documents/ 2009-04-22-MethodBasedProblemDiagnosis.

Pdf Hierarchical storage management Hierarchical Storage Management (HSM) is a data storage technique which automatically moves data between high-cost and low-cost storage media.

HSM systems exist because high-speed storage devices, such as hard disk drive arrays, are more expensive (per byte stored) than slower devices, such as optical discs and magnetic tape drives.

While it would be ideal to have all data available on high-speed devices all the time, this is prohibitively expensive for many organizations.

Instead, HSM systems store the bulk of the enterprise’s data on slower devices, and then copy data to faster disk drives when needed.

In effect, HSM turns the fast disk drives into caches for the slower mass storage devices.

The HSM system monitors the way data is used and makes best guesses as to which data can safely be moved to slower devices and which data should stay on the fast devices.

In a typical HSM scenario, data files which are frequently used are stored on disk drives, but are eventually migrated to tape if they are not used for a certain period of time, typically a few months.

If a user does reuse a file which is on tape, it is automatically moved back to disk storage.

The advantage is that the total amount of stored data can be much larger than the capacity of the disk storage available, but since only rarely-used files are on tape, most users will usually not notice any slowdown.

HSM is sometimes referred to as tiered storage.

HSM (originally DFHSM, now DFSMShsm) was first implemented by IBM on their mainframe computers to reduce the cost of data storage, and to simplify the retrieval of data from slower media.

The user would not need to know where the data was stored and how to get it back; the computer would retrieve the data automatically.

The only difference to the user was the speed at which data was returned.

Later, IBM ported HSM to its AIX operating system, and then to other Unix-like operating systems such as Solaris, HP-UX and Linux.

HSM was also implemented on the DEC VAX/VMS systems and the Alpha/VMS systems.

The first implementation date should be readily determined from the VMS System Implementation Manuals or the VMS Product Description Brochures.

Recently, the development of Serial ATA (SATA) disks has created a significant market for three-stage HSM: files are migrated from high-performance Fibre Channel Storage Area Network devices to somewhat slower but much cheaper SATA disks arrays totalling several terabytes or more, and then eventually from the SATA disks to tape.

The newest development in HSM is with hard disk drives and flash memory, with flash memory being over 30 times faster than disks, but disks being considerably cheaper. Hierarchical storage management Conceptually, HSM is analogous to the cache found in most computer CPUs, where small amounts of expensive SRAM memory running at very high speeds is used to store frequently used data, but the least recently used data is evicted to the slower but much larger main DRAM memory when new data has to be loaded.

In practice, HSM is typically performed by dedicated software, such as IBM Tivoli Storage Manager, CommVault [1], VERITAS Enterprise Vault [2], Sun Microsystems SAMFS/QFS [3], Quantum StorNext, or EMC Legato OTG DiskXtender. 324 Use Cases — • Keith Harrison-Broninski “Human Interactions: The Heart and Soul of Business Process Management” ISBN 0-929652-44-4 • Mark McGregor (editor) “In Search Of BPM Excellence” ISBN 0-929652-40-1 • Peter Fingar “Extreme Competition: Innovation And The Great 21st Century Business Reformation” ISBN 0-929652-38-2 • Lee, J., Seo, W., Kim, K., and Kim, C. 2010 “An OWL-based ontological approach to RAD modeling of human interactions for business collaboration” Expert Syst.

Appl. 37, 6 (Jun. 2010), 4128-4138 • Rajani Shankar Sadasivam “An Architecture Framework for Process-Personalized Composite Services: Service-oriented Architecture, Web Services, Business-Process Engineering, and Human Interaction Management” ISBN 3-639087-24-0 • Jan vom Brocke, Michael Rosemann (editors) “Handbook on Business Process Management 2: Strategic Alignment, Governance, People and Culture” ISBN 978-3-642019-81-4 Human interaction management • Keith D.

Swenson, Nathaniel Palmer, Sandy Kemsley, Keith Harrison-Broninski, Max Pucher, Manoj Das, et al, “Social BPM: Work, Planning and Collaboration Under the Impact of Social Technology” ISBN 978-0-981987-08-8 335 References [1] http:/ / www.human-interaction-management.

Info/ [2] http:/ / www.soberit.


Fi/ t-86/ t-86. 5161/ 2006/ him_humanedj_final.

Pdf [3] http:/ / publicationfiles/ 01-07-ART-Enterprise%20BPM%20-%20Korhonen-Final.

Pdf IBM Tivoli Unified Process (ITUP) IBM Tivoli Unified Process (ITUP) is a knowledge base of widely accepted industry best practices and the accumulated experience from IBM’s client engagements.

The knowledge base comprises detailed, industry-wide IT service management processes, and is an integral part of the IBM Service Management solution family.[1] The knowledge base is structured on the IBM Process Reference Model for IT[2] (PRM-IT).

PRM-IT[3] describes the processes for exploiting IT in support of a business or enterprise.

ITUP is a free offering from IBM.[4] Its purpose is to make the benefits of service management best practice frameworks, like Information Technology Infrastructure Library (ITIL), more attainable for organizations through integrated process modeling.

Thus ITUP is closely aligned with ITIL (a series of books outlining a set of concepts for managing IT) and provides the guidance on how to implement IT service management using proven, predefined solutions.

Detailed process diagrams and descriptions provide further explanations of IT processes, the relationships between processes, and the roles and tools involved in an efficient process implementation.

ITUP is also mapped to other leading process models.[5] Context IT service management represents an evolution from managing IT as a technology to managing IT as a business.[6] As businesses move toward on-demand environments, IT organizations are faced with the challenge of increasing the quality of services provided to business, while simultaneously addressing faster rates of change, rising technical complexity, cost pressures, and compliance issues.

With traditional resource and system management approaches, providing effective support for business and efficient use of IT resources is proving impossible.

IT service management provides for the effective and efficient delivery of IT services in support of changing business needs.

Implementing IT service management requires the optimal intersection of people, process, information and technology.

When all of these components come together, they can make IT more efficient and effective. Tivoli Unified Process tooling IBM Tivoli Unified Process (ITUP) Composer is the tool used to create tailored method libraries* using the ITUP knowledge base content.[7] Customization includes creating or modifying process definitions to extend and publish content to document an organization’s operational processes.

The Composer tool provides the option to select and deploy a comprehensive project, or only the process components needed for each stage of a project, so that those processes are consistently applied by all IT staff. (See ITUP Composer for development, this article.) • A method library is a container for method plug-ins and method configuration definitions.

A method library has one or more method configurations that filter the library and provide smaller working sets of library content.

All method elements are stored in a method library. IBM Tivoli Unified Process (ITUP) 336 Structure of the ITUP content knowledge database The knowledge base includes descriptions of and relationships between five significant elements: 1.

Process descriptions – detailed process diagrams and explicates to better understand processes and their relationships, making ITIL best-practice recommendations easier to implement.

This category also maps processes to other leading process models, such as Control Objectives for Information and related Technology (COBIT) and the enhanced Telecom Operations Map (eTOM). 2.

Work products – artifacts produced as outputs or required as inputs by processes.

Includes information such as definitions for key terms and concepts. 3.

Roles – as associated with the execution of specific tasks by IT staff typically responsible for one or more roles.

Roles and job responsibilities are described in detail and cross-referenced to guidance on how staff can use tools to perform their roles more efficiently and effectively. 4.

Tools – in the form of tool mentors.

This category identifies products and solutions from IBM that can be used to automate or complete specific process activities. 5.

Scenarios, or real-life examples – are provided as catalysts to make process content more comprehendible.

A scenario can relate to specific issues, such as deploying a new server or responding to an outage.

Scenarios describe, in a step-by-step format, the process workflow, roles, work products and tools involved in solving a specific problem. The ITUP framework of process categories Governance and Management System The Governance and Management System process category ensures that a framework is in place to integrate processes, technologies, people, and data in a manner consistent with the IT goals.

This category also monitors the framework against the broader enterprise goals and quality metrics.

When specific goals and quality metrics are consistently unmet, decisions are made regarding the overall framework: whether it will be modified or restructured to ensure future success.

Governance considers and sets the fundamental direction for the management framework.

Governance is a decision rights and accountability framework for directing, controlling, and executing IT endeavors in order to determine and achieve desired behaviors and results.

Governance involves defining the management model and creating the governing or guiding principles.

Processes: • • • • IT Governance and Management System Framework IT Governance and Management System Capabilities IT Governance and Management Operation IT Governance and Management Evaluation Customer Relationships The Customer Relationships process category gives IT service providers a mechanism to understand, monitor, perform and compete effectively in the marketplace they serve.

Through active communication and interaction with customers, this process category provides the IT enterprise with valuable, current information concerning customer wants, needs, and requirements.

Once these requirements are captured and understood, the process category ensures that an effective market plan is created to bring the various IT services and capabilities to the marketplace.

Further, customer satisfaction data is gathered and reported in order to find areas of the IT services that require improvement.

Overall, this process provides a means for the IT enterprise to understand customer requirements, market IT services to customers, ensure and monitor the quality of the delivered IT services, and contribute to the maximization of business value from technology usage.

Processes: • Stakeholder Requirements Management IBM Tivoli Unified Process (ITUP) • • • • • • Service Marketing and Sales Service Catalog Management Service Level Management Demand Management IT Customer Transformation Management Customer Satisfaction Management 337 Direction The Direction process category provides guidance on the external technology marketplace, aligns the IT outcomes to support the business strategy, minimizes risk exposures, and manages the IT Architecture and IT Portfolio.

Using the business strategy, related business requirements, and overall technology trends as key inputs, this process category creates an IT Strategy within the manageable constraints of the existing architecture and portfolio.

In addition to the IT strategy, the IT Portfolio and IT Architecture are planned, created, implemented, monitored, and continuously improved within this process category.

Items put forward for inclusion in the IT Portfolio are managed throughout their life cycle using product management approaches well established in many industries.

Processes: • IT Strategy • IT Research and Innovation • • • • • Architecture Management Risk Management Product Management Portfolio Management Program and Project Management Realization In the Realization process category solutions are created to satisfy the requirements of IT customers and stakeholders, including both the development of new solutions and the enhancements or maintenance of existing ones.

Development includes options to build or buy the components of solutions, and the integration of them for functional capability.

This process category encompasses the engineering and manufacturing of information technology products and services, and includes the making or buying of solutions, systems, integration, and extensions to existing solutions.

Maintenance and end-of-life shutdown activities (requiring solution adjustment) are also addressed in this category.

Processes: • • • • • Solution Requirements Solution Analysis and Design Solution Development and Integration Solution Test Solution Acceptance Transition The Transition category of processes supports any aspect related to a life cycle status change in solutions and services.

The processes provide defined and repeatable approaches to planning, effecting and recording these transitions, and can be applied to all stages of the life cycle.

They also serve to maintain control over the information technology (IT) resources that are subject to such status changes.

Further, the processes in this category provide vital enabling information to other process areas related to the management of IT.

Using these processes, developments in IT capabilities supporting the stake holding businesses and customers achieve their desired operational status from which value can be derived.

Processes: • Change Management • Release Management — Imaging for Windows from Global 360 is document imaging software.

Earlier versions of Imaging for Windows were included in Windows 95/98/Me/NT/2000.

Global360 Imaging for Windows is the upgrade to this Imaging software, which was discontinued as of Windows XP.[1] Its image viewing, editing and scanning functions are superseded by Windows Picture and Fax Viewer and Microsoft Paint, both of which are based on GDI+ in Windows XP.

Unfortunately, the multi-page picture editing functions are gone with the Imaging software.

Imaging for Windows was developed by Wang (as in Windows 95/NT 4.0), was later absorbed by Kodak (as Eastman Software, as in Windows 98/2000), then becoming eiStream Inc., and is now owned by Global 360.

Version 4.0 was released in November 2008.[2] Imaging for Windows supports creating, annotating, viewing, and printing TIFF, BMP, and Microsoft Fax AWD image documents.

Users can also view and print JPEG and PCX/DCX images.

Imaging for Windows also provides the ability to develop software using ActiveX tools.

Each copy includes the Kodak/Wang Imaging OCX (ActiveX) controls – ImgEdit, ImgAdmin, ImgThumb, ImgScan and ImgOCR controls are provided. References [1] (http:/ / support. kb/ 308979) [2] (http:/ / products/ imaging/ ) Incident Management (ITSM) 344 Incident Management (ITSM) Incident Management (IcM) is an IT Service Management (ITSM) process area.

The first goal of the incident management process is to restore a normal service operation as quickly as possible and to minimize the impact on business operations, thus ensuring that the best possible levels of service quality and availability are maintained. ‘Normal service operation’ is defined here as service operation within Service Level Agreement (SLA).

It is one process area within the broader ITIL and ISO 20000 environment.

ISO 20000 defines the objective of Incident management (part 1, 8.2) as To restore agreed service to the business as soon as possible or to respond to service requests.

Incidents that cannot be resolved quickly by the Help desk will be assigned to specialist Technical Support groups.

A resolution or work-around should be established as quickly as possible in order to restore the service. Definition ITIL terminology defines an incident as: Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to or a reduction in, the quality of that service.

The stated ITIL objective is to restore normal operations as quickly as possible with the least possible impact on either the business or the user, at a cost-effective price [1] ISO 20000 defines an incident (part 1, 2.7) as: any event which is not part of the standard operation of a service and which causes or may cause an interruption to, or a reduction in, the quality of that service. Incidents, problems and known errors Incidents may match with existing ‘Problems’ (without a known root cause) or ‘Known Errors’ (with a root cause) under the control of Problem Management and registered in the Known Error Database ( KeDB ).

Where existing work-arounds have been developed, it is suggested that accessing these will allow the Service Desk to provide a quick first-line fix.

Where an incident is not the result of a Problem or Known Error, it may either be an isolated or individual occurrence or may (once the initial issue has been addressed) require that Problem Management become involved, possibly resulting in a new problem record being raised. Incidents and changes Incidents are the result of failures or errors in the IT infrastructure.

The cause of Incidents may be apparent and the cause may be addressed without the need for further investigation, resulting in a repair, a Work-around or a request for change (RFC) to remove the error.

Where an incident is considered to be serious in nature, or multiple occurrences of similar incidents are observed, a problem record might be created as a result (it’s possible that the Problem will not be recorded until several incidents have occurred).

The management of a problem varies from the process of managing an incident and is typically performed by different staff and therefore is controlled by the Problem Management process.

When its ‘root cause’ has been identified, it becomes a ‘known error’.

Finally, a request for change (RFC) may be raised to modify the system by resolving the known error.

This process is covered by the Change Management process.

A request for new additional service is not regarded as an incident, but as a Request for Service (RFS). Incident Management (ITSM) 345 Incident management processes The main incident management processes are the following: • • • • • • • • Incident detection and recording Classification and initial support Investigation and diagnosis Resolution and recovery Incident closure Incident ownership, monitoring, tracking and communication Establish incident framework management Evaluation incident framework management Examples Incidents should be classified as they are recorded, Examples of incidents by classification are: • Application • service not available • application bug • disk-usage threshold exceeded • Hardware • system-down • automatic alert • printer not printing References [1] ITIL Incident Management (http:/ / index.

Php?page=Incident_Management) – The ITIL Open Guide Bibliography • Bruton, Noel, How to Manage the IT Helpdesk — A Guide for User Support and Call Center Managers.

ISBN 0-7506-4901-1. Information management 346 Information management Information management (IM) is the collection and management of information from one or more sources and the distribution of that information to one or more audiences.

This sometimes involves those who have a stake in, or a right to that information.

Management means the organization of and control over the structure, processing and delivery of information.

Throughout the 1970s this was largely limited to files, file maintenance, and the life cycle management of paper-based files, other media and records.

With the proliferation of information technology starting in the 1970s, the job of information management took on a new light, and also began to include the field of Data maintenance.

No longer was information management a simple job that could be performed by almost anyone.

An understanding of the technology involved, and the theory behind it became necessary.

As information storage shifted to electronic means, this became more and more difficult.

By the late 1990s when information was regularly disseminated across computer networks and by other electronic means, network managers, in a sense, became information managers.

Those individuals found themselves tasked with increasingly complex tasks, hardware and software.

With the latest tools available, information management has become a powerful resource and a large expense for many organizations.

In short, information management entails organizing, retrieving, acquiring and maintaining information.

It is closely related to and overlapping with the practice of Data Management. Information management concepts Following the behavioral science theory of management, mainly developed at Carnegie Mellon University and prominently represented by Barnard, Richard M.

Cyert, March and Simon, most of what goes on in service organizations is actually decision making and information processes.

The crucial factor in the information and decision process analysis is thus individuals’ limited ability to process information and to make decisions under these limitations.

According to March and Simon,[1] organizations have to be considered as cooperative systems with a high level of information processing and a vast need for decision making at various levels.

They also claimed that there are factors that would prevent individuals from acting strictly rational, in opposite to what has been proposed and advocated by classic theorists Instead of using the model of the economic man, as advocated in classic theory, they proposed the administrative man as an alternative based on their argumentation about the cognitive limits of rationality.

While the theories developed at Carnegie Mellon clearly filled some theoretical gaps in the discipline, March and Simon [1] did not propose a certain organizational form that they considered especially feasible for coping with cognitive limitations and bounded rationality of decision-makers.

Through their own argumentation against normative decision-making models, IE, models that prescribe people how they ought to choose, they also abandoned the idea of an ideal organizational form.

In addition to the factors mentioned by March and Simon, there are two other considerable aspects, stemming from environmental and organizational dynamics.

Firstly, it is not possible to access, collect and evaluate all environmental information being relevant for taking a certain decision at a reasonable price, IE, time and effort.[2] In other words, following a national economic framework, the transaction cost associated with the information process is too high.

Secondly, established organizational rules and procedures can prevent the taking of the most appropriate decision, IE, that a sub-optimum solution is chosen in accordance to organizational rank structure or institutional rules, guidelines and procedures,[3] [4] an issue that also has been brought forward as a major critique against the principles of bureaucratic organizations.[5] Information management According to the Carnegie Mellon School and its followers, information management, IE, the organization’s ability to process information, is at the core of organizational and managerial competencies.

Consequently, strategies for organization design must be aiming at improved information processing capability.

Jay Galbraith [6] has identified five main organization design strategies within two categories — increased information processing capacity and reduced need for information processing. 1.

Reduction of information processing needs 1.

Environmental management 2.

Creation of slack resources 3.

Creation of self-contained tasks 2.

Increasing the organizational information processing capacity 1.

Creation of lateral relations 2.

Vertical information systems Environmental management.

Instead of adapting to changing environmental circumstances, the organization can seek to modify its environment.

Vertical and horizontal collaboration, IE cooperation or integration with other organizations in the industry value system are typical means of reducing uncertainty.

An example of reducing uncertainty in relation to the prior or demanding stage of the industry system is the concept of Supplier-Retailer collaboration or Efficient Customer Response.

Creation of slack resources.

In order to reduce exceptions, performance levels can be reduced, thus decreasing the information load on the hierarchy.

These additional slack resources, required to reduce information processing in the hierarchy, represent an additional cost to the organization.

The choice of this method clearly depends on the alternative costs of other strategies.

Creation of self-contained tasks.

Achieving a conceptual closure of tasks is another way of reducing information processing.

In this case, the task-performing unit has all the resources required to perform the task.

This approach is concerned with task (de-)composition and interaction between different organizational units, IE organizational and information interfaces.

Creation of lateral relations.

In this case, lateral decision processes are established that cut across functional organizational units.

The aim is to apply a system of decision subsidiarity, IE to move decision power to the process, instead of moving information from the process into the hierarchy for decision-making.

Investment in vertical information systems.

Instead of processing information through the existing hierarchical channels, the organization can establish vertical information systems.

In this case, the information flow for a specific task (or set of tasks) is routed in accordance to the applied business logic, rather than the hierarchical organization.

Following the lateral relations concept, it also becomes possible to employ an organizational form that is different from the simple hierarchical information.

The Matrix organization is aiming at bringing together the functional and product departmental bases and achieving a balance in information processing and decision making between the vertical (hierarchical) and the horizontal (product or project) structure.

The creation of a matrix organization can also be considered as management’s response to a persistent or permanent demand for adaptation to environmental dynamics, instead of the response to episodic demands. — Applicable Frameworks • Information Security Governance: Guidance for Boards of Directors and Executive Management 2nd Edition [1] External links • ISMS³ – Information Security Management Maturity Model Group Page [2] • DoD IA Policy Chart [3] References [1] http:/ / Knowledge-Center/ Research/ ResearchDeliverables/ Pages/ Information-Security-Governance-Guidance-for-Boards-of-Directors-and-Executive-Management-2nd-Edition.

Aspx [2] http:/ / [3] http:/ / iac.


Mil/ iatac/ ia_policychart.

Html Information Services Procurement Library The Information Services Procurement Library (ISPL) is a best practice library for the management of Information Technology related acquisition processes.

It helps both the customer and supplier organization to achieve the desired quality using the corresponded amount of time and money by providing methods and best practices for risk management, contract management, and planning.

ISPL focuses on the relationship between the customer and supplier organization: It helps constructing the request for proposal, it helps constructing the contract and delivery plan according to the project situation and risks, and it helps monitoring the delivery phase.

ISPL is a unique Information Technology method because where most other Information Technology methods and frameworks focus on development (EG DSDM, RUP), ISPL focuses purely on the procurement of information services.

The target audience for ISPL consists of procurement managers, acquisition managers, programme managers, contract managers, facilities managers, service level managers, and project managers in the IT (Information Technology) area.

Because of ISPL’s focus on procurement it is very suitable to be used with ITIL (for IT Service Management) and PRINCE2 (for Project Management).[1] Benefits There are four main benefits of using ISPL. • • • • The customer can take advantage of the competitive market Proposals of suppliers become comparable The use of a strategy that really fits the situation The contract can be used as a control instrument These benefits are elaborated in the paragraphs below.

The customer can take advantage of the competitive market ISPL helps the customer organisation to construct the Request for Proposal (RFP).

It even provides the customer organisation with a table of contents.

A very important part of the ISPL request for proposal is the elaboration on the supplier evaluation approach.

The complete transparency of the supplier evaluation approach triggers the candidate supplier organisations to issue a really Information Services Procurement Library competitive proposal.

As a result the customer can take full advantage of the competitive market.

Proposals of suppliers become comparable ISPL specifies the table of contents of the candidate supplier organisation’s proposal.

It also supplies the customer and candidate supplier organisations with one clear terminology.

This makes the proposals of the candidate suppliers very easy to compare.

The use of a strategy that really fits the situation ISPL provides the user with a really extensive risk management process.

Based on best practices, it helps the management to design a delivery strategy that really fits the situation of both the customer and the supplier organizations.

This is a benefit for both the customer and the supplier organizations because selecting a suboptimal strategy obviously brings along higher costs.

The chapter #Service Planning describes the situation and risk analysis and the design of a service delivery strategy.

Contract as a control instrument ISPL helps the customer and supplier organisations to set up a contract that specifies all critical aspects of the procurement.

For example the list of requirements, the budget and the delivery plan are all fixed in the contract.

This provides both customer and supplier organisation with a very powerful control instrument.

One of the benefits for the customer organisation is that the supplier organisation will be highly motivated to meet all the deadlines because otherwise the supplier commits contract breach.

One of the benefits for the supplier organisation is that it becomes much harder for the customer organisation to change the requirements which would slow down the development process.

In short, with ISPL there is a better control of costs and time-scales. 353 History ISPL is developed and published in 1999 by a consortium of five European companies: EXIN and ID Research (ORDINA) from the Netherlands, FAST from Germany, SEMA from France and TIEKE from Finland.

The development of ISPL was part of the SPRITE-S2 programme that was launched in 1998 by the European Commission.

ISPL is derived from Euromethod and based on the research of about 200 real-life acquisitions. Structure Although ISPL is a best practice library it does not only consist of books.

The structure of ISPL is displayed in Figure 1.

In this figure the books are represented by squares and the other tools are represented by circles.

The basis is formed by four practical books, the IS Procurement Management Essentials.

Additionally, a specific book addresses public procurement.

Plug-ins to the IS Procurement Management Essentials are provided for specific needs and situations.

Currently, three plug-ins are available for which there is a large market potential.

A fourth plug-in on the acquisition of product software is currently under construction.

Follow the links below to get more information on the different parts of ISPL. • #Managing Acquisition Processes • #Specifying Deliverables • #Managing Risks and Planning Deliveries — 358 Managing Risks and Planning Deliveries ISPL’s form of risk management is purely based on heuristics.

By describing and analysing the situation, critical risks can be identified and mitigated by selecting actions and an appropriate strategy.

ISPL provides heuristics that link risks and situational factors to mitigating actions and strategies.

This chapter is a summary of [3] and also includes information from [4]. Model The process of managing risks and planning deliveries is illustrated in Figure 6.

All the different steps in the process are described in detail in the paragraphs below. Service Description The first step of the process is describing the service that is to be procured.

It is important to note the differences between a project and an ongoing service.

Both types of services are described differently.

ISPL provides the user with two separate sets of guidelines Description of ongoing services There are two steps in describing an ongoing service.

I will briefly elaborate on each of these steps in the following paragraphs.

Identify type of service ISPL proposes two methods for identifying the type of service: • ISO Life Cycle Processes (ISO-LCP) • Public domain service packages These methods can be used in a successive way where the ISO-LCP standard is used to identify the different process types and public domain service packages are used to refine the ISO-LCP processes.

An example of a publicly available description of service packages is the one that is present in ITIL.

Note that in ITIL, service packages are referred to as processes.

More info on the ISO-LCP standard can be found in the Wikipedia entry on ISO 12207.

Describe service properties The service can be described in more detail by its service properties.

All service properties can be divided into three groups: • Investment properties • Functional properties • Quality properties ISPL provides methods for describing all three groups of properties. Information Services Procurement Library Description of projects Projects are described by an initial and a final state, IE the current and the desired situation.

This is done by specifying the operation items (the actual parts of the Information service to be procured), and specifying the descriptive items (documentation).

A short outline of documenting the initial and final state is given in the paragraphs below.

More information on describing operation and descriptive items is given in the chapter #Specifying Deliverables.

Document the initial state For each component of the Information Service, contents and quality of the operation items have to be described.

Secondary, an assessment has to be made on which already present descriptions of future operational items are relevant to use in the project.

Document the final state All the operational items that will be in use at the final state have to be documented.

When describing these operation items the focus should be on: • The difference between new operational items and ones that are adapted from initial operational items • Specification of manuals and support documentation • Conversion and migration of existing data into new operational items • Specification of interfaces with new and already present operation items Not only the operational items have to be described: Descriptions of the documentation of the Information Service that is to be procured are also necessary.

The client has to describe the profiles of the documentation needed for maintenance on, and further development of the Information service. 359 Service Planning The service planning process consists of three sub-processes.

These are: • Situation and risk analysis • Delivery strategy design • Decision point planning In practice, these three sub-processes are followed by a process of risk monitoring that can give input to the situation and risk analysis process.complexity and uncertainty The terms complexity and uncertainty are used quite often in this chapter.complexity In the context of ISPL, complexity can be regarded as the difficulty encountered in managing the available knowledge.

Uncertainty In the context of ISPL, uncertainty can be regarded as the lack of available knowledge.

Situation and risk analysis The analysis sub-process is divided into a situation analysis followed by a risk analysis. Information Services Procurement Library Situation analysis The situation of both the customer and supplier organisations has a lot of influence in the success of the Information Service acquisition process.

The situation analysis is all about identifying situational factors and their values.

A situational factor value says something about the relative contribution to the overall complexity or uncertainty of the service to be delivered.

For both complexity and uncertainty it can have one of the following values: high, low or medium.

The ISPL method provides a set of tables which aids the user in determining the situational factor values.

An example of a part of such a table can be found in Table 1.

The risk management strategy depends on the situation as is displayed in Figure 7.

When all the situational factor values are determined it is possible to determine the overall complexity and uncertainty of the service.

These two factors can be used by the manager for the Design of the service delivery strategy.

Risk analysis In the #Situation analysis, complexity and uncertainty values have been attributed to each of the situational factors.

In the Risk Analysis, these values are used to identify the possible risks and their probability.

Examples of possible risks for the customer business are unpredictable/increased costs for the business, delays in system delivery and poor quality of service or system.

Examples of possible risks affecting the quality of the service to be delivered are demotivation of service actors, unclear requirements and uncertain interfaces with other services or systems.

ISPL provides tables that map situational factors to risks.

An example of such a table can be found in Table 2.

For each of the risks found, both the probability and impact, IE the consequence, are assessed.

The product of these two values is called the risk exposure.

The risk exposure value is used to identify the risks that are critical to service delivery.

The critical risks influence the #Delivery strategy design and the #Decision point planning.

Delivery strategy design This process uses the service description, the situation analysis and the risk analysis as inputs to define an optimal service delivery strategy.

The resulting service delivery strategy consists of three elements: • A list of actions to mitigate risks • Service execution approach • Service control approach.

Define actions ISPL provides heuristics on how to mitigate risks and change the individual situational factors that cause them.

An excerpt of these heuristics can be found in Table 3.

Service execution approach The service execution approach determines how the service is executed.

For projects, the service execution approach is referred to as the development approach.

It consists of a description approach, a construction approach and an installation approach.

ISPL provides the user with heuristics on what type of description, construction and installation approach fits best to the situational factors and critical risks found in the #Situation analysis and #Risk analysis.

For example, ISPL advises to use an evolutionary construction and installation approach when both overall complexity and uncertainty are high. 360 Information Services Procurement Library Service control approach The selection of a service control approach is based on the situational factors and overall complexity and uncertainty found in the #Situation analysis.

ISPL provides heuristics on which types of control are most suitable for various situational factors.

In total there are six types of control: development, quality and configuration in a formal and frequent variant.

Check consistency and analyse impact After defining a complete service strategy the consistency between the chosen strategy options has to be checked and possibly some choices have to be adjusted.

The impact of the chosen strategy should also be analysed by checking that all critical risks have been addressed.

It is also that some strategies cause new critical risks.

Decision point planning The goal of decision point planning is to determine a sequence of decision points and give a clear description on each of the decision points, using the #Delivery strategy design as input.

The sequence and contents of the decision points should reflect the chosen service delivery strategy.

The decision point planning is made in the following order: 1.

Derive basic sequence of decision points. 2.

Adapt basic sequence to accommodate actions. 3.

Describe decision points.

Derive basic sequence of decision points The basic sequence of decision points is based on the #Delivery strategy design.

ISPL provides heuristics on what basic sequences should be used for different delivery strategy options.

Adapt basic sequence to accommodate actions.

The basic sequence found is adapted to the list of actions to mitigate risks of the #Delivery strategy design.

Describe decision points ISPL gives information on what information elements should be in a decision point.

Think of for instance purpose and the pre-conditions.

For every decision has to be determined which deliverables are required.

General rule is that the deliverables must contain the right amount of information to be able to make the decision but no more than that.

Too much information is costly and blurs the focus of the decision makers.

More information about this topic can be found in the chapter on #Specifying Deliverables.

Risk monitoring Risk monitoring takes place after the #Decision point planning phase.

Its results can serve as input for the #Situation and risk analysis phase of service planning if necessary.

It involves the tracking, controlling and monitoring of risks and risk mitigating actions. 361 — The target domain is described using target domain deliverables.

There are two different types of target domain deliverables: operational items and descriptive items.

Both will be discussed in the following paragraphs.

Operational item An operation item is a delivered system or system component that is or will be installed as part of the acquisition.

They contribute to the functioning of the target domain.

Some examples of different operational item types are listed below. • • • • facilities hardware devices application software physical data • user and operator manuals • trained actors In practice, descriptions of operational items often already present.

It is important to make the distinction between functional and quality properties.

Descriptive item A descriptive item captures knowledge about the target domain.

They can be used to describe business organisations, business processes, information services et cetera.

ISPL gives guidance on describing descriptive items by providing a descriptive item profile in which all properties of the descriptive item can easily be ordered. External links • ISPL Homepage [2] • Information Services Procurement Group (in Dutch) [3] References [1] This article is a part of the Method Engineering Encyclopedia of the Utrecht University. [2] http:/ / projekte.


De/ ISPL/ [3] http:/ / www.ispg.

Nl/ 1.

Halfhide, O.

Et al. (2003), ‘Procurement, projecten en processen in de praktijk, De samenhang tussen ISPL, PRINCE2 en ITIL’, IT Beheer Jaarboek 2003, chapter 5.4 (in Dutch) 2.

Franckson, M.

And Verhoef, editors (1999), ‘Managing Acquisition Processes’, Information Services Procurement Library, ten Hagen & Stam, Den Haag, The Netherlands, ISBN 978-90-76304-81-6 3.

Franckson, M.

And Verhoef, editors (1999), ‘Managing Risks and Planning Deliveries’, Information Services Procurement Library, ten Hagen & Stam, Den Haag, The Netherlands, ISBN 978-90-76304-83-0 4.

Verhoef, D.

And Franckson (1999), ‘Risk Management for IT in the large’, CAiSE’99, LNCS 1626, pp. 57–72 5.

Franckson, M.

And Verhoef, editors (1999), ‘Specifying Deliverables’, Information Services Procurement Library, ten Hagen & Stam, Den Haag, The Netherlands, ISBN 978-90-76304-82-3 Information technology consulting 364 Information technology consulting Information technology consulting (also called IT consulting, Computer consultancy, Computing consultancy, technology consulting business and technology services or IT advisory) is a field that focuses on advising businesses on how best to use information technology to meet their business objectives.

In addition to providing advice, IT consultancies often implement, deploy, and administer IT systems on businesses’ behalf, known as Outsourcing. Overview The IT consulting industry can be viewed as a Four-tier system: • Professional services firms which maintain large professional workforces and command high bill rates. • Staffing firms, which place technologists with businesses on a temporary basis, typically in response to employee absences, temporary skill shortages and technical projects. • Independent consultants, who are self-employed or who function as employees of staffing firms (for US tax purposes, employed on “W-2”), or as independent contractors in their own right (for US tax purposes, on “1099”). • Information Security Consultants There are different reasons why consultants are called in: • • • • To gain external, more objective advice and recommendations To gain access the consultants’ specialized expertise Simply as temporary help during a one-time project, where the hiring of permanent employees is not required To outsource all or part of the IT services Five basic principles Five basic principles of IT consulting are: • Focus on the Relationship: Understanding the personality and expectations of client, client organization and all other stakeholders • Clearly Defined Role: Defined roles and responsibilities for both clients, other stakeholders and consulting team • Visualize Success: Helping the client see the end at the beginning • You Advise, They Decide: Client is the best person to decide • Be Oriented Towards Results: Ensuring that the solution addresses end user concerns, user training, implementation and maintenance constraints Prerequisites and Major obstacles — 366 Management consulting and IT consulting There is a relatively unclear line between management consulting and IT consulting.

There are sometimes overlaps between the two fields, but IT consultants often have degrees in computer science, electronics, technology, or management information systems while management consultants often have degrees in accounting, economics, Industrial Engineering, finance, or a generalized MBA (Masters in Business Administration).

According to the Institute for Partner Education & Development, IT consultants’ revenues come predominantly from design and planning based consulting with a mixture of IT and Business Consulting.

This is different from a Systems Integrator in that you do not normally take title to product.

Their value comes from their ability to integrate and support technologies as well as determining product and brands. References [1] Kathy Schwalbe.

Information Technology Project Management, Fourth Edition, 2005 [2] Kathy Schwalbe.

Information Technology Project Management, Fourth Edition, 2005 [3] Kilimanjaro Consulting.

Project Planning and Scoping. Information Technology Infrastructure Library The Information Technology Infrastructure Library (ITIL) is a set of concepts and practices for Information Technology Services Management (ITSM), Information Technology (IT) development and IT operations.

ITIL gives detailed descriptions of a number of important IT practices and provides comprehensive checklists, tasks and procedures that any IT organization can tailor to its needs.

ITIL is published in a series of books, each of which covers an IT management topic.

The names ITIL and IT Infrastructure Library are registered trademarks of the United Kingdom’s Office of Government Commerce (OGC). History Responding to growing dependence on IT, the UK Government’s Central Computer and Telecommunications Agency in the 1980s developed a set of recommendations.

It recognised that without standard practices, government agencies and private sector contracts were independently creating their own IT management practices.

The IT Infrastructure Library originated as a collection of books, each covering a specific practice within IT Service Management.

ITIL was built around a process-model based view of controlling and managing operations often credited to W.

Edwards Deming and his plan-do-check-act (PDCA) cycle.[1] After the initial publication in 1989–1996, the number of books quickly grew within ITIL v1 to over 30 volumes.

In 2000/2001, to make ITIL more accessible (and affordable), ITIL v2 consolidated the publications into 8 logical “sets” that grouped related process-guidelines to match different aspects of IT management, applications, and services.

However, the main focus was known as the Service Management sets (Service Support and Service Delivery) which were by far the most widely used, circulated, and understood of ITIL v2 publications. • In April 2001 the CCTA was merged into the Office of Government Commerce (OGC), an office of the UK Treasury.[2] • In 2006, the ITIL v2 glossary was published. • In May 2007, this organisation issued the version 3 of ITIL (also known as the ITIL Refresh Project) consisting of 26 processes and functions, now grouped under only 5 volumes, arranged around the concept of Service lifecycle structure. • In 2009, the OGC officially announced that ITIL v2 certification would be withdrawn and launched a major consultation as per how to proceed.[3] Information Technology Infrastructure Library 367 Overview of the ITIL v2 library The eight ITIL version 2 books and their disciplines are: The IT Service Management sets 1.

Service Support 2.

Service Delivery Other operational guidance 3.

ICT Infrastructure Management 4.

Security Management 5.

The Business Perspective 6.

Application Management 7.

Software Asset Management To assist with the implementation of ITIL practices a further book was published (Apr 9, 2002) providing guidance on implementation (mainly of Service Management): 8.

Planning to Implement Service Management And this has more recently (Jan 26, 2006) been supplemented with guidelines for smaller IT units, not included in the original eight publications: 9.

ITIL Small-Scale Implementation Service Support The Service Support[4] ITIL discipline focuses on the User of the ICT services and is primarily concerned with ensuring that they have access to the appropriate services to support the business functions.

To a business, customers and users are the entry point to the process model.

They get involved in service support by: • • • • Asking for changes Needing communication, updates Having difficulties, queries Real process delivery The service desk functions as the single contact-point for end-users’ incidents.

Its first function is always to “create” an incident.

If there is a direct solution, it attempts to resolve the incident at the first level.

If the service desk cannot solve the incident then it is passed to a 2nd/3rd level group within the incident management system.

Incidents can initiate a chain of processes: Incident Management, Problem Management, Change Management, Release Management and Configuration Management.

This chain of processes is tracked using the Configuration Management Database (CMDB), which records each process, and creates output documents for traceability (Quality Management). Information Technology Infrastructure Library Service Desk / Service Request Management Tasks include handling incidents and requests, and providing an interface for other ITSM processes.

Features include: • • • • • • single point of contact (SPOC) and not necessarily the first point of contact (FPOC) single point of entry single point of exit easier for customers data integrity streamlined communication channel 368 Primary functions of the Service Desk include: • incident control: life-cycle management of all service requests • communication: keeping the customer informed of progress and advising on workarounds The Service Desk function can have various names, such as: • Call Center: main emphasis on professionally handling large call volumes of telephone-based transactions • Help Desk: manage, co-ordinate and resolve incidents as quickly as possible at primary support level • Service Desk: not only handles incidents, problems and questions but also provides an interface for other activities such as change requests, maintenance contracts, software licenses, service-level management, configuration management, availability management, financial management and IT services continuity management The three types of structure for consideration: • Local Service Desk: to meet local business needs – practical only until multiple locations requiring support services are involved • Central Service Desk: for organisations having multiple locations – reduces operational costs and improves usage of available resources • Virtual Service Desk: for organisations having multi-country locations – can be situated and accessed from anywhere in the world due to advances in network performance and telecommunications, reducing operational costs and improving usage of available resources Incident Management Incident Management aims to restore normal service operation as quickly as possible and minimise the adverse effect on business operations, thus ensuring that the best possible levels of service-quality and -availability are maintained. ‘Normal service operation’ is defined here as service operation within Service Level Agreement (SLA) limits.

Incident Management can be defined as : An ‘Incident’ is any event which is not part of the standard operation of the service and which causes, or may cause, an interruption or a reduction of the quality of the service.

The objective of Incident Management is to restore normal operations as quickly as possible with the least possible impact on either the business or the user, at a cost-effective price.

Problem Management Problem Management aims to resolve the root causes of incidents and thus to minimise the adverse impact of incidents and problems on business that are caused by errors within the IT infrastructure, and to prevent recurrence of incidents related to these errors.

A ‘problem’ is an unknown underlying cause of one or more incidents, and a ‘known error’ is a problem that is successfully diagnosed and for which either a work-around or a permanent resolution has been identified.

The CCTA(Central Computer and Telecommunications Agency) defines problems and known errors as follows Information Technology Infrastructure Library A problem is a condition often identified as a result of multiple incidents that exhibit common symptoms.

Problems can also be identified from a single significant incident, indicative of a single error, for which the cause is unknown, but for which the impact is significant.

A known error is a condition identified by successful diagnosis of the root cause of a problem, and the subsequent development of a work-around.

Problem management differs from incident management.

The principal purpose of problem management is to find and resolve the root cause of a problem and thus prevent further incidents; the purpose of incident management is to return the service to normal level as soon as possible, with smallest possible business impact.

The problem-management process is intended to reduce the number and severity of incidents and problems on the business, and report it in documentation to be available for the first-line and second line of the help desk.

The proactive process identifies and resolves problems before incidents occur.

Such processes include: • Trend analysis; • Targeting support action; • Providing information to the organisation The Error Control Process iteratively diagnoses known errors until they are eliminated by the successful implementation of a change under the control of the Change Management process.

The Problem Control Process aims to handle problems in an efficient way.

Problem control identifies the root cause of incidents and reports it to the service desk.

Other activities are: • Problem identification and recording • Problem classification • Problem investigation and diagnosis A technique for identifying the root cause of a problem is to use an Ishikawa diagram, also referred to as a cause-and-effect diagram, tree diagram, or fishbone diagram.

Alternatively, a formal Root Cause Analysis method such as Apollo Root Cause Analysis can be implemented and used to identify causes and solutions.

An effective root cause analysis method and/or tool will provide the most effective/efficient solutions to address problems in the Problem Management process.

Change Management Change Management aims to ensure that standardised methods and procedures are used for efficient handling of all changes, A change is “an event that results in a new status of one or more configuration items (CIs)” approved by management, cost effective, enhances business process changes (fixes) – with a minimum risk to IT infrastructure.

The main aims of Change Management include: • Minimal disruption of services • Reduction in back-out activities • Economic utilisation of resources involved in the change 369 Information Technology Infrastructure Library Change Management Terminology • Change: the addition, modification or removal of CIs • Request for Change (RFC) or in older terminology Change Request (CR): form used to record details of a request for a change and is sent as an input to Change Management by the Change Requestor • Forward Schedule of Changes (FSC): schedule that contains details of all forthcoming Changes.

Release Management Release Management is used by the software migration team for platform-independent and automated distribution of software and hardware, including license controls across the entire IT infrastructure.

Proper software and hardware control ensures the availability of licensed, tested, and version-certified software and hardware, which functions as intended when introduced into existing infrastructure.

Quality control during the development and implementation of new hardware and software is also the responsibility of Release Management.

This guarantees that all software meets the demands of the business processes.

The goals of release management include: • Planning the rollout of software • Designing and implementing procedures for the distribution and installation of changes to IT systems • Effectively communicating and managing expectations of the customer during the planning and rollout of new releases • Controlling the distribution and installation of changes to IT systems Release management focuses on the protection of the live environment and its services through the use of formal procedures and checks.

A Release consists of the new or changed software and/or hardware required to implement approved changes.

Release categories include: • Major software releases and major hardware upgrades, normally containing large amounts of new functionality, some of which may make intervening fixes to problems redundant.

A major upgrade or release usually supersedes all preceding minor upgrades, releases and emergency fixes. • Minor software releases and hardware upgrades, normally containing small enhancements and fixes, some of which may have already been issued as emergency fixes.

A minor upgrade or release usually supersedes all preceding emergency fixes. • Emergency software and hardware fixes, normally containing the corrections to a small number of known problems.

Releases can be divided based on the release unit into: • Delta Release: a release of only that part of the software which has been changed.

For example, security patches. • Full Release: the entire software program is deployed—for example, a new version of an existing application. • Packaged Release: a combination of many changes—for example, an operating system image which also contains specific applications. — 372 IT Service Continuity Management IT service continuity management covers the processes by which plans are put in place and managed to ensure that IT Services can recover and continue even after a serious incident occurs.

It is not just about reactive measures, but also about proactive measures – reducing the risk of a disaster in the first instance.

Continuity management is regarded by the application owners as the recovery of the IT infrastructure used to deliver IT Services, but as of 2009 many businesses practice the much further-reaching process of Business Continuity Planning (BCP), to ensure that the whole end-to-end business process can continue should a serious incident occur (at primary support level).

Continuity management involves the following basic steps: • Prioritising the activities to be recovered by conducting a Business Impact Analysis (BIA) • Performing a Risk Assessment (aka risk analysis) for each of the IT Services to identify the assets, threats, vulnerabilities and countermeasures for each service. • Evaluating the options for recovery • Producing the Contingency Plan • Testing, reviewing, and revising the plan on a regular basis Availability Management Availability Management targets allowing organisations to sustain the IT service-availability to support the business at a justifiable cost.

The high-level activities are Realise Availability Requirements, Compile Availability Plan, Monitor Availability, and Monitor Maintenance Obligations.

Availability Management addresses the ability of an IT component to perform at an agreed level over a period of time. • Reliability: Ability of an IT component to perform at an agreed level at described conditions. • Maintainability: The ability of an IT component to remain in, or be restored to an operational state. • Serviceability: The ability for an external supplier to maintain the availability of component or function under a third-party contract. • Resilience: A measure of freedom from operational failure and a method of keeping services reliable.

One popular method of resilience is redundancy. • Security: A service may have associated data.

Security refers to the confidentiality, integrity, and availability of that data.

Availability gives a clear overview of the end-to-end availability of the system. Information Technology Infrastructure Library Financial Management for IT Services IT Financial Management comprises the discipline of ensuring that the IT infrastructure is obtained at the most effective price (which does not necessarily mean cheapest) and calculating the cost of providing IT services so that an organisation can understand the costs of its IT services.

These costs may then be recovered from the customer of the service.

This is the 2nd component of service delivery process. 373 ICT Infrastructure Management ICT Infrastructure Management[6] (“ICT” is an acronym for “Information and Communication Technology”) processes recommend best practice for requirements analysis, planning, design, deployment and ongoing operations management and technical support of an ICT Infrastructure.

The Infrastructure Management processes describe those processes within ITIL that directly relate to the ICT equipment and software that is involved in providing ICT services to customers. • • • • ICT Design and Planning ICT Deployment ICT Operations ICT Technical Support These disciplines are less well understood than those of Service Management and therefore often some of their content is believed to be covered ‘by implication’ in Service Management disciplines.

ICT Design and Planning ICT Design and Planning provides a framework and approach for the Strategic and Technical Design and Planning of ICT infrastructures.

It includes the necessary combination of business (and overall IS) strategy, with technical design and architecture.

ICT Design and Planning drives both the Procurement of new ICT solutions through the production of Statements of Requirement (“SOR”) and Invitations to Tender (“ITT”) and is responsible for the initiation and management of ICT Programmes for strategic business change.

Key Outputs from Design and Planning are: • • • • ICT Strategies, Policies and Plans The ICT Overall Architecture & Management Architecture Feasibility Studies, ITTs and SORs Business Cases ICT Deployment Management ICT Deployment provides a framework for the successful management of design, build, test and roll-out (deploy) projects within an overall ICT programme.

It includes many project management disciplines in common with PRINCE2, but has a broader focus to include the necessary integration of Release Management and both functional and non functional testing.

ICT Operations Management ICT Operations Management provides the day-to-day technical supervision of the ICT infrastructure.

Often confused with the role of Incident Management from Service Support, Operations has a more technical bias and is concerned not solely with Incidents reported by users, but with Events generated by or recorded by the Infrastructure.

ICT Operations may often work closely alongside Incident Management and the Service Desk, which are not-necessarily technical, to provide an ‘Operations Bridge’.

Operations, however should primarily work from documented processes and procedures and should be concerned with a number of specific sub-processes, such as: Output Management, Job Scheduling, Backup and Restore, Network Monitoring/Management, System Monitoring/Management, Database Monitoring/Management Storage Monitoring/Management.

Operations are responsible for the following: Information Technology Infrastructure Library • • • • • • A stable, secure ICT infrastructure A current, up to date Operational Documentation Library (“ODL”) A log of all operational Events Maintenance of operational monitoring and management tools.

Operational Scripts Operational Procedures 374 ICT Technical Support ICT Technical Support is the specialist technical function for infrastructure within ICT.

Primarily as a support to other processes, both in Infrastructure Management and Service Management, Technical Support provides a number of specialist functions: Research and Evaluation, Market Intelligence (particularly for Design and Planning and Capacity Management), Proof of Concept and Pilot engineering, specialist technical expertise (particularly to Operations and Problem Management), creation of documentation (perhaps for the Operational Documentation Library or Known Error Database).

There are different levels of support under the ITIL structure, these being primary support level, secondary support level and tertiary support level, higher-level administrators being responsible for support at primary level. Security Management The ITIL-process Security Management[7] describes the structured fitting of information security in the management organisation.

ITIL Security Management is based on the code of practice for information security management now known as ISO/IEC 27002.

A basic goal of Security Management is to ensure adequate information security.

The primary goal of information security, in turn, is to protect information assets against risks, and thus to maintain their value to the organisation.

This is commonly expressed in terms of ensuring their confidentiality, integrity and availability, along with related properties or goals such as authenticity, accountability, non-repudiation and reliability.

Mounting pressure for many organisations to structure their Information Security Management Systems in accordance with ISO/IEC 27001 requires revision of the ITIL v2 Security Management volume, and indeed a v3 release is in the works. Application Management ITIL Application Management[8] encompasses a set of best practices proposed to improve the overall quality of IT software development and support through the life-cycle of software development projects, with particular attention to gathering and defining requirements that meet business objectives.

This volume is related to the topics of Software Engineering and IT Portfolio Management. Software Asset Management Software Asset Management (SAM) is the practice of integrating people, processes and technology to allow software licenses and usage to be systematically tracked, evaluated and managed.

The goal of SAM is to reduce IT expenditures, human resource overhead and risks inherent in owning and managing software assets.

SAM practices include: • Maintaining software license compliance • Tracking inventory and software asset use • Maintaining standard policies and procedures surrounding definition, deployment, configuration, use, and retirement of software assets and the Definitive Software Library. Information Technology Infrastructure Library SAM represents the software component of IT asset management.

This includes hardware asset management because effective hardware inventory controls are critical to efforts to control software.

This means overseeing software and hardware that comprise an organisation’s computers and network. 375 Planning to Implement Service Management The ITIL discipline – Planning to Implement Service Management[9] attempts to provide practitioners with a framework for the alignment of business needs and IT provision requirements.

The processes and approaches incorporated within the guidelines suggest the development of a Continuous Service Improvement Program (CSIP) as the basis for implementing other ITIL disciplines as projects within a controlled program of work.

Planning to Implement Service Management focuses mainly on the Service Management processes, but also applies generically to other ITIL disciplines.components include: • • • • creating vision analyzing organisation setting goals implementing IT service management Small-Scale Implementation ITIL Small-Scale Implementation[10] provides an approach to ITIL framework implementation for smaller IT units or departments.

It is primarily an auxiliary work that covers many of the same best practice guidelines as Planning to Implement Service Management, Service Support, and Service Delivery but provides additional guidance on the combination of roles and responsibilities, and avoiding conflict between ITIL priorities. Overview of the ITIL v3 library ITIL v3 is an extension of ITIL v2 and will fully replace it following the completion of the withdrawal period on 30 June 2011 [11].

ITIL v3 provides a more holistic perspective on the full life cycle of services, covering the entire IT organisation and all supporting components needed to deliver services to the customer, whereas v2 focused on specific activities directly related to service delivery and support.

Most of the v2 activities remained untouched in v3, but some significant changes in terminology were introduced in order to facilitate the expansion.

Five volumes comprise the ITIL v3, published in May 2007: 1.

ITIL Service Strategy[12] 2.

ITIL Service Design[13] 3.

ITIL Service Transition[14] 4.

ITIL Service Operation[15] 5.

ITIL Continual Service Improvement[16] Service Strategy As the center and origin point of the ITIL Service Lifecycle, the ITIL Service Strategy volume[12] provides guidance on clarification and prioritisation of service-provider investments in services.

More generally, Service Strategy focuses on helping IT organisations improve and develop over the long term.

In both cases, Service Strategy relies largely upon a market-driven approach.

Key topics covered include service value definition, business-case development, service assets, market analysis, and service provider types.

List of covered processes: • Service Portfolio Management [17] • Demand Management • IT Financial Management [18] Information Technology Infrastructure Library 376 Service Design The ITIL Service Design volume[13] provides good-practice guidance on the design of IT services, processes, and other aspects of the service management effort.

Significantly, design within ITIL is understood to encompass all elements relevant to technology service delivery, rather than focusing solely on design of the technology itself.

As such, Service Design addresses how a planned service solution interacts with the larger business and technical environments, service management systems required to support the service, processes which interact with the service, technology, and architecture required to support the service, and the supply chain required to support the planned service.

Within ITIL v2, design work for an IT service is aggregated into a single Service Design Package (SDP).

Service Design Packages, along with other information about services, are managed within the service catalogues.

List of covered processes: • • • • • • • Service Catalogue Management Service Level Management Risk Management Capacity Management Availability Management IT Service Continuity Management Information Security Management • Compliance Management • IT Architecture Management • Supplier Management Service Transition Service transition, as described by the ITIL Service Transition volume,[14] relates to the delivery of services required by a business into live/operational use, and often encompasses the “project” side of IT rather than “BAU” (Business as usual).

This area also covers topics such as managing changes to the “BAU” environment.

List of processes: • • • • • • Service Asset and Configuration Management Service Validation and Testing Evaluation Release Management Change Management Knowledge Management Service Operation Best practice for achieving the delivery of agreed levels of services both to end-users and the customers (where “customers” refer to those individuals who pay for the service and negotiate the SLAs).

Service operation, as described in the ITIL Service Operation volume,[15] is the part of the lifecycle where the services and value is actually directly delivered.

Also the monitoring of problems and balance between service reliability and cost etc.

Are considered.

The functions include technical management, application management, operations management and Service Desk as well as, responsibilities for staff engaging in Service Operation.

List of processes: • Event Management • Incident Management • Problem Management. • Request Fulfilment Information Technology Infrastructure Library • Access Management 377 Continual Service Improvement (CSI) Aligning and realigning IT services to changing business needs (because standstill implies decline).

Continual Service Improvement, defined in the ITIL Continual Service Improvement volume,[16] aims to align and realign IT Services to changing business needs by identifying and implementing improvements to the IT services that support the Business Processes.

The perspective of CSI on improvement is the business perspective of service quality, even though CSI aims to improve process effectiveness, efficiency and cost effectiveness of the IT processes through the whole lifecycle.

To manage improvement, CSI should clearly define what should be controlled and measured.

CSI needs to be treated just like any other service practice.

There needs to be upfront planning, training and awareness, ongoing scheduling, roles created, ownership assigned,and activities identified to be successful.

CSI must be planned and scheduled as process with defined activities, inputs, outputs, roles and reporting.

List of processes: • Service Level Management • Service Measurement and Reporting • Continual Service Improvement Criticisms of ITIL ITIL has been criticised on several fronts, including: • The books are not affordable for non-commercial users • Accusations that many ITIL advocates think ITIL is “a holistic, all-encompassing framework for IT governance” • Accusations that proponents of ITIL indoctrinate the methodology with ‘religious zeal’ at the expense of pragmatism • Implementation and credentialing requires specific training • Debate over ITIL falling under BSM or ITSM frameworks Rob England (also known as “IT Skeptic”) has criticised the protected and proprietary nature of ITIL [19].

He urges the publisher, OGC, to release ITIL under the Open Government Licence (OGL)[20] CIO Magazine columnist Dean Meyer has also presented some cautionary views of ITIL,[21] including five pitfalls such as “becoming a slave to outdated definitions” and “Letting ITIL become religion.” As he notes, “…it doesn’t describe the complete range of processes needed to be world class.

It’s focused on …

Managing ongoing services.” In a 2004 survey designed by Noel Bruton (author of “How to Manage the IT Helpdesk” and “Managing the IT Services Process”), organisations adopting ITIL were asked to relate their actual experiences in having implemented ITIL.

Seventy-seven percent of survey respondents either agreed or strongly agreed that “ITIL does not have all the answers”.

ITIL exponents accept this, citing ITIL’s stated intention to be non-prescriptive, expecting organisations to engage ITIL processes with existing process models.

Bruton notes that the claim to non-prescriptiveness must be, at best, one of scale rather than absolute intention, for the very description of a certain set of processes is in itself a form of prescription.[22] While ITIL addresses in depth the various aspects of Service Management, it does not address enterprise architecture in such depth.

Many of the shortcomings in the implementation of ITIL do not necessarily come about because of flaws in the design or implementation of the Service Management aspects of the business, but rather the wider architectural framework in which the business is situated.

Because of its primary focus on Service Management, ITIL has limited utility in managing poorly designed enterprise architectures, or how to feed back into the design of the enterprise architecture. Information Technology Infrastructure Library Closely related to the Architectural criticism, ITIL does not directly address the business applications which run on the IT infrastructure; nor does it facilitate a more collaborative working relationship between development and operations teams.

The trend toward a closer working relationship between development and operations is termed: DevOps.

This trend is related to increased application release rates and the adoption of Agile software development methodologies.

Traditional service management processes have struggled to support increased application release rates – due to lack of automation – and/or highly complex enterprise architecture.

Some researchers group ITIL with Lean, Six Sigma and Agile IT operations management.

Applying Six Sigma techniques to ITIL brings the engineering approach to ITIL’s framework.

Applying Lean techniques promotes continuous improvement of the ITIL’s best practices.

However, ITIL itself is not a transformation method, nor does it offer one.

Readers are required to find and associate such a method.

Some vendors have also included the term Lean when discussing ITIL implementations, for example “Lean-ITIL”.

The initial consequences of an ITIL initiative tend to add cost with benefits promised as a future deliverable.

ITIL does not provide usable methods “out of the box” to identify and target waste, or document the customer value stream as required by Lean, and measure customer satisfaction. 378 Frameworks Related to ITIL A number of frameworks exist in the field of IT Service Management alongside ITIL. ITIL Descendants The Microsoft Operations Framework (MOF) is based on ITILv2.

While ITIL deliberatly aims to be platform agnostic, MOF is designed by Microsoft to provide a common management framework for its products.

Microsoft has mapped MOF to ITIL as part of their documentation of the framework.[23] The British Educational Communications and Technology Agency (BECTA) used ITIL as the basis for their development of Framework for ICT Technical Support [24] (FITS).

Their aim was to develop a framework appropriate for British schools which often have very small IT departments.

FITS became independent from BECTA in 2009. Other Frameworks ITIL is generally equivalent to the scope of the ISO/IEC 20000 standard (previously BS 15000).[25] .

While it is not possible for an organization to be certified as being ITIL compliant, certification of an organisation is available for ISO20000 [26].

COBIT is an IT governance framework and supporting toolset developed by ISACA.

ISACA view ITIL as being complimentory to COBIT.

They see COBIT as providing a governance and assurance role while ITIL providing guidance for service management.[27] The enhanced Telecom Operations Map eTOM published by the TeleManagement Forum offers a framework aimed at telecommunications service providers.

In a joined effort, TM Forum and itSMF developed an Application Note to eTOM (GB921) that shows how the two frameworks can be mapped to each other.

It addresses how eTom process elements and flows can be used to support the processes identified in ITIL.[28] [29] IBM Tivoli Unified Process (ITUP) is aligned with ITIL, but is presented as a complete, integrated process model compatible with IBM’s products. Information Technology Infrastructure Library 379 Certification Individuals The certification scheme differs between ITIL v2 and ITIL v3 and bridge examinations let v2 certification owners transfer to the new program.

ITIL v2 offers 3 certification levels: Foundation, Practitioner and Manager.

These should be progressively discontinued in favour of the new ITIL v3 scheme.

ITIL v3 certification levels are: Foundation, Intermediate, Expert and Master.

The ITIL v3 certification scheme offers a modular approach.

Each qualification is assigned a credit value; so that upon successful completion of the module, the candidate is rewarded with both a certification and a number of credits.

At the lowest level – Foundation candidates are awarded a certification and 2 credits.

At the Intermediate level, a total of 15 credits must be earned.

These credits may be accumulated in either a “Lifecycle” stream or a “Capability” stream; or combination thereof.

Each Lifecycle module and exam is 3 An ITIL Foundation certificate pin.


Each Capability module and corresponding exam is 4 credits.

A candidate wanting to achieve the Expert level will have, among other requirements, to gain the required number of credits (22).

That is accomplished with two from Foundations, then 15 from Intermediate, and finally 5 credits from the “Managing Across the Lifecycle” exam.

Together, the total of 22 earned credits designates one as ITIL v. 3 Expert.[30] The ITIL Certification Management Board (ICMB) manages ITIL certification.

The Board includes representatives from interested parties within the community around the world.

Members of the Board include (though are not limited to) representatives from the UK Office of Government Commerce (OGC), APM Group (APMG), The Stationery Office (TSO), V3 Examination Panel, Examination Institutes (EIs) and the IT Service Management Forum International (itSMF) as the recognised user group.[31] Since the early 1990s, EXIN and ISEB have been setting up the ITIL based certification program, developing and providing ITIL exams at three different levels: Foundation, Practitioner and Manager.

EXIN[32] and BCS/ISEB[33] (the British Computer Society) have from that time onwards been the only two examination providers in the world to develop formally acknowledged ITIL certifications, provide ITIL exams and accredit ITIL training providers worldwide.

These rights were obtained from OGC, the British government institution and owner of the ITIL trademark.

OGC signed over the management of the ITIL trademark and the accreditation of examination providers to APMG in 2006.

Now, after signing a contract with EXIN[32] , BCS/ISEB and other certification bodies, APMG is accrediting them as official examination bodies, to offer ITIL exams and accredit ITIL training providers.

On July 20, 2006, the OGC signed a contract with the APM Group [34] to become its commercial partner for ITIL accreditation from January 1, 2007.[35] APMG manage the ITIL Version 3 exams.

APMG maintains a voluntary register of ITIL Version 3-certified practitioners at their Successful Candidate Register.[36] A voluntary registry of ITIL Version 2-certified practitioners is operated by the ITIL Certification Register.[37] Information Technology Infrastructure Library 380 ITIL® pins It has been a well-known tradition for years that passing an EXIN exam in IT Service Management (based on ITIL®) does not only result in a certificate, but is also accompanied by the presentation of a metal pin which can be attached to a shirt or jacket.

This distinguishing badge with basic gold colour is set in the form of the internationally well-known ITIL®-logo.

The ITIL® pins consist of small diamond like structure that is accepted worldwide.

The meaning and the shape of the diamond depicts coherence in the IT industry (infrastructure as well).

The four corners of the pin symbolises service support, service delivery, Infrastructure Management and IT Management.

There are three colours of ITIL® V2 pins: 1.

Green, for the Foundation Certificate 2.

Blue, for the Practitioner’s Certificate 3.

Red, for the Manager’s Certificate Exam candidates who have successfully passed the examinations for ITIL® version 2 will receive their appropriate pin from EXIN or their certification provider regional office or agent.

With the arrival of ITIL® V3, there are several new pins to display your achievements.

As of July 2008, EXIN and all certification providers will also provide ITIL® pins to exam candidates who have obtained ITIL® version 3 certificates.

The new pins are very similar to ITIL® V2 pins, but every level has a different color corresponding to the ITIL® V3 core books. Organisations Organisations and management systems cannot claim certification as “ITIL-compliant”.

An organisation that has implemented ITIL guidance in IT Service Management (ITSM), may however, be able to achieve compliance with and seek certification under ISO/IEC 20000.

Note that there are some significant differences between ISO/IEC20000 and ITIL Version 3[38] • ISO20000 only recognises the management of financial assets, not assets which include “management, organisation, process, knowledge, people, information, applications, infrastructure and financial capital”, nor the concept of a “service asset”.

So ISO20000 certification does not address the management of ‘assets’ in an ITIL sense. • ISO20000 does not recognise Configuration Management System (CMS) or Service Knowledge Management System (SKMS), and so does not certify anything beyond Configuration Management Database (CMDB). • An organisation can obtain ISO20000 certification without recognising or implementing the ITIL concept of Known Error, which is usually considered essential to ITIL. References [1] David Clifford, Jan van Bon (2008).

Implementing ISO/IEC 20000 Certification: The Roadmap.

ITSM Library.

Van Haren Publishing.

ISBN 908753082X. [2] Office of Government Commerce (UK) CCTA and OGC (http:/ / www.ogc.


Uk/ index.


Retrieved May 5, 2005. [3] Office of Government Commerce (UK) (http:/ / www.ogc.


Uk/ guidance_itil.


Retrieved August 19, 2009. [4] Office of Government Commerce (2000).

Service Support.

The Stationery Office.

ISBN 0113300158. [5] Office of Government Commerce (2001).

Service Delivery.

IT Infrastructure Library.

The Stationery Office.

ISBN 0113300174. [6] Office of Government Commerce (2002).

ICT Infrastructure Management.

The Stationery Office.

ISBN 0113308655. [7] Cazemier, Jacques A.; Overbeek, Paul L.; Peters, Louk M. (2000).

Security Management.

The Stationery Office.

ISBN 011330014X. [8] Office of Government Commerce (2002).

Application Management.

The Stationery Office.

ISBN 0113308663. [9] Office of Government Commerce (2002).

Planning to Implement Service Management.

The Stationery Office.

ISBN 0113308779. [10] Office of Government Commerce (2005).

ITIL Small Scale Implementation.

The Stationery Office.

ISBN 0113309805. [11] http:/ / www.ogc.


Uk/ itil_ogc_withdrawal_of_itil_version2.

Asp [12] Majid Iqbal and Michael Nieves (2007).

ITIL Service Strategy.

The Stationery Office.

ISBN 9780113310456. [13] Vernon Lloyd and Colin Rudd (2007).

ITIL Service Design.

The Stationery Office.

ISBN 9780113310470. [14] Shirley Lacy and Ivor Macfarlane (2007).

ITIL Service Transition.

The Stationery Office.

ISBN 9780113310487. [15] David Cannon and David Wheeldon (2007).

ITIL Service Operation.

The Stationery Office.

ISBN 9780113310463. Information Technology Infrastructure Library [16] George Spalding and Gary Case (2007).

ITIL Continual Service Improvement.

The Stationery Office.

ISBN 9780113310494. [17] http:/ / wiki.

En. index.

Php/ Service_Portfolio_Management [18] http:/ / wiki.

En. index.

Php/ Financial_Management [19] http:/ / free-itil [20] http:/ / www.nationalarchives.


Uk/ doc/ open-government-licence/ open-government-licence.

Htm [21] Meyer, Dean, 2005. “Beneath the Buzz: ITIL” (http:/ / web. web/ 20050404165524/ http:/ / leadership/ buzz/ column.

Html?ID=4186), CIO Magazine, March 31, 2005 [22] Survey: “The ITIL Experience – Has It Been Worth It”, author Bruton Consultancy 2004, published by Helpdesk Institute Europe, The Helpdesk and IT Support Show, and Hornbill Software. [23] Microsoft Operations Framework; Cross Reference ITIL V3 and MOF 4.0 (http:/ / go. fwlink/ ?LinkId=151991).

Microsoft Corporation.

May 2009. . [24] http:/ / [25] Van Bon, Jan; Verheijen, Tieneke (2006), Frameworks for IT Management (http:/ / books. books?id=RV3jQ16F1_cC), Van Haren Publishing, ISBN 9789077212905, [26] http:/ / newsletters/ DITYvol2iss3.

Htm [27] ISACA (2008), COBIT Mapping: Mapping of ITIL V3 With COBIT 4.1 (http:/ / Knowledge-Center/ Research/ ResearchDeliverables/ Pages/ COBIT-Mapping-Mapping-of-ITIL-V3-With-COBIT-4-1.

Aspx), ITGI, ISBN 9781604200355, [28] Brooks, Peter (2006), Metrics for IT Service Management (http:/ / books. books?id=UeWDivqKcm0C), Van Haren Publishing, pp. 76–77, ISBN 9789077212691, [29] Morreale, Patricia A.; Terplan, Kornel (2009), “ Matching ITIL to eTOM” (http:/ / books. books?id=VEp0aMmH3iQC), CRC Handbook of Modern Telecommunications, Second Edition (2 ed.), CRC Press, ISBN 9781420078008, [30] ITIL V3 Qualification Scheme (http:/ / Qualifications/ ITILV3QualificationScheme.


OGC Official Site. .

Retrieved 2011-05-02. [31] APMG (2008). “ITIL Service Management Practices: V3 Qualifications Scheme” (http:/ / nmsruntime/ saveasdialog.

Asp?lID=572& sID=86). .

Retrieved 24 February 2009. [32] “EXIN Exams” (http:/ / ).

EXIN Exams. .

Retrieved 2010-01-14. [33] “ISEB Professionals Qualifications, Training, Careers BCS – The Chartered Institute for IT” (http:/ / server.

Php?show=nav. 5732).

BCS. .

Retrieved 2010-01-14. [34] http:/ / [35] Office of Government Commerce (2006). “Best Practice portfolio: new contracts awarded for publishing and accreditation services” (http:/ / www.ogc.


Uk/ About_OGC_news_4906.

Asp). .

Retrieved 19 September 2006. [36] http:/ / www.apmgroup.


Uk/ ITILSCRquery.

Asp [37] http:/ / [38] Office of Government Commerce (2008). “Best Management Practice: ITIL V3 and ISO/IEC 20000” (http:/ / gempdf/ ITIL_and_ISO_20000_March08.

Pdf). .

Retrieved 24 February 2009. 381 External links • Official ITIL Website ( • The OGC website ( Information technology planning 382 Information technology planning Information Technology Planning is a discipline within the Information Technology domain and is concerned with making the planning process for information technology investments and decision-making a quicker, more flexible, and more thoroughly aligned process.[1] According to Architecture & Governance Magazine, (Strategic) IT planning has become an overarching discipline within the Strategic Planning domain in which enterprise architecture is now one of several capabilities.[2] Arguments for Information Technology Planning IT takes too long to adjust plans to meet business needs.

By the time IT is prepared, opportunities have passed and the plans are obsolete.

IT doesn’t have the means to understand how it currently supports business strategy.

The linkage between IT’s capabilities — and their associated costs, benefits, and risks — and business needs is not mapped out.

Additionally, information gathering and number crunching hold the process back.[1] IT makes plans that don’t reflect what IT will actually do or what the business actually needs.

In the end, business doesn’t understand how IT contributes to the execution of strategy.

IT doesn’t start planning with a clear picture of which demand is truly strategic or which actions will have the biggest impact.

Information regarding business needs and the costs, benefits, and risks of IT capabilities comes from sources of varying quality.

IT then makes planning decisions based on misleading information.[1] IT’s plans often end up rigid and unverifiable.

Plans don’t include contingencies that reduce the impact of change, nor have they been verified as the best plan of action via comparison to alternatives and scenarios.

IT simply doesn’t have the time and information for it.

Manually preparing multiple plans and selecting the best one would take too long for most organizations — especially considering the availability of the information needed for a comparison.[1] Strategies for Providing an Information Technology Planning Capability According to Forrester Research, there are several recognized strategies for providing an information technology planning capability[1] .

A repository of application data.

Planning tools provide a common inventory of application data including costs, life cycles, and owners, so that planners have easy access to the information that drives their decisions.

Capability maps.

Forrester recommends using capability maps to link IT’s capabilities to the critical business processes they support.

These software tools provide a graphical tool that clearly outlines how the business capabilities that IT provides to the business are linked to IT’s efforts.

This can also be known as an IT Roadmap or technology roadmap Gap analysis tools.

Alongside capability maps, planning tools capture information about the future state of business capabilities as dictated by business strategy.

Users leverage this functionality to identify the areas where IT capabilities need to be built, enhanced, or scaled back — driving IT’s strategy.

Modeling and analytic capability.

These tools enable planning teams to create a variety of plans, which can then be compared to one another to weigh the pros, cons, and risks of each.

In addition, their impact on architecture and current initiatives becomes visible.

This keeps plans relevant, provides teams with the foresight to plan holistically, and enables IT to communicate the plan clearly.

Reporting tools.

Reports guide the planning team’s decisions — for example, which applications have redundant capabilities, have not been upgraded, or are plagued with costly issues.

IT’s strategic decisions are therefore more easily justified. Information technology planning — Results of Information Technology Planning Companies like Barclays Bank, Accenture and Vodafone as well as Government agencies like Department of Homeland Security and Los Alamos National Laboratory, have made investments in strategic IT planning capabilities and returns on investment as great as 700% have been validated for these kinds of projects.[3] References [1] Sharyn Leaver (2009), Tools For IT Planning, Forrester Research [2] The 2008 A&G Reader Survey: The Rise of Strategic IT Planning and Executive Involvement, Architecture & Governance Magazine [3] Strategic IT Planning Comes of Age, April 2009, Architecture & Governance Magazine External links • Forrester Research, Tools for IT Planning ( 0,7211,54110,00.html) • The 2008 A&G Reader Survey: The Rise of Strategic IT Planning and Executive Involvement, Architecture & Governance Magazine ( 2008-ag-reader-survey-rise-strategic-it-planning-and-executive-involvement) • The Forrester Wave: Business Process Analysis, EA Tools, And IT Planning, Q1 2009 (™_business_process_analysis,_ea_tools,_and/q/id/46208/t/2) • Strategic IT Planning Comes of Age, April 2009, Architecture & Governance Magazine (â??-new-forrester-analysis) Infra Corporation Infra Corporation is a division of EMC Corporation that produces infraEnterprise, which is a multi-tier web-based IT Service Management software tool.

The software is based on the IT Infrastructure Library (ITIL) and it implements a number of ITIL processes, including Service Desk management (including Incident Management and Problem Management), Change Management, Release Management, Configuration Management (including Federated CMDB), Availability Management and Service Level Management.

The tool also includes a knowledge base module (known as the “knowledge bank”), which complies with principles of KCS (Knowledge Centered Support).

Infra Corporation was first established in 1991 in Australia, and now has regional head offices in North America, Australia, the UK and Europe and a worldwide network of partners and distributors.[1] Infra was acquired by Hopkinton, Massachusetts-based EMC Corporation on March 10, 2008,[2] in a move viewed by analysts as part of EMC’s ongoing strategy to establish itself as an IT management solution provider.[3] In 2002 infraEnterprise was awarded PinkVerify ITIL certification from Pink Elephant, an independent consulting firm specialising in ITIL and PRINCE2.[4] [1] Infra has won a number of awards.

In 2007, they were awarded the Network Computing magazine “Helpdesk Product of the Year” for infraEnterprise,[5] and were awarded HDI’s Best Business Use of Business Support Technology in 2006 at the 11th Annual Help Desk and IT Support Excellence Awards.[6] Infra Corporation 384 References [1] History of Infra Corporation (http:/ / www.infra.


Uk/ company/ ), Infra Corporation.

Access 24th August, 2007. [2] “Press Release: EMC Acquires Leading IT Service Management (ITSM) Software Provider, Infra” (http:/ / about/ news/ press/ 2008/ 20080310-03.

Htm). .

Retrieved 2008-09-15. [3] Jander, Mary (2008-03-11). “EMC Buys IT Service Desk Player Infra” (http:/ / document.

Asp?doc_id=148072& f_src=byteandswitch_FinancialContent).

Byte and Switch. .

Retrieved 2008-09-15. “Today’s news centers attention on EMC’s ongoing effort to reshape itself not only as a maker of storage products, but as a provider of ‘information infrastructure solutions.’ In pursuit of this goal, EMC’s waging a multi-pronged campaign to buy its way into product areas where it lacks presence.” [4] PinkVerify Toolset list (https:/ / en-US/ ResourceCenter/ PinkVerify/ PinkVerifyToolset.

Htm), Pink Elephant.

Accessed 24th August, 2007. [5] Network Computing Magazine, “Network Computing Award”.

Vol 16 No 02.

Page 18. [6] HDI (11 May 2006). “Infra Corporation wins HDI’s Best Business Use of Business Support Technology” (http:/ / research/ pressrel.


Press release. .

Retrieved 2007-08-24. External links • Infra Corporation ( • Infra Benelux ( • Infra France ( Integrated Data Management Integrated Data Management (IDM) is a tools approach to facilitate data management and improve performance.

IDM consists of an integrated, modular environment to manage enterprise application data, and optimize data-driven applications.

It manages data over its lifetime, from requirements to retirement. Data life cycle — • Fragmented Management Across The Data Life Cycle Increases Cost And Risk ( – A commissioned study conducted by Forrester Consulting on behalf of IBM October 2008 External links • Integrated Data Management: Managing data across its lifecycle ( library/techarticle/dm-0807hayes/?S_TACT=105AGX11&S_CMP=FP#ibm-content) from Holly Hayes • Organizations thrive on Data ( mainframe_20090708/index.php#/34) by Eric Naiburg • IBM’s IDM Solutions ( Intelligent device management 386 Intelligent device management Intelligent device management is a term used for enterprise software applications that allow equipment manufacturers to monitor and manage remote equipment, systems and products via the Internet.

Another term for intelligent device management is remote device management (RDM) while strategic service management describes the service.

IDM extends IT service management to on-site devices and can support standard service processes, such as Incident, Problem, Change, Configuration Management as defined by ITIL.

This technology is commonly used by ATM and self-service kiosk companies. External links • Machine 2 Enterprise [1] – Blog on Building Management Systems References [1] http:/ / Intelligent workload management Intelligent workload management (IWM)[1] is an emerging paradigm for IT systems management arising from the intersection of dynamic infrastructure, virtualization, identity management, and the discipline of software appliance development.

IWM enables the management and optimization of computing resources in a secure and compliant manner across physical, virtual and cloud environments to deliver business services for end customers.

The IWM paradigm builds on the traditional concept of workload management whereby processing resources are dynamically assigned to tasks, or “workloads,” based on criteria such as business process priorities (for example, in balancing business intelligence queries against online transaction processing[2] ), resource availability, security protocols, or event scheduling, but extends the concept into the structure of individual workloads themselves. Definition of Workload In the context of IT systems and data center management, a “workload” can be broadly defined as “the total requests made by users and applications of a system.” [3] However, it is also possible to break down the entire workload of a given system into sets of self-contained units.

Such a self-contained unit constitutes a “workload” in the narrow sense: an integrated stack consisting of application, middleware, database, and operating system devoted to a specific computing task.

Typically, a workload is “platform agnostic,” meaning that it can run in physical, virtual or cloud computing environments.

Finally, a collection of related workloads which allow end users to complete a specific set of business tasks can be defined as a “business service.”[4] Making the Workload “Intelligent” A workload is considered “intelligent” when it a) understands its security protocols and processing requirements so it can self-determine whether it can deploy in the public cloud, the private cloud or only on physical machines; b) recognizes when it is at capacity and can find alternative computing capacity as required to optimize performance; c) carries identity and access controls as well as log management and compliance reporting capabilities with it as it moves across environments; and d) is fully integrated with the business service management layer, ensuring that end user computing requirements are not disrupted by distributed computing resources, and working with current and Intelligent workload management emergent IT management frameworks. 387 Intelligent Workloads and Security in the Cloud The deployment of individual workloads and workload-based business services in the “hybrid distributed data center,”[5] – including physical machines, data centers, private clouds, and the public cloud – raises a host of issues for the efficient management of provisioning, security, and compliance.

By making workloads “intelligent” so that they can effectively manage themselves in terms of where they run, how they run, and who can access them, intelligent workload management addresses these issues in a way that is efficient, flexible, and scalable. References [1] “IT Management Software Market Update” (http:/ / blogs. vendor_strategy/ 2009/ 10/ it-management-software-market-update.



October 26, 2009. .

Retrieved 2009-11-12. [2] “Dynamic workload management for very large data warehouses: juggling feathers and bowling balls” (http:/ / portal. citation.


VLDB Endowment. 2007. .

Retrieved 2008-11-12. [3] “What Is Your Definition of Database Workload?” (http:/ / features/ oracle/ article.

Php/ 3794731/ What-Is-Your-Definition-of-Database-Workload.


Database Journal.

January 8, 2009. .

Retrieved 2009-11-15. [4] “IT Services, Business Services, Services…what’s next?” (http:/ / www.communities. online/ blogs/ itil/ archive/ 2008/ 03/ 03/ HPPost5853.


HP ITIL v3 Community Blog.

March 3, 2008. .

Retrieved 2009-11-15. [5] “The Hybrid Distributed Data Center -er- Cloud?” (http:/ / blogs. jasoncatsun/ entry/ the_hybrid_distributed_data_center).

Sun Microsystmes.

October 1, 2009. .

Retrieved 2009-11-15. International Association for Human Resource Information Management The International Association for Human Resource Information Management (IHRIM) is a professional association for information management in human resources founded in 1980. External links • IHRIM home page [1] Formed when HR and IT professionals found themselves needing mediators, IHRIM is the only Professional Human Resource Association dedicated to the HRIS and HR Technology professions.

IHRIM is the clearinghouse for the HRIM (Human Resource Information Management) industry.

Today, IHRIM is a community of experts – a dynamic group of practitioners, vendors, consultants, students, and faculty that continues to grow. • Human Resource Information Management Foundation [2] The Human Resource Information Management (HRIM) Foundation is an independent, charitable, 501(c)(3) organization chartered with promoting scholarships, research and education to drive innovation, and the use of technology and information management in the human resource (HR) profession.

One of our recent achievements has been to fund the development of the only professional certification program designed to solidify and enhance the HRMS profession – the Human Resource Information Professional (HRIP) Certification Program.

Future plans include to: • Fund scholarly publications on specific HR and HRIM issues. • Encourage development of educational programs and course curriculum to advance the HRIM profession. • Conduct research and development activities related to HRIM and the needs of HR systems professionals.

For additional information about the HRIM Foundation’s initiatives or to inquire about donation opportunities, International Association for Human Resource Information Management 388 References [1] http:/ / [2] http:/ / index.

Php?option=com_content& task=view& id=140& Itemid=184 The International Records Management Trust — 392 ISO/IEC 19770 ISO/IEC 19770 is an international standard about Software Asset Management (SAM) and consists of three parts. 1.

ISO/IEC 19770-1 is a process framework to enable an organization to prove that it is performing software asset management to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT service management overall. 2.

ISO/IEC 19770-2 provides a software asset management (SAM) data standard for software identification tags. 3.

ISO/IEC 19770-3 will provide a software asset management (SAM) data standard for software licensing entitlement tags. ISO/IEC 19770-1: Processes ISO/IEC 19770-1 is a framework of Software Asset Management (SAM) processes to enable an organization to prove that it is performing software asset management to a standard sufficient to satisfy corporate governance requirements and ensure effective support for IT service management overall.

This part of ISO/IEC 19770-1 describes the life cycle processes for the management of software and related assets.[1] [2] ISO/IEC 19770-2: Software identification tag ISO/IEC 19770-2 provides a software asset management (SAM) data standard for software identification tags.

Software ID tags provide authoritative identifying information for installed software or other licensable item (such as fonts, or copyrighted papers).

This process starts with the software manufacturer/publisher who will use this standard to enable their software to be accurately identified, making the software significantly more manageable from a software asset management perspective.

This standard provides much more than just software identification however, by allowing other members of the SAM eco-system to add their own attributes to the software identification process (including who distributed the software, who may have re-packaged the software, if the software is following an ISO 20000 / ITIL release process, etc).

A draft of this standard was initially developed by a committee of the International Business Software Managers Association (IBSMA).

The last version of the draft standard created by the IBSMA committee went out for public review in May 2007.

In October 2007, members of ISO/IEC Working Group 21 (ISO/IEC JTC 1/SC 7/WG 21) met in Montreal and created an “other working group” (OWG) to continue the development of the 19770-2 standard with the goal of finalizing the standard in time for the ISO Plenary meeting to be held in May of 2008 in Berlin.

At that time, Steve Klos of Agnitio Advisors, was appointed as the convener of the other working group (OWG).

In late December 2007, the OWG was allowed to restart work on the standard.

According to the schedule ISO/IEC JTC1/SC7 plenary meeting took place in Berlin May 18th – 23rd, 2008.

The JTC1/SC7 resolutions included appointment of Krzysztof (Chris) Baczkiewicz, IT Standards Support Department Manager for Eracent, as the Project Editor of both 19770-2 Software Identification Tag and 19770-3 Software Entitlement Tag standards.

When the standard progressed through the final committee draft vote, the document as submitted at that time received enough votes to be accepted as a final draft international standard (FDIS).

However, a number of useful comments had been provided by organizations such as IAITAM and ISACA as well as from the British, US and Japanese delegations which the OWG felt would add value to the standard.

These changes were made and were reviewed and approved by everyone who submitted suggestions to the FCD.

In May of 2009, Working Group 21 approved the standard to move into Final Draft International Status. ISO/IEC 19770 This standard is currently going into ISO/IEC stage 5 – the Approval stage and is under ISO/IEC copyright control.

During this phase of the standards development process which is expected to last until August of 2009, the draft is available from liaison organizations to WG21 which include IAITAM, itSMF, ISACA and the BSA for review purposes.

The draft is only available to members of these organizations, no unrestricted public download of the draft is allowed.

Any suggested changes to the draft are made through a formal ISO/IEC review process.

The next step in the standards development process is for ISO/IEC to submit this draft standard as a final draft international standard (FDIS).

This final draft is voted on by national bodies, however this is only an approval/disapproval vote, no comments are accepted.

If the standard is approved, it will then go through one final round of ISO editorial review, then it will be published as an international standard.

While the document is in stage 5, a non-profit organization called[3] was formed.

The organization was formed under IEEE-ISTO[4] with the initial founding members being Symantec, CA and ModusLinkOCS.

The organization will act as the registration authority for ISO/IEC 19770-2 software identifiation tags (SWID Tags) and will provide tools and services allowing all SAM eco-system members to take advantage of SWID tags faster, with a lower cost and with more industry compatibility than would otherwise be possible. 393 ISO/IEC 19770-3: Software entitlement tag ISO/IEC 19770-3 will provide a software asset management (SAM) data standard for software licensing entitlement tags.

Software entitlement tags are computer files that provide authoritative identifying information about software licensing rights.

The ISO/IEC 19770-3 Other Working Group (“OWG”)[5] was convened by teleconference call on 9 September 2008.

Seven subcommittees were defined and a regular meeting schedule was chosen.

The mandate for this OWG will extend through the May 2009 ISO/IEC Plenary conference.

It is anticipated that a Final Committee Draft will be submitted by the OWG to WG21 at that time.

John Tomeny of Sassafras Software Inc was appointed as the convener of the ISO/IEC 19770-3 Other Working Group by Working Group 21 (ISO/IEC JTC 1/SC 7/WG 21).

In addition to WG21 members, other participants in the 19770-3 OWG may be any “individuals considered to have relevant expertise by the Convener”.[6] References [1] ISO/IEC 19770-1 Information technology — Software asset management — Part 1: Processes (http:/ / iso/ iso_catalogue/ catalogue_tc/ catalogue_detail.

Htm?csnumber=33908) [2] Web site from the working group that developed the 19770-1 standard (http:/ / [3] Web site for (http:/ / [4] Website for IEEE-ISTO (http:/ / [5] Web site from the working group developing the 19770-3 standard (http:/ / iso/ ) [6] W21N0805 (revision 2): Terms of Reference for ISO/IEC 19770-3 Software Entitlement Tag Other Working Group (http:/ / iso/ W21N0805.

Pdf) ISO/IEC 19770 394 External links • • • • • Business Software Alliance ( International Association of Information Technology Asset Managers ( IT Service Management Forum ( Software & Information Industry Association (SIIA) ( International Business Software Managers Assoc. (IBSMA) ( ISO/IEC 20000 ISO/IEC 20000 is the first international standard for IT Service Management System.

It was developed in 2005, by ISO/IEC JTC1 SC7 and revised in 2011[1] .

It is based on and intended to supersede the earlier BS 15000 that was developed by BSI Group.[2] Formally: ISO/IEC 20000-1 (‘part 1’) “promotes the adoption of an integrated process approach to effectively deliver managed services to meet the business and customer requirements”.

It comprises ten sections: • Scope • Terms & Definitions • • • • • • • • Planning and Implementing Service Management Requirements for a Management System Planning & Implementing New or Changed Services Service Delivery Processes Relationship Processes Control Processes Resolution Processes Release Process. ISO/IEC 20000-2 (‘part 2’) is a ‘code of practice’, and describes the best practices for service management within the scope of ISO/IEC 20000-1.

It comprises the same sections as ‘part 1’ but excludes the ‘Requirements for a Management system’ as no requirements are imposed by ‘part 2’.

ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework, although it equally supports other IT Service Management frameworks and approaches including Microsoft Operations Framework and components of ISACA’s COBIT framework.

The differentiation between ISO/IEC 20000 and BS 15000 has been addressed by Jenny Dugmore.[3] [4] The standard was first published in December 2005. ISO/IEC 20000 395 Notes [1] ISO/IEC 20000-1:2011 IT Service Management System (SMS) Standard (http:/ / iso/ iso_catalogue/ catalogue_ics/ catalogue_detail_ics.

Htm?csnumber=51986) [2] BSI Group Fast Facts (http:/ / en/ About-BSI/ News-Room/ BSI-Fast-Facts2/ ) [3] Dugmore, Jenny (2006).

Achieving ISO/IEC 20000 – The Differences Between BS 15000 and ISO/IEC 20000.

BSI Group (http:/ / shop. en/ Browse-By-Subject/ ICT/ IT-service-management/ ).

P. 124.

ISBN 0580473481. [4] Dugmore, Jenny (2006). “BS 15000 to ISO/IEC 20000 What difference does it make?”.

ITNOW 48 (3): 30.

Doi:10.1093/combul/bwl017. ISO20000-3:2009 Guidance on scope definition and applicability of ISO/IEC 20000-1 ISO20000-4:2010 Process reference model ISO20000-5:2010 Exemplar implementation plan for ISO/IEC 20000-1 ISO20000-1 updated at 2011-04-12 Academic resources • International Journal of IT Standards and Standardization Research, ISSN: 1539-3054 (internet), 1539-3062 (print), Information Resources Management Association ISO2000-1:2011 released at 2011-04-12 External links • The ISO/IEC 20000 User Group ( KS X ISO/IEC 20000 — • The ISO 17799 Newsletter [2] • Opensource software to support ISO 27000 processes [3] References [1] http:/ / standards. ittf/ PubliclyAvailableStandards/ c041933_ISO_IEC_27000_2009.

Zip [2] http:/ / 17799-news. [3] http:/ / esis. IT Asset & Service Management 397 IT Asset & Service Management IT Asset & Service Management (ITASM) is the United States Air Force effort to implement BSM (Business Service Management) and ITIL (Information Technology Infrastructure Library) processes.

ITASM is to institutionalize industry best practices into an enterprise-wide IT operations framework. History The ITASM was initiated in response to Department of Defense mandates regarding purchase and operation of commercial off-the-shelf systems.[1] The initiative is slated to roll out December 2009 through December 2011. Tactical Actions The primary tactical actions of ITASM are to establish an enterprise-wide Configuration Management Database (CMDB) that contains information pertaining to all information technology assets such as workstations, network devices, and servers.

Also, to be contained is information regarding the software installed and the configurations. References [1] “IC-2 TO AFI 33-114, Software Management, 23 October 2008” (http:/ / us-air-force-forms-pdf-optimized-version-b/ afi33-114.

Pdf). . IT asset management IT asset management (ITAM) is the set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment.

Assets include all elements of software and hardware that are found in the business environment. Hardware asset management Hardware asset management entails the management of the physical components of computers and computer networks, from acquisition through disposal.common business practices include request and approval process, procurement management, life cycle management, redeployment and disposal management.

A key component is capturing the financial information about the hardware life cycle which aids the organization in making business decisions based on meaningful and measurable financial objectives.

Software Asset Management is a similar process, focusing on software assets, including licenses, versions and installed endpoints. — Heavily networked IT systems typically characterize information technology in government and business these days.

As a rule, therefore, it is advantageous to consider the entire IT system and not just individual systems within the scope of an IT security analysis and concept.

To be able to manage this task, it makes sense to logically partition the entire IT system into parts and to separately consider each part or even an IT network.

Detailed documentation about its structure is prerequisite for the use of the IT Baseline Protection Catalogs on an IT network.

This can be achieved, for example, via the IT structure analysis described above.

The IT Baseline Protection Catalog?s’ components must ultimately be mapped onto the components of the IT network in question in a modelling step. IT baseline protection 401 Baseline security check The baseline security check is an organisational instrument offering a quick overview of the prevailing IT security level.

With the help of interviews, the status quo of an existing IT network (as modelled by IT baseline protection) relative to the number of security measures implemented from the IT Baseline Protection Catalogs are investigated.

The result is a catalog in which the implementation status “dispensable”, “yes”, “partly”, or “no” is entered for each relevant measure.

By identifying not yet, or only partially, implemented measures, improvement options for the security of the information technology in question are highlighted.

The baseline security check gives information about measures, which are still missing (nominal vs.

Actual comparison).

From this follows what remains to be done to achieve baseline protection through security.

Not all measures suggested by this baseline check need to be implemented.

Peculiarities are to be taken into account! It could be that several more or less unimportant applications are running on a server, which have lesser protection needs.

In their totality, however, these applications are to be provided with a higher level of protection.

This is called the (cumulation effect).

The applications running on a server determine its need for protection.

In this connection, it is to be noted that several IT applications can run on an IT system.

When this occurs, the application with the greatest need for protection determines the IT system?s protection category.

Conversely, it is conceivable that an IT application with great protection needs does not automatically transfer this to the IT system.

This may happen because the IT system is configured redundantly, or because only an inconsequential part is running on it.

This is called the (distribution effect).

This is the case, for example, with clusters.

The baseline security check maps baseline protection measures.

This level suffices for low to medium protection needs.

This comprises about 80 % of all IT systems according to FSI estimates.

For systems with high to very high protection needs, risk analysis based information security concepts, like for example ISO 27001, are usually used. IT Baseline Protection Catalog and standards During its 2005 restructuring and expansion of the IT Baseline Protection Catalogs, the FSI separated methodology from the IT Baseline Protection Catalog.

The BSI 100-1, BSI 100-2, and BSI 100-3 standards contain information about construction of an information security management system (ISMS), the methodology or basic protection approach, and the creation of a security analysis for elevated and very elevated protection needs building on a completed baseline protection investigation.

BSI 100-4, the “Emergency management” standard, is currently in preparation.

It contains elements from BS 25999, ITIL Service Continuity Management combined with the relevant IT Baseline Protection Catalog components, and essential aspects for appropriate Business Continuity Management (BCM).

Implementing these standards renders certification is possible pursuant to BS 25999-2.

The FSI has submitted the FSI 100-4 standards design for online commentary under.[6] The FSI brings its standards into line with international norms this way. IT baseline protection 402 Literature FSI:IT Baseline Protection Guidelines (pdf, 420 kB) [7] FSI: IT Baseline Protection Cataloge 2007 [8] (pdf) FSI: FSI IT Security Management and IT Baseline Protection Standards [9] Frederik Humpert: IT-Grundschutz umsetzen mit GSTOOL.

Anleitungen und Praxistipps für den erfolgreichen Einsatz des BSI-Standards, Carl Hanser Verlag München, 2005. [10] (ISBN 3-446-22984-1) • Norbert Pohlmann, Hartmut Blumberg: Der IT-Sicherheitsleitfaden.

Das Pflichtenheft zur Implementierung von IT-Sicherheitsstandards im Unternehmen, ISBN 3-8266-0940-9 • • • • References [1] http:/ / en/ US/ docs/ solutions/ Enterprise/ Security/ Baseline_Security/ securebasebook.

Html [2] http:/ / corporate/ news/ collateral/ ntj3_baseline_04.

Pdf [3] “Department Baseline Security Policy and End User Agreement” (http:/ /


Edu/ biochem/ department/ Documents/ Baseline Security Policy and End User Agreement.


Purdue University. .

Retrieved 17 December 2009. [4] “D16 Baseline Security Requirements for Information Systems” (http:/ / www.kent.


Uk/ About Kent Police/ policies/ d/ d16.


Kent Police. .

Retrieved 17 December 2009. [5] “Mapping ISO 27000 to baseline security” (https:/ / www.bsi.


De/ cae/ servlet/ contentblob/ 471598/ publicationFile/ 31081/ Vergleich_ISO27001_GS_pdf.


BSI. .

Retrieved 17 December 2009. [6] Entwurf BSI 100-4 (http:/ / www.bsi.

De/ literat/ bsi_standard/ bsi-standard_100-4_v090.

Pdf) (pdf) [7] http:/ / www.bsi.


De/ gshb/ Leitfaden/ GS-Leitfaden.

Pdf [8] http:/ / www.bsi.


De/ gshb/ deutsch/ download/ it-grundschutz-kataloge_2006_de.

Pdf [9] http:/ / www.bsi.


De/ literat/ bsi_standard/ index.

Htm [10] http:/ / www.humpert-partner.

De/ conpresso/ _rubric/ index.

Php?rubric=6 External links • • • • Federal Office for Security in Information Technology ( IT Security Yellow Pages ( IT Baseline protection tools ( Open Security Architecture- Controls and patterns to secure IT systems ( IT cost transparency 403 IT cost transparency IT cost transparency is a new category of information technology management software and systems and that enables enterprise IT organizations to model and track the total cost to deliver and maintain the IT Services they provide to the business.

It is increasingly a task of management accounting.

IT cost transparency solutions integrate financial information such as labor, software licensing costs, hardware acquisition and depreciation, data center facilities charges, from general ledger systems and combines that with operational data from ticketing, monitoring, asset management, and project portfolio management systems to provide a single, integrated view of IT costs by service, department, GL line item and project.

In addition to tracking cost elements, IT Cost Transparency tracks utilization, usage and operational performance metrics in order to provide a measure of value or ROI.

Costs, budgets, performance metrics and changes to data points are tracked over time to identify trends and the impact of changes to underlying cost drivers in order to help managers address the key drivers in escalating IT costs and improve planning.

IT cost transparency combines elements of activity based costing, business intelligence, operational monitoring and performance dashboards.

It provides the system on which to implement ITIL v3 Financial Management guidelines to assist with Financial Management for IT services and is closely related to IT Service Management. Capabilities While specific solutions vary, capabilities can include: • • • • • • • • Simplified or automated collection of key cost driver data An allocation or cost modeling interface Custom reporting and analysis of unit cost drivers, including CIO dashboards Ability to track operational metrics such as utilization, service levels, support tickets along with cost Bill of IT reports for chargeback or service allocation to Lines of Business Forecast and budget tracking versus actual and over time Hypothetical scenario planning for new project ROI analysis Cost benchmarking against industry averages or common metrics Analysts’ take “Globalization, consumerization, new competitors and new service models are radically ‘changing the shape of IT’.

IT leaders must develop greater transparency into the costs, utilization and operations of their IT services in order to optimize their IT investments and evolve from being technology managers to being stewards of business technology.” [1] — Barbara Gomolski [2], Research Vice President, Gartner “By making these costs transparent, the IT organization can fundamentally change the way business units consume IT resources, drive down total enterprise IT costs, and focus on IT spending that delivers real business value.

The CIO who leads this change can usher in a new era of strategic IT management–and true partnership with the business.” [3] –Andrew M.

Appel, Neeru Arora, and Raymond Zenkich.

McKinsey & Company. “Companies can get an understanding of the best candidates for virtualization or consolidation, for instance, and further reduce the cost of resources.

IT organizations consistently try to become more efficient, and this type of detailed information enables visibility, billing and chargeback in the future,” — [4] IT cost transparency 404 References [1] [2] [3] [4] http:/ / news/ 2008/ 110308-mgmt-cos.

Html?page=2 http:/ / AnalystBiography?authorId=14850 http:/ / Unraveling_the_mystery_of_IT_costs_1651 CIOs seek IT cost transparency in 2010 by Denise Dubie, comment on IT cost optimization (http:/ / products/ it-cost-optimization) by Yisrael Dancziger, president and CEO of Digital Fuel • Unraveling the Mystery of IT Costs ( Unraveling_the_mystery_of_IT_costs_1651) Andrew M.

Appel, Neeru Arora, and Raymond Zenkich.

The McKinsey Quarterly, August 2005. • Taking Control of IT Costs.

Nokes, Sebastian. ( London (Financial Times / Prentice Hall): March 20, 2000.

ISBN: 978-0-273-64943-4 • IT Cost Transparency: Optimizing ITIL v3 Service and Financial Management ( solutions/resources/whitepapers/) Kurt Shubert, IT Manager, Certified ITIL v2 and v3.

July 2008. • The Changing Face of Asset Management: Merging Asset, Service, and Financial Management ( Lisa EricksonHicks, Research Director, Enterprise Management Associates.

June 2008.

IT Financial Management ( • Know Your Costs: The Key to IT Business ( Business-Intelligence-and-Information-Management/informed-cio-it-cost-transparency.html) David Stodder.

April 2010. • Leveraging IT Chargeback as a Cost-Cutting Tool ( Rob Mischianti, CEO Nicus Software, IFTMA Presenter. 2009. External links • How to cut IT costs without Hemorrhaging (

Html?page=1) • Scalpel or Cleaver: CIOs Can Show CFOs the Light ( Scalpel_or_Cleaver_CIOs_Can_Show_CFOs_the_Light_34973684.html) • Unraveling the Mystery of IT Costs ( 2030-1069_3-5841812.html) • Can IT Spending Shift from Reactive to Proactive? ( • Avoid spending more ‘just in case’ (

Html?nclick_check=1) IT Interaction Model 405 IT Interaction Model The IT interaction model is a holistic view of Management Information Systems in the context of the organization.

According to Mark S.

Silver, the model addresses the interaction of an information system’s features with five elements of the organization: 1. 2. 3. 4. 5.

Its external environment its strategy its structure and culture its business processes its IT infrastructure. The model considers the consequences of this interaction for system use, for organizational performance, for the organization’s personnel, and for the firm’s future flexibility.

Moreover, the model relates various aspects of the interaction process to the phases of the development and implementation lifecycles.

Tools such as Porter’s five forces, value chain analysis and SWOT analysis can be used to analyze a company’s strategy.

Information flow diagrams can be used to analyze a company’s business processes. IT portfolio management IT portfolio management is the application of systematic management to large classes of items managed by enterprise Information Technology (IT) capabilities.

Examples of IT portfolios would be planned initiatives, projects, and ongoing IT services (such as application support).

The promise of IT portfolio management is the quantification of previously informal IT efforts, enabling measurement and objective evaluation of investment scenarios. — IT portfolio management important tool that IT portfolio management provides to judge the level of investments on the basis of how investments should be made in various elements of the portfolio), (3) Continuous Alignment with business goals (highest levels of organizations should have a buy-in in the portfolio) and (4) Continuous Improvement (lessons learned and investment adjustments).

Maizlash and Handler (2007)[3] provide a proven step-by-step methodology for applying IT portfolio management that has eight stages.

In today’s fast-paced world, waterfall approaches to delivering anything are proving to be less and less effective.

Nonetheless, the eight stages are: 1. 2. 3. 4. 5. 6. 7. 8.

Developing an IT portfolio management game plan Planning the IT portfolio Creating the IT portfolio Assessing the IT portfolio Balancing the IT portfolio Communicating the IT portfolio Developing and evolving IT portfolio governance and organization Assessing IT portfolio management process execution 407 There is no single best way to implement IT portfolio approach and therefore variety of approaches can applied.

Obviously the methods are not set in stone and will need altering depending upon the individual circumstances of different organizations. IT portfolio management vs.

Balanced scorecard The biggest advantage of IT portfolio management is the agility of the investment adjustments.

While balanced scorecards also emphasize the use of vision and strategy in any investment decision, oversight and control of operation budgets is not the goal.

IT portfolio management allows organizations to adjust the investments based upon the feedback mechanism built into the IT portfolio management. History The first mention of the portfolio concept as related to IT was from Richard Nolan in 1973: “investments in developing computer applications can be thought of as a portfolio of computer applications.” [4] Further mention is found in Gibson and Nolan’s Managing the Four Stages of EDP Growth in 1973.[5] Gibson and Nolan proposed that IT advances in observable stages driven by four “growth processes” of which the Applications Portfolio was key.

Their concepts were operationalized at Nolan, Norton & Co.

With measures of application coverage of business functions, applications functional and technical qualities, applications age and spending.

McFarlan [6] proposed a different portfolio management approach to IT assets and investments.

Further contributions have been made by Weill and Broadbent,[7] Aitken,[8] Kaplan,[2] and Benson, Bugnitz, and Walton.[9] The ITIL version 2 Business Perspective[10] and Application Management[11] volumes and the ITIL v3 Service Strategy volume also cover it in depth.

Various vendors have offerings explicitly branded as “IT Portfolio Management” solutions.

ISACA’s Val IT framework is perhaps the first attempt at standardization of IT portfolio management principles.

In peer-reviewed research, Christopher Verhoef has found that IT portfolios statistically behave more akin to biological populations than financial portfolios.[12] Verhoef was general chair of the first convening of the new IEEE conference, “IEEE Equity,” March 2007, which focuses on “quantitative methods for measuring, predicting, and understanding the relationship between IT and value.”[13] IT portfolio management 408 McFarlan’s IT portfolio matrix High ^ |—————————————————————| |strategic Impact of IS/IT applications on future industry competitiveness | | | |Central Planning |Critical to achieving |future business strategy. (Developer) | Turnaround |May be critical to |achieving future |business success | | | | (Entrepreneur) | | | | | | |—————————————————————| |Leading Edge/Free Market |—————————————————————| |Critical to existing business |operations | | |Monopoly |Factory High Value to the business of existing applications. (Controller) | | Scarce Resource | Support | | |Valuable but not critical | | | | (Caretaker) |to success |_______________________________|_______________________________| |<---------------------------------------------------------------Low Relationship to other IT disciplines IT portfolio management is an enabling technique for the objectives of IT Governance.

It is related to both IT Service Management and Enterprise Architecture, and might even be seen as a bridge between the two.

ITIL v3 calls for Service Portfolio Management which appears to be functionally equivalent. References [1] Jeffery, M., & Leliveld, I. (2004).

Best Practices in IT Portfolio Management.

MIT Sloan Management Review. 45 (3), 41.

Http:/ / sloanreview.


Edu/ the-magazine/ articles/ 2004/ spring/ 45309/ best-practices-in-it-portfolio-management [2] Kaplan, J.

D. (2005).

Strategic IT portfolio support, which consume the bulk of IT spending.

The challenge for including application maintenance and suppofolio management : governing enterprise transformation.

United States, Pittiglio Rabin Todd & McGrath Inc. [3] Maizlish, B. & Handler, R. (2007).

IT Portfolio Management Step-by-Step: Unlocking the Business Value of Technology.

New Jersey: John Wiley & Sons Inc. [4] Nolan, Richard (1973). “Plight of the EDP Manager.” Harvard Business Review, May–June 1973. [5] Managing the Four Stages of EDP Growth Publication date: Jan 01, 1974.

Prod. #: 74104-PDF-ENG [6] McFarlan, F.

W. (1981). “Portfolio approach to information systems.” Harvard Business Review (September–October 1981): 142-150 [7] Weill, P.

And Broadbent, M. (1998).

Leveraging the New Infrastructure: How Market Leaders Capitalize on Information Technology.

Cambridge, Massachusetts, Harvard Business School Press. [8] Aitken, I. (2003).

Value-driven IT management.


Remenyi, Computer Weekly Professional Series.

Oxford, Butterworth Heinemann. [9] Benson, R.

J., T.


Bugnitz, et al. (2004).

From business strategy to IT action : right decisions for a better bottom line.

Hoboken, N.J., Wiley [10] Office of Government Commerce (2004).

Business Perspective: The IS View on Delivering Services to the Business.

OGC, ITIL© Managing IT Services (IT Infrastructure Library).

London, The Stationery Office. [11] Office of Government Commerce (2002).

Application management.

OGC, ITIL© Managing IT Services (IT Infrastructure Library).

London, The Stationery Office. [12] Verhoef, Christopher, “Quantitative IT portfolio management,” Science of Computer Programming, Volume 45, Issue 1, pages 1–96 (October 2002). IT portfolio management [13] http:/ / www.cs.


Nl/ equity2007/ index.

Php?id=1 409 Further reading • Sanwal, Anand (2007).

Optimizing Corporate Portfolio Management: Aligning Investment Proposals with Organizational Strategy (


ISBN 978-0-470-12688-2. IT risk Information technology risk, or IT risk, IT-related risk, is a risk related to information technology.

This relatively new term due to an increasing awareness that information security is simply one facet of a multitude of risks that are relevant to IT and the real world processes it supports.

Because risk is strictly tied to uncertainty, Decision theory should be applied to manage risk as a science, IE rationally making choices under uncertainty.

Generally speaking, risk is the product of likelihood times impact (Risk = Likelihood * Impact).[1] The measure of a IT risk can be determined as a product of threat, vulnerability and asset values:[2] Risk = Threat * Vulnerability ? Asset Definitions Definitions of IT risk come from different but authoritative sources. — 437 IT service continuity IT Service Continuity is a specific form of business continuity planning.

It is the process of assessing and managing risks associated with information technology (IT) departments.

It involves the evaluation of values, threats, risks, vulnerabilities and development of countermeasures to ensure continuation in the event of a disaster.

This terminology is mainly used in Corporate America.

In 2008 the British Standards Institution launched a specific standard connected and supporting the Business Continuity Standard BS 25999 titled BS25777 specifically to align ICT Service Continuity with Business Continuity.

The two standards can be implemented separately. IT service management IT service management (ITSM or IT services) is a discipline for managing information technology (IT) systems, philosophically centered on the customer’s perspective of IT’s contribution to the business.

ITSM stands in deliberate contrast to technology-centered approaches to IT management and business interaction.

The following represents a characteristic statement from the ITSM literature: Providers of IT services can no longer afford to focus on technology and their internal organization[;] they now have to consider the quality of the services they provide and focus on the relationship with customers.[1] No one author, organization, or vendor owns the term “IT service management” and the origins of the phrase are unclear.

ITSM is process-focused and in this sense has ties and common interests with process improvement movement (EG, TQM, Six Sigma, Business Process Management, CMMI) frameworks and methodologies.

The discipline is not concerned with the details of how to use a particular vendor’s product, or necessarily with the technical details of the systems under management.

Instead, it focuses upon providing a framework to structure IT-related activities and the interactions of IT technical personnel with business customers and users.

ITSM is generally concerned with the “back office” or operational concerns of information technology management (sometimes known as operations architecture), and not with technology development.

For example, the process of writing computer software for sale, or designing a microprocessor would not be the focus of the discipline, but the computer systems used by marketing and business development staff in software and hardware companies would be.

Many non-technology companies, such as those in the financial, retail, and travel industries, have significant information technology systems which are not exposed to customers.

In this respect, ITSM can be seen as analogous to an enterprise resource planning (ERP) discipline for IT – although its historical roots in IT operations may limit its applicability across other major IT activities, such as IT portfolio management and software engineering. Context IT Service Management is frequently cited as a primary enabler of information technology governance (or information management) objectives.

The concept of “service” in an IT sense has a distinct operational connotation, but it would be incorrect then to assume that IT Service Management is only about IT operations.

However, it does not encompass all of IT practice, and this can be a controversial matter.

It does not typically include project management or program management concerns.

In the UK for example, the IT Infrastructure Library (ITIL), a government-developed ITSM framework, is often paired with the PRojects IN Controlled Environments (PRINCE2) project methodology and Structured Systems Analysis and Design Method for IT service management systems development.

ITSM is related to the field of Management Information Systems (MIS) in scope.

However, ITSM has a distinct practitioner point of view, and is more introspective (IE IT thinking about the delivery of IT to the business) as opposed to the more academic and outward facing connotation of MIS (IT thinking about the ‘information’ needs of the business).

IT Service Management in the broader sense overlaps with the disciplines of business service management and IT portfolio management, especially in the area of IT planning and financial control. 438 Frameworks There are a variety of frameworks and authors contributing to the overall ITSM discipline.[2] There are a variety of proprietary approaches available.[3] Professional organizations There is an international, chapter-based professional association, the IT Service Management Forum (ITSMF), which has a semi-official relationship with ITIL and the ITSM audit standard ISO/IEC 20000.

There is also a global professional association, the IT Service Management Professionals Association (IT-SMPa). Information Technology Infrastructure Library IT Service Management is often equated with the Information Technology Infrastructure Library, (ITIL) an official publication of the Office of Government Commerce in the United Kingdom.

However, while a version of ITSM is a component of ITIL, ITIL also covers a number of related but distinct disciplines and the two are not synonymous.

The current version of the ITIL framework is version 3.

It was upgraded from version 2 in mid-2007.

The next update of the framework is envisaged to be mid-2011.

The “Service Management” section of ITIL version 2 was made up of eleven different disciplines, split into two sections, Service Support and Service Delivery.

This use of the term “Service Management” is how many in the world interpret ITSM, but again, there are other frameworks, and conversely, the entire ITIL library might be seen as IT Service Management in a larger sense. Other frameworks and concern with the overhead Analogous to debates in software engineering between agile and prescriptive methods, there is debate between lightweight versus heavyweight approaches to IT service management.

Lighter weight ITSM approaches include: • ITIL Small-scale Implementation[4] colloquially called “ITIL Lite” is an official part of the ITIL framework. • FITS [5] was developed for UK schools.

It is a simplification of ITIL. • Core Practice [6] (CoPr or “copper”) calls for limiting Best Practice to areas where there is a business case for it, and in other areas just doing the minimum necessary. • [7] A Creative Commons ITSM/SDLC Framework Wiki IT service management 439 Governance and audit Several benchmarks and assessment criteria have emerged that seek to measure the capability of an organization and the maturity of its approach to service management.

Primarily, these alternatives provide a focus on compliance and measurement and therefore are more aligned with corporate governance than with IT service management per se. • ISO/IEC 20000 (and its ancestor BS15000).

This standard is not identical in taxonomy to ITIL and includes a number of additional requirements not detailed within ITIL and some differences.

Adopting ITIL best practices is therefore a good first step for organizations wishing to achieve ISO 20000 certification for their IT Service Management processes. • COBIT (or the lighter COBIT Quickstart) is comprehensive and widely embraced.

It incorporates IT Service Management within its Control Objectives for Support and Delivery. References [1] IT Service Management Forum (2002).

Van Bon, J..


IT Service Management: An Introduction.

Van Haren Publishing.

ISBN 9080671347.

Emphasis added. [2] van Bon, J.(Editor) (2002).

The guide to IT service management.

Addison Wesley.

ISBN 0201737922. [3] For a (somewhat dated but comprehensive) discussion of frameworks visit (http:/ / options_frameworks.

Html) [4] Sharon Taylor and Ivor Macfarlane (2005).

ITIL Small Scale Implementation.

The Stationery Office.

ISBN 0113309805. [5] http:/ /

Uk/ fits [6] http:/ / [7] http:/ / Further reading • Eric J.

Feldman (30 July 2007). “The Eight Essential Elements of an IT Service Lifecycle” (

Retrieved 15 December 2007. • Peter O’Neill (20 October 2006). “Topic Overview: IT Service Management” ( go?docid=40558).

Forrester Research.

Retrieved 6 June 2007. External links • • • • • The OGC website ( IT Service Management Forum – UK ( IT Service Management Forum – USA ( Open Source ITSM Software – Community ( Open Source ITSM Software – Services ( IT Service Management Forum 440 IT Service Management Forum The IT Service Management Forum (itSMF) is an independent and internationally-recognised forum for IT Service Management professionals worldwide.

This not-for-profit organisation is a prominent player in the on-going development and promotion of IT Service Management “best practice”, standards and qualifications and has been since 1991.

As businesses come to depend more on technology to promote and deliver their products to market, the benefits of adopting “best practice” IT Service Management and of becoming part of organisations such as the IT Service Management Forum are becoming more widely recognised.

The itSMF provides an accessible network of industry experts, information sources and events to help address IT service management issues and help achieve the delivery of high quality, consistent IT service internally and externally through the adoption of “best practice”.

Globally, the itSMF has over 5000 member companies, blue chip and public sector alike, covering in excess of 70,000 individuals spread over 53+ international Chapters.

Each chapter is a separate legal entity and is largely autonomous.

There is a separate International entity that provides an overall steering and support function to existing and emerging chapters.

It has its own website at .

The itSMF is concerned with promoting ITIL (the IT Infrastructure Library), Best Practice in IT Service Management and has a strong interest in the International ISO/IEC 20000 standard).

The itSMF publishes books covering various aspects of Service Management through a process of endorsing them as part of the itSMF Library. External links • ITSMF International • • • • • • • • • • • • • • • • • • • itSMF Australia Chapter itSMF Belgium Chapter itSMF Croatian Chapter itSMF Czech Republic itSMF Toronto, Canada Chapter itSMF Gulf Chapter ITSMF India Ipanema Technologies, ITSMF member itSMF Japan Chapter itSMF Kenya Chapter itSMF Norway, Norwegian Chapter ITSMF NL Chapter ORSYP consulting, ITSMF member ITSMF Polish Chapter itSMF Russian Chapter itSMF Swedish Chapter itSMF Thailand Chapter itSMF USA Chapter ITSMF UK Chapter ITIL Planning to implement service management 441 ITIL Planning to implement service management The planning to implement service management is a set in the Information Technology Infrastructure Library (ITIL) framework.

This set is about the alignment of business needs and IT provision requirements.

Besides, this set describes how to implement or improve IT Service Management within an organization and it describes steps to ensure that business needs and IT provision requirements will be met.

Furthermore, the planning to implement service management set is mainly focused on the service management processes, but also generically applicable to other ITIL sets.

An approach to implement or improve service management is the Continuous Service Improvement Programme (CSIP).

A CSIP is defined as: “an ongoing formal programme undertaken within an organization to identify and introduce measurable improvements within a specified work area or work process.” OGC_book All the activities within a CSIP regarding one single improvement can be visualized generically by using the meta-modeling technique.

This results in a process-data diagram (figure 1), which does not describe the continuous improvement activity of the programme.

The process-data diagram shows the relationship between processes and artifacts and this diagram consists of two integrated diagrams.

The left-hand side of the process-data diagram describes the activities (processes) and is based on the UML activity diagram.

The right-hand side describes the data (artifacts) and is based on the UML class diagram.

Meta_modeling The table of concepts and the activity description regarding the process-data diagram can be found in the paragraph Process-data diagram descriptions.

The process-data diagram shows the following activities: • • • • • create vision analyze organization set goals implement IT service management measure goals First, a vision has to be created and the IT and business strategies should be aligned.

The second step consists of analyzing the organization and its current position.

In this step an answer has to be found on the question ‘where are we now?’ The following step is about setting goals and priorities regarding the improvement process.

The fourth step is the improvement of the service provision itself and during the fifth and final step the improvement will be measured to examine whether the goals have been met. ITIL Planning to implement service management 442 The planning to implement service management set Every activity in the planning to implement service management set, as depicted in figure 1, will be further explained. Create vision As figure 1 shows, the first step that needs to be taken in the process is creating a vision statement for a CSIP.

The vision statement describes the aim and purpose of the CSIP on a high level and should align the different strategies of business and IT.

Additionally, the vision statement should be well communicated to the stakeholder, to create commitment and buy-in for the CSIP. Figure 1: process-data diagram Analyze organization After having created a vision an IT organization should analyze itself, wherein the question ‘where are we now?’ has to be answered.

A useful technique to determine the current position is the IT organization growth model.

This model determines the maturity level of the IT organization and is based on the Process Maturity Framework (PMF), as well as on the Capability Maturity Model (CMM).

The maturity of the organization will be determined in terms of vision and strategy, steering, processes, people, technology and culture.

It is also required to understand who the stakeholders are, because stakeholders have an impact on the CSIP.

This can be achieved by defining, identifying and mapping the stakeholders.

Additionally, the specific needs of the stakeholders have to be identified and this can result in a stakeholder assessment report.

The third step of the organizational analysis in figure 1, consists of assessing the current report and measurement system.

Knowing the current way of using and producing reports, facts and figures gives insight in how well the organization is steered, but it also provides information about the next activity ‘set goals’.

The last step in analyzing the organization is conducting benchmarks.

A benchmark is a useful management technique to improve performance.

In a benchmark different parts of the organization can be compared, like units or processes.

But also organizations as a whole can be compared in a benchmark.

It is important to determine whether a service management process should be benchmarked or not.

A focus on the relevant service management processes is essential.

The results of the benchmarks can result in the identification of gaps. ITIL Planning to implement service management 443 Set goals The next activity in the CSIP is about the agreement between business and IT regarding the required and expected future roles and characteristics of the organization, which are based on the current maturity of the organization.

The first step that needs to be taken is the creation of a business case to describe the added value and the justification of the CSIP.

The business case is determined by the current maturity of the organization and the organizational strategy.

A stakeholder assessment, conducted in the previous activity, can also be a contribution to the focus on the results and the aim of the improvement programme.

Furthermore, risks should be identified and managed.

An approach to risk management should be applied during the CSIP.

Mainly the risks related to the business vision, existing processes and the environment and business constraints should be managed to reduce the effects of those risks.

After having created a business case, a gap assessment report should be completed.

A gap assessment report is used to compare the current state with the future state of the organization and this results in gaps to overcome (‘where do we want to be’).

It provides information about gaps, risks and the prioritization on where to start.

Once a gap assessment report has been completed, there is a need for understanding and clarity.

That means that the problems and the following steps have to be presented to the key stakeholders, to establish creditability for the assessment and support concerning the change.

The following step is the creation of a plan for quick wins.

A quick win is an early success during an improvement programme.

In the plan for quick wins short term wins should be identified and attained to keep the improvement programme running and to keep the commitment level high during the improvement programme.

The last step is setting the goals regarding the improvement programme in relation to the earlier defined stakeholder needs.

A management tool for setting goals and measuring performance is the balanced scorecard. Implement IT service management The first thing to consider regarding implementing or improving service management is finding an answer on where to start (‘which service management process?’).

Before identifying a process that need to be improved, the first condition that needs to be fulfilled is that the organization should have documented its current and desired state, which includes a completed gap assessment report. ‘Where to start’ also depends on the level of maturity and the strategic goals of the organization.

Besides these dependencies, it is important to understand the interrelationships between all the IT Service Management processes.

Another aspect which should be taken into consideration during the improvement programme is creating awareness of the change.

This can be done by making a communication plan, which will give an explanation about the IT policy to the stakeholders.

The next thing to consider is how the changes are going to be achieved.

Achieving changes requires a reliable change programme.

To prevent a CSIP from missing its intended goals the OGC recommends [1] the approach from J.P.

Kotter, called: ‘Eight steps to transforming your organisation’ in combination with project management such as PRINCE2.

The main reason for using this approach in combination with regular project management, is that this approach also takes the softer sides of change into account like resistance to change and creating commitment.


Kotter studied more than 100 companies with regard to their transformations in the past years.

This has resulted in eight main reasons why transformations succeed.

The duration of the studied transformations was quite long, about six to eight years.Transformation_fail The eight main reasons why transformations succeed are transformed into eight steps. 1.

Creating a sense of urgency 2.

Forming a guiding coalition 3.

Creating a vision 4.communicating the vision ITIL Planning to implement service management 5. 6. 7. 8. ‘Empowering’ to act on the vision Planning for and creating quick wins Consolidating improvements and producing more change Institutionalizing the change 444 These eight steps can be applied equally to a service management improvement programme.

The culture of the organization is a main issue to be taken into account during organizational change, because organizational change could support an implementation, and it can as well lead to resistance.

For that reason the organizational culture should be managed in order to avoid problems like resistance.

A critical success factor for a CSIP is the clear definition of accountability, roles and responsibility in relation to the new processes and the existing organizational structure.

New processes and working practices do often not fit within the existing organizational structure, because processes are often cross functional.

In other words, processes may run through the whole organization.

In this way new processes and working practices may introduce new roles, which may overlap the existing organizational structure.

The last aspect that has to be taken into account regarding the implementation of IT service management is training.

Training can contribute to a higher quality of service management and it can also lead to more productive and responsive employees.

Before setting up a training programme, questions like who to train, when to train, how to train and what to train should be answered.

For ITIL training see: ITIL Certification. Measure goals After the completion of each improvement process a Post Implementation Review (PIR) should be conducted to indicate if the objectives have been achieved.

This can be done by making a comparison between the achievement of the improvement and the goals earlier set in the programme.

When the results of the PIR are confirmed, new targets regarding improvement should be defined.During the improvement programme the Key Performance Indicators (KPIs), which are earlier created during setting the goals as a part of the balanced scorecard, are needed to be constantly monitored to confirm the PIR.

Also, the improvement of the customers perception (customer KPIs) during the CSIP needs to be surveyed.

This can be done by conducting a regular statistical survey regarding customer satisfaction, also called a Customer Satisfaction Survey (CSS). Process-data diagram descriptions Table of concepts Concept Assessment Balanced Scorecard Definition The classification of someone or something with respect to its worth. [6] An aid to organizational Performance management.

It helps to focus, not only on the financial targets but also on the internal processes, customers, and learning and growth issues. [1] A report that contains a comparison of performance between different organizations or between different units within an organization. [1] Information that describes the justification for setting up and continuing a PRINCE2 project.

It provides the reasons (and answers the question ‘Why?’) for the project.

It is updated at key points throughout the project. [7] A plan that describes how the IT policy will be explained to the stakeholders and as a result of this, it will create awareness in the organization. [1] The addition, modification or removal of the whole of the ideas, corporate values, beliefs, practices, expectations about behavior and daily customs that are shared by the employees in an organization. [1] Benchmark report Business case Communication plan Cultural change ITIL Planning to implement service management 445 Decision document A document which gives an answer on the question ‘Where should I start’ and depends on the completeness of the assessments conducted in the previous steps, like determining the maturity level of the organization, service processes and strategic goals. [1] A change management model, consisting of eight steps. [9] Gap analysis naturally flows from benchmarking or other assessments.

Once we understand what is the general expectation of performance in industry, we can then compare that with current capabilities, and this becomes the gap analysis. [10] The state of affairs that a plan is intended to achieve and that (when achieved) terminates behavior intended to achieve it. [5] A model that determines the current maturity of the IT organization in terms of vision and strategy, steering, processes, people, technology and culture. [1] The active employment of particular sets of measurement recommendations. [3] Measurable element of a service process or function. [1] Organizational change has two dimensions.

The first, OC involves a transformation of organizations between two points in time.

The second dimensions concerns the way the transformation occurs. [8] Responsibilities, authorities and relations organized in such a way as to enable the organization to perform its functions. [11] One or more reviews held after project closure to determine if the expected benefits have been obtained. [7] Eight step model Gap assessment report Goal IT Organizational growth model Measurement framework Metric Organizational change Organizational structure — Risk management Service improvement SM (service management) vision statement Stakeholder assessment Stakeholder goal Strategy Training programme Table 1: table of concepts with definitions References of table of concepts 1.

Office of Government Commerce (OGC). (2002).

Planning to Implement Service Management.

London : The Stationery Office. 2.

Raynor, M.E. (1998).

That vision thing: Do we need it?.

Long range planning, 31, 3. 3.

Folan, P., Browne, J. (2005), A review of performance measurement: Towards performance management.computers in industry, 56, 7. 4.

Mintzberg, H. (1978).

Patterns in Strategy Formation.

Management Science, 24, 9. 5.

WordNet Search – 2.1. (2006).

Retrieved March 8, 2006 from Princeton Website: perl/webwn?s=goal 6.

WordNet Search – 2.1. (2006).

Retrieved March 8, 2006 from Princeton Website: ITIL Planning to implement service management 7.

Best practice. (2006).

Retrieved March 8, 2006 from OCG Website: 8.

William P.

Barnett; Glenn R.

Carroll. (1995).

Modeling Internal Organizational Change.

Annual Review of Sociology, 21, pp. 217-236. 9.

Egan, R.W., Fjermestad, J. (2005).

Change and Resistance: Help for the Practitioner of Change.

Proceedings of the 38th Hawaii International Conference on System Sciences – 2005 10.

Definitions of Terms. (2006).

Retrieved March 8, 2006 from Balanced Scorecard Institute Website: http:// 11.

Development of Quality Assurance System in Higher Education(QUASYS). (2001).

Retrieved March 10, 2006 from University of Zagreb Website: 446 Activity description Activity Create vision Sub-activity Description Creating a VISION STATEMENT for service management which fits with the organization STRATEGY.

Evaluate current position Evaluating the current position can be done by assessing the , IT ORGANIZATION GROWTH MODEL.

This gives an indication of the maturity of the organization.

Assess stakeholders Defining and analyzing the stakeholders and their needs, which results in a STAKEHOLDER ASSESSMENT.

Assessing the current report and measure system results in a MEASUREMENT FRAMEWORK. Analyze organization Assess current report and measure system Conduct benchmark Benchmarking results in a few BENCHMARKS, which can be used as a steering instrument and can be categorised in four categories, which are not further explained.

The IT ORGANIZATION GROWTH MODEL and STRATEGY determine the BUSINESS CASE (current position) which describes not only measurable targets, but also the costs, effort, benefits sense of urgency etc.

Managing risks results the artifact RISKMANAGEMENT, which is required by the BUSINESS CASE.

BENCHMARKS lead to the analyses of gaps to determine the start.

This activity results in a GAP ASSESSMENT REPORT.

A PLAN OF QUICK WINS is based on the GAP ASSESSMENT REPORT and is needed to convince the stakeholders of the changes/implementation.

Results in STAKEHOLDER GOALS, which is a generalization of GOAL Set goals Create business case Manage risks Conduct gap analysis Create plan for quick wins Set stakeholder goals ITIL Planning to implement service management 447 Implement ITSM Select starting point Selecting a starting point can be done by creating a DECISION DOCUMENT, which initiates ORGANIZATIONAL CHANGE.

The decision to start the implementation is based on the completeness of the previous activities see: Non-described rule Adapt results previous activities Create awareness Awareness can be achieved by creating a COMMUNICATION PLAN that supports ORGANIZATIONAL CHANGE Managing org.

Change results in ORGANIZATIONAL CHANGE and can be done by using the EIGHT STEPS MODEL combined with PROJECT MANAGEMENT Managing cult.

Change results in the artifact CULTURAL CHANGE and is required by ORGANIZATIONAL CHANGE.

CULTURAL CHANGE encloses the soft side of the CHANGE.orgANIZATIONAL CHANGE involves the ORGANISATION STRUCTURE, which may change aspects like authority, tasks, functions, roles etc.orgANIZATIONAL CHANGE requires ITIL training (TRAINING PROGRAMME).

Which training is needed, depends on the change.

This activity results in a POST IMPLEMENT.

REVIEW, which includes a comparison of the set and achieved goals/targets Manage organizational change Manage cultural change Set roles Train employees Measure goals Table 2: description of activities and sub-activities Non-described rule • This activity will be started if no starting point can be selected.

In that situation, this activity will result in an adaptation of the already delivered incomplete products, such as a gap assessment report. References 1.

Office of Government Commerce (OGC). (2002).

Planning to Implement Service Management.

London : The Stationery Office. 2.

Weerd, I.

Van de (2005).

WEM: A design method for CMS-based web implementations.

UU-CS (Int.

Rep. 2005-043).

UU WINFI Informatica en Informatiekunde. 3.

Kotter, J.P. (1995).

Why transformation efforts fail.

Harvard Business Review, 59–67 In: Journal of Product Innovation Management. 13, 2 , March 1996, 170 4.

Hochtstein, A., Tamm, G., Brenner, W. (2005).

Service oriented IT management: benefit, cost and success factors.

Proceedings 13 European conference on information systems (ECIS 2005), Regensburg, Germany. External links • • • • • • The OGC website [6] IT Service Management Forum [1] The ITIL definition site [2] The ITIL Forum [3] The OGC successful delivery toolkit [4] OGC get best practice [5] ITIL Planning to implement service management 448 References [1] [2] [3] [4] [5] http:/ / http:/ /

Uk/ http:/ / http:/ / www.ogc.


Uk/ sdtoolkit/ deliveryteam/ briefings/ ITIL/ index.

Html http:/ / www.get-best-practice.


Uk ITIL security management The ITIL security management process describes the structured fitting of security in the management organization.

ITIL security management is based on the ISO 27001 standard.

According to ISO.ORG [1] “ISO/IEC 27001:2005 covers all types of organizations (EG commercial enterprises, government agencies, not-for profit organizations).

ISO/IEC 27001:2005 specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization’s overall business risks.

It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof.

ISO/IEC 27001:2005 is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties.” A basic concept of security management is the information security.

The primary goal of information security is to guarantee safety of information.

When protecting information it is the value of the information that has to be protected.

These values are stipulated by the confidentiality, integrity and availability.

Inferred aspects are privacy, anonymity and verifiability.

The goal of the Security Management is split up in two parts: 1.

The realization of the security requirements defined in the service level agreement (SLA) and other external requirements which are specified in underpinning contracts, legislation and possible internal or external imposed policies. 2.

The realization of a basic level of security.

This is necessary to guarantee the continuity of the management organization.

This is also necessary in order to reach a simplified service-level management for the information security, as it happens to be easier to manage a limited number of SLAs as it is to manage a large number of SLAs.

The input of the security management process is formed by the SLAs with the specified security requirements, legislation documents (if applicable) and other (external) underpinning contracts.

These requirements can also act as key performance indicators (KPIs) which can be used for the process management and for the justification of the results of the security management process.

The output gives justification information to the realization of the SLAs and a report with deviations from the requirements.

The security management process has relations with almost all other ITIL-processes.

However, in this particular section the most obvious relations will be the relations to the service level management process, the incident management process and the Change Management process. ITIL security management 449 The security management process The security management process consists of activities that are carried out by the security management itself or activities that are controlled by the security management.

Because organizations and their information systems constantly change, the activities within the security management process must be revised continuously, in order to stay up-to-date and effective.

Security management is a continuous process and it can be compared to the Quality Circle of Deming (Plan, Do, Check, Act).

The inputs are the requirements which are formed by the clients.

The requirements are translated into security services, security quality that needs to be provided in the security section of the service level agreements.

As you can see in the picture there are arrows going both ways; from the client to the SLA; from the SLA to the client and from the SLA to the plan sub-process; from the plan sub-process to the SLA.

This means that both the client and the plan sub-process have inputs in the SLA and the SLA is an input for both the client and the process.

The provider then develops the security plans for his/hers organization.

These security plans contain the security policies and the operational level agreements.

The security plans (Plan) are then implemented (Do) and the implementation is then evaluated (Check).

After the evaluation then both the plans and the implementation of the plan are maintained (Act).

The activities, results/products and the process are documented.

External reports are written and sent to the clients.

The clients are then able to adapt their requirements based on the information received through the reports.

Furthermore, the service provider can adjust their plan or the implementation based on their findings in order to satisfy all the requirements stated in the SLA (including new requirements). Control The first activity in the security management process is the “Control” sub-process.

The Control sub-process organizes and manages the security management process itself.

The Control sub-process defines the processes, the allocation of responsibility the policy statements and the management framework.

The security management framework defines the sub-processes for: the development of security plans, the implementation of the security plans, the evaluation and how the results of the evaluations are translated into action plans.

Furthermore, the management framework defines how should be reported to clients.

The activities that take place in the Control process are summed up in the following table, which contains the name of the (sub) activity and a short definition of the activity. Activities Sub-Activities Descriptions Control Implement policies This process outlines the specific requirements and rules that have to be met in order to implement security management.

The process ends with policy statement.

This process sets up the organizations for information security.

For example in this process the structure the responsibilities are set up.

This process ends with security management framework.

In this process the whole targeting process is documented in a specific way.

This process ends with reports. Setup the security organization Reporting The meta-modeling technique was used in order to model the activities of the control sub-process.

The following figure is the meta-process model of the control sub-process.

It is based on a UML activity diagram and it gives an overview of the activities of the Control sub-process.

The grey rectangle represents the control sub-process and the smaller beam shapes inside of the grey rectangle represent the activities that take place inside the control sub-process.

The beams with a black shadow indicate that the activity is a closed (complex) activity.

This means that the activity consists of a collection of (sub) activities but these activities are not expanded because they are not relevant in this particular context.

The white beam without shadow indicates that the reporting activity is a standard activity.

This means that reporting does not contain (sub) activities. ITIL security management 450 Figure 2.1.1: Meta-process model Control sub-process Furthermore, it is noticeable that the first two activities are not linked with an arrow and that there is a black stripe with an arrow leading to the reporting activity.

This means that the two first activities are not sequential.

They are unordered activities and after these two activities have taken place the reporting activity will sequentially follow.

For a more extensive explanation of the meta-modeling technique consult the Meta-modeling wiki.

The following table (table 2.1.2) is a concept definition table. Concept CONTROL DOCUMENTS POLICY STATEMENTS Description CONTROL is a description of how SECURITY MANAGEMENT will be organized and how it will be managed. POLICY STATEMENTS are documents that outlines specific requirements or rules that must be met.

In the information security realm, policies are usually point-specific, covering a single area.

For example, an “Acceptable Use” policy would cover the rules and regulations for appropriate use of the computing facilities.

SECURITY MANAGEMENT FRAMEWORK is an established management framework to initiate and control the implementation of information security within your organization and to manage ongoing information security provision. SECURITY MANAGEMENT FRAMEWORK Table 2.1.2: Concept and definition control sub-process Security management The meta-data model of the control sub-process is based on a UML class diagram.

In figure 2.1.2 is the meta-data model of the control sub-process. Figure 2.1.2: Meta-process model control sub-process The CONTROL rectangle with a white shadow is an open complex concept.

This means that the CONTROL rectangle consists of a collection of (sub) concepts and these concepts are expanded in this particular context. ITIL security management The following picture (figure 2.1.3) is the process-data model of the control sub-process.

This picture shows the integration of the two models.

The dotted arrows indicate which concepts are created or adjusted in the corresponding activities. 451 Figure 2.1.3: Process-data model control sub-process Plan The Plan sub-process contains activities that in cooperation with the Service Level Management lead to the (information) Security section in the SLA.

Furthermore, the Plan sub-process contains activities that are related to the underpinning contracts which are specific for (information) security.

In the Plan sub-process the goals formulated in the SLA are specified in the form of Operational Level Agreements (OLA).

These OLA’s can be defined as security plans for a specific internal organization entity of the service provider.

Besides the input of the SLA, the Plan sub-process also works with the policy statements of the service provider itself.

As said earlier these policy statements are defined in the control sub-process.

The Operational Level Agreements for information security are set up and implemented based on the ITIL process.

This means that there has to be cooperation with other ITIL processes.

For example if the security management wishes to change the IT infrastructure in order to achieve maximum security, these changes will only be done through the Change Management process.

The Security Management will deliver the input (Request for change) for this change.

The change Manager is responsible for the Change Management Process itself.

Table 2.3.1 shows the activity plan the (sub) activities and their definition. Activities Sub-Activities Descriptions Plan Create Security section for SLA Create underpinning Contracts Create Operational level agreements Reporting This process contains activities that lead to the security agreements paragraph in the service level agreements.

At the end of this process the Security section of the service level agreement is created.

This process contains activities that lead to UNDERPINNING CONTRACTS.

These contracts are specific for security.

The general formulated goals in the SLA are specified in operational level agreements.

These agreements can be seen as security plans for specific organization units.

In this process the whole Create plan process is documented in a specific way.

This process ends with REPORTS. Table 2.2.1: (Sub) activities and descriptions Plan sub-process ITIL Security Management As well as for the Control sub-process the Plan sub-process has been modeled using the meta-modeling technique.

On the right side of figure 2.2.1 the meta-process model of the Plan sub-process is given. ITIL security management As you can see the Plan sub-process consists of a combination of unordered and ordered (sub) activities.

Furthermore, it is noticeable that the sub-process contains three complex activities which are all closed activities and one standard activity.

Table 2.2.1 consists of concepts that are created or adjusted during the plan sub-process.

The table also gives a definition of these concepts. Concept PLAN Security section of the security level agreements UNDERPINNING CONTRACTS Description Formulated schemes for the security agreements.

The security agreements paragraph in the written agreements between a Service Provider and the customer(s) that documents agreed Service Levels for a service.

A contract with an external supplier covering delivery of services that support the IT organisation in their delivery of services.

An internal agreement covering the delivery of services which support the IT organization in their delivery of services. 452 OPERATIONAL LEVEL AGREEMENTS Table 2.2.2: Concept and definition Plan sub-process Security management Just as the Control sub-process the Plan sub-process is modeled using the meta-modeling technique.

The left side of figure 2.2.1 is the meta-data model of the Plan sub-process.

The Plan rectangle is an open (complex) concept which has an aggregation type of relationship with two closed (complex) concepts and one standard concept.

The two closed concepts are not expanded in this particular context.

The following picture (figure 2.2.1) is the process-data diagram of the Plan sub-process.

This picture shows the integration of the two models.

The dotted arrows indicate which concepts are created or adjusted in the corresponding activities of the Plan sub-process. Figure 2.2.1: Process-data model Plan sub-process Implementation The Implementation sub-process makes sure that all measures, as specified in the plans, are properly implemented.

During the Implementation sub-process no (new) measures are defined nor changed.

The definition or change of measures will take place in the Plan sub-process in cooperation with the Change Management Process.

The activities that take place in the implementation sub-process are summed up in the following table (table 2.3.1).

The table contains the name of the (sub) activity and a short definition of the activity. ITIL security management 453 Activities Sub-Activities Descriptions Implement Classifying and managing of Process of formally grouping configuration items by type, EG, software, hardware, documentation, IT applications environment, application.

Process of formally identifying changes by type EG, project scope change request, validation change request, infrastructure change request this process leads to asset classification and control documents.

Implement personnel security Implement security management Implement access control Here measures are adopted in order to give personnel safety and confidence and measures to prevent a crime/fraud.

The process ends with personnel security.

In this process specific security requirements and/or security rules that must be met are outlined and documented.

The process ends with security policies.

In this process specific access security requirements and/or access security rules that must be met are outlined and documented.

The process ends with access control.

In this process the whole implement as planned process is documented in a specific way.

This process ends with reports. Reporting Table 2.3.1: (Sub) activities and descriptions Implementation sub-process ITIL Security Management The left side of figure 2.3.1 is the meta-process model of the Implementation phase.

The four labels with a black shadow mean that these activities are closed concepts and they are not expanded in this context.

It is also noticeable that there are no arrows connecting these four activities this means that these activities are unordered and the reporting will be carried out after the completion of al the four activities.

During the implementation phase there are a number of concepts that are created and /or adjusted.

See table 2.3.2 for an overview of the most common concepts and their description. Concept Implementation Asset classification and control documents Personnel security Security policies Access control Description Accomplished security management according to the security management plan.

A comprehensive inventory of assets with responsibility assigned to ensure that effective security protection is maintained.

Well defined job descriptions for all staff outlining security roles and responsibilities.

Security policies are documents that outlines specific security requirements or security rules that must be management to ensure that only those with the appropriate responsibility have access to information in the networks and the protection of the supporting infrastructure. Table 2.3.2: Concept and definition Implementation sub-process Security management The concepts created and/or adjusted are modeled using the meta-modeling technique.

The right side of figure 2.3.1 is the meta-data model of the implementation sub-process.

The implementation documents are an open concept and is expanded upon in this context.

It consists of four closed concepts which are not expanded because they are irrelevant in this particular context.

In order to make the relations between the two models clearer the integration of the two models are illustrated in figure 2.3.1.

The dotted arrows running from the activities to the concepts illustrate which concepts are created/ adjusted in the corresponding activities. ITIL security management 454 Figure 2.3.1: Process-data model Implementation sub-process Evaluation The evaluation of the implementation and the plans is very important.

The evaluation is necessary to measure the success of the implementation and the Security plans.

The evaluation is also very important for the clients (and possibly third parties).

The results of the Evaluation sub-process are used to maintain the agreed measures and the implementation itself.

Evaluation results can lead to new requirements and so lead to a Request for Change.

The request for change is then defined and it is then send to the Change Management process.

Mainly there are three sorts of evaluation; the Self assessment; internal audit, and external audit.

The self assessment is mainly carried out in the organization of the processes.

The internal audits are carried out by internal IT-auditors and the external audits are carried out by external independent IT-auditors.

Besides, the evaluations already mentioned an evaluation based on the communicated security incidents will also take place.

The most important activities for this evaluation are the security monitoring of IT-systems; verify if the security legislation and the implementation of the security plans are complied; trace and react to undesirable use of the IT-supplies.

The activities that take place in the evaluation sub-process are summed up in the following table (Table 2.4.1).

The table contains the name of the (sub) activity and a short definition of the activity. Sub-Activities Activities Descriptions Evaluate Self assessment In this process an examination of the implemented security agreements is done by the organization of the process itself.

The result of this process is SELF ASSESSMENT DOCUMENTS.

In this process an examination of the implemented security agreements is done by an internal EDP auditor.

The result of this process is INTERNAL AUDIT.

In this process an examination of the implemented security agreements is done by an external EDP auditor.

The result of this process is EXTERNAL AUDIT.

In this process an examination of the implemented security agreements is done  based on security events which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service.

The result of this process is SECURITY INCIDENTS.

In this process the whole Evaluate implementation process is documented in a specific way.

This process ends with REPORTS. Internal Audit External audit Evaluation based on security incidents Reporting ITIL security management Table 2.4.1: (Sub) activities and descriptions Evaluation sub-process ITIL Security Management 455 Figure 2.4.1: Process-data model Evaluation sub-process The process-data diagram illustrated in the figure 2.4.1 consists of a meta-process model and a meta-data model.

The Evaluation sub-process was modeled using the meta-modeling technique.

The dotted arrows running from the meta-process diagram (left) to the meta-data diagram (right) indicate which concepts are created/ adjusted in the corresponding activities.

All of the activities in the evaluation phase are standard activities.

For a short description of the Evaluation phase concepts see Table 2.4.2 where the concepts are listed and defined. Concept EVALUATION RESULTS SELF ASSESSMENT DOCUMENTS INTERNAL AUDIT EXTERNAL AUDIT SECURITY INCIDENTS DOCUMENTS Evaluated/checked implementation.

The outcome of the evaluated implementation.

Result of the examination of the security management by the organization of the process itself.

Description Result of the examination of the security management by the internal EDP auditor.

Result of the examination of the security management by the external EDP auditor.

Results of evaluating security events which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service. Table 2.4.2: Concept and definition evaluation sub-process Security management Maintenance It is necessary for the security to be maintained.

Because of changes in the IT-infrastructure and changes in the organization itself security risks are bound to change over time.

The maintenance of the security concerns both the maintenance of the security section of the service level agreements and the more detailed security plans.

The maintenance is based on the results of the Evaluation sub-process and insight in the changing risks.

These activities will only produce proposals.

The proposals serve as inputs for the plan sub-process and will go through the whole cycle or the proposals can be taken in the maintenance of the service level agreements.

In both cases the proposals could lead to activities in the action plan.

The actual changes will be carried by the Change Management process.

For more information about the Change Management Process consult the Change Management Wiki. ITIL security management The activities that take place in the maintain sub-process are summed up in the following table (Table 2.5.1).

The table contains the name of the (sub) activity and a short definition of the activity. Activities Sub-Activities Descriptions 456 Maintain Maintenance of Service level agreements Maintenance of operational level agreements Request for change to SLA and/or OLA Reporting This is a process to keep the service level agreements in proper condition.


This is a process to keep the operational level agreements in proper condition.


Request for a change to the SLA and/or OLA is formulated.

This process ends with a REQUEST FOR CHANGE.

In this process the whole maintain implemented security policies process is documented in a specific way.

This process ends with REPORTS. Table 2.5.1: (Sub) activities and descriptions Maintenance sub-process ITIL Security Management Figure 2.5.1 is the process-data diagram of the implementation sub-process.

This picture shows the integration of the meta-process model (left) and the meta-data model (right).

The dotted arrows indicate which concepts are created or adjusted in the activities of the implementation phase. Figure 2.5.1: Process-data model Maintenance sub-process The maintenance sub-process starts with the maintenance of the service level agreements and the maintenance of the operational level agreements.

After these activities take place (in no particular order) and there is a request for a change the request for change activity will take place and after the request for change activity is concluded the reporting activity starts.

If there is no request for a change then the reporting activity will start directly after the first two activities.

The concepts in the meta-data model are created/ adjusted during the maintenance phase.

For a list of the concepts and their definition take a look at table 2.5.2. ITIL security management 457 Concept MAINTANENANCE DOCUMENTS MAINTAINED SERVICE LEVEL AGREEMENTS Description Agreements kept in proper condition.

Service Level Agreements(security paragraph) kept in proper condition. MAINTAINED OPERATIONAL LEVEL AGREEMENTS Operational Level Agreements kept in proper condition.

REQUEST FOR CHANGE Form, or screen, used to record details of a request for a change to the SLA/OLA. Table 2.5.2: Concept and definition Plan sub-process Security management Complete process-data model The following picture shows the complete process-data model of the Security Management process.

This means that the complete meta-process model and the complete meta-data model and the integrations of the two models of the Security Management process are shown. Figure 2.6.1: Process-data model Security Management process Relations with other ITIL processes The security Management Process, as stated in the introduction, has relations with almost all other ITIL-processes.

These processes are: • • • • • • • • • • IT Customer Relationship Management Service Level Management Availability Management Capacity Management IT Service Continuity Management Configuration Management Release Management Incident Management & Service Desk Problem Management Change Management (ITSM) Within these processes there are a couple of activities concerning security that have to take place.

These activities are done as required.

The concerning process and its process manager are responsible for these activities.

However, the ITIL security management Security Management will give indications to the concerning process on how these (security specific) activities should be structured. 458 Example Internal E-mail Policies.

The use of internal e-mail in an organization has a lot of security risks.

So if an organization chooses to use e-mail as a means of communication, it is highly needed that the organization implements a well thought e-mail security plan/policies.

In this example the ITIL security Management approach is used to implement e-mail policies in an organization.

First of the Security management team is formed and the guidelines, of how the process should be carried out, are formulated and made clear to all employees and provider concerned.

These actions are carried out in the Control phase of the Security Management process.

The next step in to process to implement e-mail policies is the Planning.

In the Plan phase of the process the policies are formulated.

Besides the policies that are already written in the Service Level Agreements the policies that are specific for the e-mail security are formulated and added to the service level agreements.

At the end of this phase the entire plan is formulated and is ready to be implemented.

The following phase in the process is the actual implementation of the e-mail policies.

The implementation is done according to the plan which was formulated in the preceding phase (Plan phase).

After the actual implementation the e-mail policies will be evaluated.

In order to evaluate the implemented policies the organization will perform; The last phase is the maintenance phase.

In the maintenance phase the implemented e-mail policies are maintained.

The organization now knows which policies are properly implemented and are properly followed and, which policies need more work in order to help the security plan of the organization and, if there are new policies that have to be implemented.

At the end of this process the Request for change are formulated (if needed) and the e-mail policies are properly maintained.

In order for the organization to keep its security plan up-to-date the organization will have to perform the security management process continuously.

There is no end to this process an organization can always better its security. References Bon van, J. (2004).

IT-Service management: een introductie op basis van ITIL.

Van Haren Publishing Cazemier, Jacques A.; Overbeek, Paul L.; Peters, Louk M. (2000).

Security Management, Stationery Office.

Security management. (February 1, 2005).

Retrieved from Microsoft Technet Web site: http:/ / Tse, D. (2005).

Security in Modern Business: security assessment model for information security Practices.

Hong Kong: University of Hong Kong. ITIL security management 459 External links • • • • • • • • • • • Open Security Architecture [2] Microsoft Operations framework homepage [3] ISO/IEC 17799 website [4] The OGC website [5] IT Service Management Forum [6] The ITIL definition site [7] The ITIL Forum [3] ITIL wiki [8] Microsoft American ITIL [9] ITIL Security [10] Information Security Management maturity model [2] References [1] http:/ / iso/ catalogue_detail?csnumber=42103 [2] http:/ / [3] http:/ / technet/ itsolutions/ cits/ mo/ mof/ default.

Mspx [4] http:/ / iso/ en/ prods-services/ popstds/ informationsecurity.

Html [5] http:/ / www.itil.


Uk [6] http:/ / [7] http:/ /

Uk [8] http:/ / itil. [9] http:/ / magazine/ channel_story.

Php/ 95672 [10] http:/ / security.

Htm jAPS 460 jAPS Developer(s) Stable release The jAPS Team [1] 2.2.0 / March 2, 2011 Operating system Cross-platform Type License Website Enterprise portal GPL [2] jAPS 2.0 entando (Java Agile Portal System) is an Open Source professional web platform that makes easier aggregation, publishing, access, customization and integration of information, services, processes and resources, compatible with accessibility international standards like WCAG 2.0, Italian Stanca Law, Section 508 and PAS 78, for both front end and back office. What is jAPS 2.0 entando jAPS 2.0 entando is an Open Source professional web platform tailored for both enterprises and governments.

It supports strategic initiatives improving coordination of information flow, providing comprehensive content management, facilitating information sharing, collaboration and integration of enterprise-scale applications. — Six Sigma Whereas Lean IT focuses on customer satisfaction and reducing waste, Six Sigma focuses on removing the causes of defects (errors) and the variation (inconsistency) in manufacturing and business processes using quality management and, especially, statistical methods.[43] Six Sigma also differs from Lean methods by introducing a special infrastructure of personnel (EG so-called “Green Belts” and “ Black Belts”) in the organization.

Six Sigma is more oriented around two particular methods (DMAIC and DMADV), whereas Lean IT employs a portfolio of tools and methods.

These differences notwithstanding, Lean IT may be readily combined with Six Sigma such that the latter brings statistical rigor to measurement of the former’s outcomes.[44] Lean IT 474 Capability Maturity Model Integration (CMMI) The Capability Maturity Model Integration (CMMI) from the Software Engineering Institute of Carnegie Mellon University (Pittsburgh, Pennsylvania) is a process improvement approach applicable to a single project, a division, or an entire organization.

It helps integrate traditionally separate organizational functions, set process improvement goals and priorities, provide guidance for quality processes, and provide a benchmark or point of reference for assessing current processes.[45] However, unlike Lean IT, CMMI (and other process models) doesn’t directly address sources of waste such as a lack of alignment between business units and the IT function or unnecessary architectural complexity within a software application.[2] Information Technology Infrastructure Library (ITIL) The Information Technology Infrastructure Library (ITIL) — a series of books published by the United Kingdom’s Office of Government Commerce — contains concepts, policies, and recommended practices on a broad range of IT management topics.

These are again entirely compatible with the objectives and methods of Lean IT.

Indeed, as another best-practice framework, ITIL may be considered alongside the CMMI for process improvement and COBIT for IT governance. COBIT Control Objectives for Information and related Technology — better known as COBIT — is a framework or set of best practices for IT management created by the Information Systems Audit and Control Association (ISACA), and the IT Governance Institute (ITGI).[46] It provides managers, auditors, and IT users a set of metrics, processes, and best practices to assist in maximizing the benefits derived through the use of IT, achieving compliance with regulations such as Sarbanes-Oxley, and aligning IT investments with business objectives.

COBIT also aims to unify global IT standards, including ITIL, CMMI, and ISO 17799.[47] Notes [1] See “Deployment and Commercial Support” below. [2] Kindler, Nosh B; Krishnakanthan, Vasantha; Tinaikar, Ranjit.

Applying Lean to Application Development (http:/ / Applying_lean_to_application_development_and_maintenance_1979).

McKinsey Quarterly, May 2007 [3] Hanna, Julia. “ Bringing ‘Lean’ Principles to Service Industries (http:/ / hbswk.


Edu/ item/ 5741.


HBS Working Knowledge.

October 22, 2007. (Summary article based on published research of Professor David Upton of Harvard Business School and doctoral student Bradley Staats: Staats, Bradley R., and David M.

Upton. “Lean Principles, Learning, and Software Production: Evidence from Indian Software Services.”.

Harvard Business School Working Paper.

No. 08-001.

July 2007. (Revised July 2008, March 2009.) [4] Waterhouse, Peter. “ Improving IT Economics: Thinking Lean (http:/ / files/ WhitePapers/ improving-it-economics-wp.

Pdf)& rdquo;.

CA White Paper.

November 2008. [5] Masters of Lean IT: How 3 Visionary IT Executives Maximize Value and Minimize Waste.

Interviews with John Parkinson (Chief Technology Office, TransUnion), Mike Yorwerth (Group Technology and Architecture Director, Tesco), and Marc Silvester (Chief Technology Office, Fujitsu Services), published by CA, Inc (2009). [6] The value-stream methodology originated at Toyota, where it is known as Material and Information Flow Mapping.

See Learning to See: Value-Stream Mapping to Create Value and Eliminate Muda by Mike Rother and John Shook (Lean Enterprise Institute 1999, ISBN 0-9667843-0-8).

The methodology has since been developed by James Womack and Daniel Roos while researching their seminal book The Machine that Changed the World (see References below). [7] Rother, Mike; Shook, John.

Learning to See: Value-Stream Mapping to Create Value and Eliminate Muda.

Lean Enterprise Institute 1999.

ISBN 0-9667843-0-8 [8] Service-level agreement [9] Executive Vice President [10] capital expenditures [11] operating expenses [12] Although repositories similar to CMDBs have been used by IT departments for many years, the term CMDB stems from ITIL (Information Technology Infrastructure Library) — a series of books published by the United Kingdom’s Office of Government Commerce containing concepts, policies, and recommended practices on a broad range of IT management topics Lean IT [13] The Evolution of Job Scheduling: CA’s Approach to Workload Automation (https:/ / files/ IndustryAnalystReports/ the_evolution_of_job_scheduling.

Pdf). (IDC White Paper, November 2007) [14] Isidore, Chris. “It’s official: Recession since Dec ’07” (http:/ / money. 2008/ 12/ 01/ news/ economy/ recession/ index.


December 1, 2008 [15] Jones, Daniel T.

Lean Survival (http:/ / downloads/ dan/ dan_eletter_200903.


Lean Enterprise Academy Letter e-Letter.

March 19, 2009. [16] Rappaport, Liz; Ng, Serena. “New Fears as Credit Markets Tighten Up.” (http:/ / online. article/ SB123655494840465843.


Wall Street Journal.

March 9, 2009 [17] Grynbaum, Michael M. “Outlook Grows More Dire for Housing Market.” (http:/ / 2008/ 11/ 26/ business/ economy/ 26housing.


New York Times.

November 25, 2008 [18] Reynolds, Glenn. “Tax Day Becomes Protest Day.” (http:/ / online. article/ SB123975867505519363.


Wall Street Journal.

April 15, 2009 [19] Hagenbaugh, Barbara; Krantz, Matt; Kirchhoff, Su. “Wave of layoffs in U.S., Europe show severity of the recession.” (http:/ / money/ economy/ 2009-01-26-economy-recession-layoffs_N.


USA Today.

January 30, 2009 [20] Mamudi, Sam. “ Treasury Money-Market Funds Shut the Door.” (http:/ / news/ story/ low-yields-force-treasury-money-market/ story.


MarketWatch: Wall Street Journal Digital Network.

January 27, 2009 [21] “Technology and the Lean Enterprise” (http:/ / usa/ solutions/ manufacturing/ pdf/ Technology_and_then_Lean_Enterprise.

Pdf) SAP White Paper, January 18, 2008 [22] These include internal business functions such as enterprise resource planning and human resources management, business-to-business applications such as supply-chain management and hosted solutions, and customer-facing functions such as sales and customer service. [23] “Customer Experience Manager: Real-Time Visibility into Web-Based Transactions for IT and Business Managers” CA Technology Brief.

March 2009 [24] Merging Information Technology and Business, (http:/ / company/ pdf/ New_Economic_Oprties_Germany.

Pdf) a commentary by SAP Chairman Henning Kagermann [25] Verity, John W. “When Green Delivers Green” (http:/ / showArticle.


Smart Enterprise Magazine.

Volume 3.

No. 1 [26] “Get Lean an Green in 2009.” (http:/ / www-304. jct03004c/ industries/ publicsector/ us/ en/ contenttemplate/ !!/ xmlid=166767) IBM product page. [27] Samson, Ted. “The Green IT Leaders of 2009” (http:/ / d/ green-it/ green-it-leaders-2009-050) Infoworld April 22, 2009. [28] “Green IT: Corporate Strategies” (http:/ / innovate/ content/ feb2008/ id20080211_204672.


Business Week.

February 11, 2008 [29] Weston, Rusty. “Greening the Data Center” (http:/ / articles/ 2008winter/ markettrends2.

Jhtml) Smart Enterprise Magazine.

Volume 2.

No. 1 [30] CA Enables Lean IT to Help Maximize Value and Minimize Cost (http:/ / us/ press/ release.


April 27, 2009. [31] Chapman, Siobhan.

Lean Methods Drive Heathrow Terminal 5 Development (http:/ / management/ it-business/ it-organisation/ news/ index.

Cfm?newsid=4058) Computerworld UK.

July 17, 2007 [32] Werdigier, Julia; Clark, Nicola.

New Competition and Cancellations at Heathrow Vex British Airways (http:/ / 2008/ 04/ 01/ business/ worldbusiness/ 01air.

Html?_r=1& scp=1& sq=British Airways canceled flights Heathrow& st=cse) International Herald Tribune.

April 1, 2009 [33] More generally, challenges of this kind are the subject of change management. [34] James Womack and Daniel Jones, leading consultants in the field, emphasize that lean consumption isn’t about reducing the amount customers buy.

Rather, it is about providing the full value that customers desire from their goods and services, with the greatest efficiency.

See Womack, James P.

And Jones, Daniel T. “Lean Consumption.” Harvard Business Review.

March 2005 [35] “ADM Outsourcing: Go/No Go?” (http:/ / 50226711/ adm_outsourcing_go_no_go.

Php) — commentary on and excerpts from Aberdeen Group report “Does Outsourcing Application Development, Maintenance Pay Off? [36] Perry, Randy; Grieser, Tim; Hatcher, Eric. “Improving IT Economics and Gaining Business Value with CA’s Enterprise IT Management Software: An ROI Study”.

IDC paper.

November 2008.

This paper reports that the greatest benefit from adopters of Lean IT is the subsequent increase in IT productivity, which accounted for approximately 61% of the total benefit ($78,000 for every 100 users). [37] Tesco operates in the United States under the brand “Fresh & Easy’ [38] Griffith, Victoria. “Welcome to Tesco, Your ‘Glocal’ Superstore.” Strategy+Business.

First Quarter 2002 [39] Kleiner, Art. “Leaning Toward Utopia: A Profile of Dan Jones and Jim Womack.” (http:/ / downloads/ general/ leaning_toward_utopia.

Pdf) Strategy+Business.

July 2005 [40] Lean Government in Cape Coral (Office City Web Site) (http:/ / Government/ CityManager/ LeanGovernment/ tabid/ 1347/ mctl/ ArticleView/ ModuleId/ 3442/ articleId/ 647/ Future-Kaizens.

Aspx) [41] Cape Coral Lean Government Update (http:/ / archive. fullstory.

Cfm?articleid=10374) 475 Lean IT [42] Gilbert, Maria. “The City of Cape Coral Enables Leaner Government with AMX and JD Edwards” (http:/ / article/ pressRelease/ idUS119892+ 06-Mar-2009+ PRN20090306) Reuters.

March 6, 2009 [43] Antony, Jiju. “Pros and cons of Six Sigma: an academic perspective” (http:/ / node/ 7630).

January 7, 2008 [44] Upton, Malcolm T.; Cox, Charles Lean Six Sigma: A Fusion of Pan-Pacific Process Improvement (http:/ / library/ downloads/ LeanSixSigma.

Pdf). [45] Software Engineering Institute web site: “What is CMMI?” page (http:/ / www.sei.


Edu/ cmmi/ ) [46] ITGI is a U.S.–based research “think tank” on IT governance.

Oriented predominantly towards enterprises.

See the ITGI web site About ITGI (http:/ / template_ITGI.

Cfm?Section=About_ITGI& Template=/ ContentManagement/ HTMLDisplay.

Cfm& ContentID=41668) for more. [47] COBIT 4.1 brochure (http:/ / Content/ NavigationMenu/ Members_and_Leaders1/ COBIT6/ Obtain_COBIT/ CobiT4. 1_Brochure.

Pdf) from the IT Governance Institute (ITGI) 476 References • Bell, Steve and Orzen, Mike (2010) Lean IT, Enabling and Sustaining Your Lean Transformation, Productivity Press, ISBN 978-1-4398-1757-5.

Shingo Prize Research Award 2011 • Bell, Steve (2006) Lean Enterprise Systems, Using IT for Continuous Improvement, John R.

Wiley, ISBN 978-0-471-67784-0. • Yasuhiro Monden (1998), Toyota Production System, An Integrated Approach to Just-In-Time, Third edition, Norcross, GA: Engineering & Management Press, ISBN 0-412-83930-X. • Womack, James P., and Roos, Daniel T. (2007), The Machine That Changed the World, Free Press, ISBN 978-0-7432-9979-4. • Womack, James P.

And Jones, Daniel T. (2005) “Lean Consumption.” Harvard Business Review. External links — MOF 4.0 was created to provide guidance across the entire IT life cycle.completed in early 2008, MOF 4.0 integrates community-generated processes; governance, risk, and compliance activities; management reviews, and Microsoft Solutions Framework (MSF) best practices.

The guidance in the Microsoft Operations Framework encompasses all of the activities and processes involved in managing an IT service: its conception, development, operation, maintenance, and—ultimately—its retirement. Structure of MOF 4.0 MOF 4.0 describes the IT service lifecycle in terms of three phases and a foundational layer: The Plan Phase focuses on ensuring that, from its inception, a requested IT service is reliable, policy-compliant, cost-effective, and adaptable to changing business needs.

The Deliver Phase concerns the envisioning, planning, building, stabilization, and deployment of requested services.

The Operate Phase deals with the efficient operation, monitoring, and support of deployed services in line with agreed-to service level agreement (SLA) targets.

The Manage Layer helps users establish an integrated approach to IT service management activities through the use of risk management, change management, and controls.

It also provides guidance relating to accountabilities and role types.

Service Management Functions MOF organizes IT activities and processes into Service Management Functions (SMFs), white papers that provide detailed processes and outcomes related to a series of IT disciplines.

Each SMF is anchored within a related lifecycle phase and contains a unique set of goals and outcomes supporting the objectives of that phase.

Management Reviews An IT service’s readiness to move from one phase to the next is confirmed by management reviews, which ensure that goals are achieved in an appropriate fashion and that IT’s goals are aligned with the goals of the organization.

Governance, Risk, and Compliance The interrelated disciplines of governance, risk, and compliance (GRC) represent a cornerstone of MOF 4.0.

IT governance is a senior management–level activity that clarifies who holds the authority to make decisions, determines accountability for actions and responsibility for outcomes, and addresses how expected performance will be evaluated.

Risk represents possible adverse impacts on reaching goals and can arise from actions taken or not taken.compliance is a process that ensures individuals are aware of regulations, policies, and procedures that must be followed as a result of senior management’s decisions. Microsoft Operations Framework 499 External links • • • • Microsoft Operations Framework 4.0 homepage [1] Microsoft Solution Accelerators [2] Microsoft Operations Framework Brazil Project [3] Cross-reference MOF v4 versus ITIL v3 [4] References [1] [2] [3] [4] http:/ / MOF http:/ / solutionaccelerators http:/ /

Br/ http:/ / go. fwlink/ ?LinkId=151991 Mobile business development Mobile business development is a category of business development which focuses on attracting new customers in the Mobile Web markets.

There are large efforts being made to make innovative mobile ICT services work.

Examples of these services include mobile tourist guides and shopping guides for consumers.

As an emerging trend, technology and service providers combine their expertise and resources to design these services.

This incorporates designing several models: the Value network, a Value proposition, a Revenue model and a Technological architecture. Economic value Together contributors need to create a business model that forms the blueprint of the cooperating network of organisations intends to create economic value from technological innovation.

Therefore, it is useful to define the different relevant issues: Customer Value of services, Organizational arrangements, Technological architecture, and possible financial arrangements.

A business model is: 1.

An architecture for the product, service and information flows, including a description of the various business actors and their roles. 2.

A description of the potential benefits for the various business actors. 3.

A description of the sources of revenues. Collaboration engineering To facilitate the collaboration between the contributors, the methods can be used to act as a guideline for successful innovation during the pre-product phase.

Most methods are based on the innovation prototyping method (3), which emphasizes on the balance between different viewpoints. Concepts Organizational arrangements — Information technology operations, or IT operations, are the superset of all processes and services that are both provisioned by an IT staff to their internal or external clients and used by themselves, to run themselves as a business.

The definition of IT operations differ throughout the IT industry, where vendors and individual organizations often create their own custom definitions of such processes and services for the purpose of marketing their own products.

Usually, they include management, envisioning, planning, design, implementation, construction, deployment, distribution, verification, installation, instantiation, execution and maintenance.

They endeavor to define common processes and procedures, policies, roles, responsibilities, terminology, best practices and standards for running an enterprise. Operations architecture 540 Operations architecture Please note that the term operations architecture is also used in an aerospace context.

This use of the term is not discussed in the following article.

Operations architecture allows the ongoing support and management of IT services infrastructure of an enterprise .

The IT infrastructure of an enterprise will typically comprise many different systems and platforms, often in different geographic locations.

Operations architecture ensures that these systems perform as expected by centrally unifying the control of operational procedures and automating the execution of operational tasks.

It also reports the performance of the IT infrastructure.

The implementation of an operations architecture consists of a dedicated set of tools and processes which are designed to provide centralisation and automation. Scope and context Operations architecture is mainly centered around back office and data center infrastructure rather than desktop computers.

It supports a company’s computing infrastructure to provide IT services which are required by business processes.

Any organisation with a substantial amount of automated back office processes can have an operations architecture, such as banks, factories and government agencies.

The focus of operations architecture is on the day-to-day provision of IT services and it is not concerned with manufacturing IT products such as the programming of applications.

While operations architecture deals with the technical implementation of IT service management, it does not address personnel or human resource aspects.

The hiring and training of suitable operators is not managed within the context of operations architecture.

The operations architecture is the technical implementation of an IT governance framework such as ITIL.

Specifically, it is the solution design for IT service management.

While IT service management focuses on the conceptual design of the IT service, operations architecture focuses on the technical practicalities of implementing this concept.

Geographically, operations architecture unites the control over increasingly disparate and mobile IT systems on a central operations “bridge” (so named in analogy to a ship’s command bridge). Elements of operations architecture Some of the commonest elements of operations architecture are: • • • • • • • • Production scheduling/monitoring System monitoring Performance monitoring Network monitoring Event management Secure file transfer service level agreements (SLAs) operating level agreements (OLAs) Operations architecture 541 External links • ITIL Framework for IT Service Management [5] OPIDIS ARTESYS International Type Industry Founded Private company Technical Electronic Content Management 1989 Headquarters Rennes (France) Paris (France) Pau (France) Houston (Texas) Key people Daniel COQUELIN (CEO) Olivier DUPONT (CCO) JF JOUSSEAUME (CTO) OPIDIS SIROCO [1] Products Website OPIDIS is a technical electronic document management and imaging systems developed by ARTESYS International. Functionality OPIDIS provides: • Electronic storage, • Document retrieval and management, • Delivery and authorization of any technical documents specially PID (Process and instrumentation diagram), plants and procedures. — Also Published as: Curtis, B., Hefley, W.E., and Miller, S. (2007).

The People Capability Maturity Model: Guidelines for Improving the Workforce. (ISBN 81-317-0798-9).

Delhi, India: Dorling Kindersley (India) Pvt.


Curtis, B., Hefley, W.E., Miller, S.

And Maeda, T. (2003).

People CMM: Hito o ikashi soshiki o seichosaseru noryoku seijukudo moderu. (ISBN 4526052175).

Tokyo, Japan: Nikkan Kogyo Shimbunsha.

Curtis, B., Hefley, W.E., and Miller, S. (2003). ??CMM??——???????? The People Capability Maturity Model: Guidelines for Improving the Workforce.

Chinese Edition. (ISBN 730207044X).

Curtis, B., Hefley, W.E., and Miller, S. (2002).

The People Capability Maturity Model: Guidelines for Improving the Workforce. (ISBN 81-297-0018-2).

Delhi, India: Pearson Education. (In third printing.) People Capability Maturity Model 551 External links • P-CMM Official Web Site ( • Organisational maturity and functional performance (

Php?action=record&rec_id=22624&prevQuery=&ps=10&m=or) • P-CMM references and best practices ( Performance engineering Performance engineering within systems engineering, encompasses the set of roles, skills, activities, practices, tools, and deliverables applied at every phase of the Systems Development Life Cycle which ensures that a solution will be designed, implemented, and operationally supported to meet the non-functional performance requirements defined for the solution.

It may be alternatively referred to as software performance engineering within software engineering; however since performance engineering encompasses more than just the software, the term performance engineering is preferable.

Adherence to the non-functional requirements is validated by monitoring the production systems.

This is part of IT service management (see also ITIL).

Performance engineering has become a separate discipline at a number of large corporations, and may be affiliated with the enterprise architecture group.

It is pervasive, involving people from multiple organizational units; but predominantly within the information technology organization. Performance Engineering Objectives • Increase business revenue by ensuring the system can process transactions within the requisite timeframe • Eliminate system failure requiring scrapping and writing off the system development effort due to performance objective failure • Eliminate late system deployment due to performance issues • Eliminate avoidable system rework due to performance issues • Eliminate avoidable system tuning efforts • Avoid additional and unnecessary hardware acquisition costs • Reduce increased software maintenance costs due to performance problems in production • Reduce increased software maintenance costs due to software impacted by ad hoc performance fixes • Reduce additional operational overhead for handling system issues due to performance problems Performance Engineering Approach Because this discipline is applied within multiple methodologies, the following activities will occur within differently specified phases.

However if the phases of the rational unified process (RUP) are used as a framework, then the activities will occur as follows: Inception During this first conceptual phase of a program or project, critical business processes are identified.

Typically they are classified as critical based upon revenue value, cost savings, or other assigned business value.

This classification is done by the business unit, not the IT organization.

High level risks that may impact system performance are identified and described at this time.

An example might be known performance risks for a particular vendor system. Performance engineering Finally performance activities, roles, and deliverables are identified for the Elaboration phase.

Activities and resource loading are incorporated into the Elaboration phase project plans. 552 Elaboration — Monitoring To ensure that there is proper feedback validating that the system meets the NFR specified performance metrics, any major system needs a monitoring subsystem.

The planning, design, installation, configuration, and control of the monitoring subsystem is specified by an appropriately defined Monitoring Process.

The benefits are as follows: 1. 2. 3. 4.

It is possible to establish service level agreements at the use case level.

It is possible to turn on and turn off monitoring at periodic points or to support problem resolution.

It enables the generation of regular reports.

It enables the ability to track trends over time – such as the impact of increasing user loads and growing data sets on use case level performance. The trend analysis component of this cannot be undervalued.

This functionality, properly implemented, will enable predicting when a given application undergoing gradually increasing user loads and growing data sets will exceed the specified non functional performance requirements for a given use case.

This permits proper management budgeting, acquisition of, and deployment of the required resources to keep the system running within the parameters of the non functional performance requirements. References Further reading • • • • Modern trend in Performance Engineering ( A Performance Engineering Strategy ( A Performance Process Maturity Model ( Exploring UML for Performance Engineering ( 03_MC_SERP.pdf) • Introduction to Modeling Based Performance Engineering ( PE_Model_Intro.pdf) Performance engineering • Leveraging ITIL to Improve Application Performance ( A6BE9064-50DC-4E00-9B52-BA265DA722D6.pdf) • Patterns & Practices Performance Engineering ( PerformanceWiki.PerformanceEngineering) • Performance and Scalability of Distributed Software Architectures (

Pdf) • Performance Engineering Best Practices (High Level) ( • Performance Assurance: A Cynic’s Brief Collection of Dos and Don’ts ( PerformanceAssuranceDosAndDonts.pdf) • Principles of Capacity Management ( of Capacity Management.

Pdf) • Software Engineering and Performance: A Road-map ( p189-pooley.pdf?key1=336553&key2=4989881611&coll=GUIDE&dl=GUIDE,ACM&CFID=11111111& CFTOKEN=2222222) • The Vicious Cycle of Computer Systems Performance and IT Operational Costs ( whitepapers/Performance_Cost.pdf) • Microsoft Windows Server Performance Team ( • Gathering Performance Requirements ( 556 Permission marketing Permission marketing is a term popularized by Seth Godin[1] (but found earlier [2] ) used in marketing in general and e-marketing specifically.

The undesirable opposite of permission marketing is interruption marketing.

Marketers obtain permission before advancing to the next step in the purchasing process.

For example, they ask permission to send email newsletters to prospective customers.[3] It is mostly used by online marketers, notably email marketers and search marketers, as well as certain direct marketers who send a catalog in response to a request.

This form of marketing requires that the prospective customer has either given explicit permission for the marketer to send their promotional message (EG an email or catalog request) or implicit permission (EG querying a search engine).

This can be either via an online email opt-in form or by using search engines, which implies a request for information which can include that of a commercial nature.

To illustrate, consider someone who searches for “buy shoes.” Online shoe stores have the searchers’ permission to make an offer that solves their shoe problem.

Marketers feel that this is a more efficient use of their resources because the offers are only sent to people that are actually interested in the product.

This is one technique used by marketers that have a personal marketing orientation.

They feel that marketing should be done on a one-to-one basis rather than using broad aggregated concepts like market segment or target market.

In the United Kingdom, an opt-in is required for email marketing, under The Privacy and Electronic Communications (EC Directive) Regulations 2003.

This came into force on the 11 December 2003.

Another form of permission marketing is in-stream advertising.

This type of marketing involves the showing of an advertisement prior to and/or during an on-line video stream.

This type of advertising allows originators of the video content to show their video in the highest quality versus other videos posted without consent.

Among the different types of in-stream advertising are, standard fifteen to sixty second video advertisements, branded player skins, branded slates, survey ads, and even sponsored blocks of time.

This type of marketing allows advertisers to reach a more specific audience that may be more receptive to their product or service.

See Anderson School of Management project Promotions Channel: Permission Marketing [4] Permission marketing 557 Permission marketing and the internet Permission marketing offers the promise of improving targeting by helping consumers interface with marketers most likely to provide relevant promotional messages.

Many permission-marketing firms (EG yes– now part of the business incubator, CMGI) claim customer response rates in the region of 5-20% and since most use e-mail, they are not affected by the measurement problems of banner advertising.

Since the ads arrive in the mailbox of the individual, it is likely that more attention would be paid to them in comparison to banners.

Even though permission marketing can be implemented in any direct medium, it has emerged as a serious idea only with the advent of the Internet.

The two reasons for this are: (1) on the Internet, the cost of marketer-to-consumer communication is low; (2) the Internet has enabled rapid feedback mechanisms due to instantaneous two-way communication.

Another motivation for permission marketing on the Web has been the failure of the direct mail approach of sending unsolicited promotional messages.

The prime example of this is unsolicited commercial e-mail or “Spam”.

Senders of spam realize three things- the cost of obtaining a new e-mail address is minimal, the marginal cost of contacting an additional customer is nearly zero and it is easy to deceive the consumer.

Spammers can easily obtain new e-mail addresses from websites and Usenet groups using software programs that “troll” the Internet.

Individuals provide their addresses at these places for other purposes and hence, this violates their privacy rights.

In addition, marketers incur similar costs if they send out 1 million or 10 million e-mails.

Moreover, there are now programs that enable the large-scale use of deceptive practices (EG forged e-mail headers).

Due to these problems, Spam cannot be a legitimate form of marketing communication.

Using it would lead to an excessive message volume for consumers, weakening of brand reputation and a slowing of the entire network.

Hence, permission marketing is seen as a feasible alternative for Internet marketing communication.

Permission marketing is now a large-scale activity on the Internet.

A leading Internet business periodical recently noted that, “permission marketing was once a niche business.

Now, everybody is doing it”.

In addition, permission marketing has been incorporated in leading texts on marketing management, EG, Kotler’s millennium edition. Notes [1] Godin, Seth (1999).

Permission Marketing: turning strangers into friends, and friends into customers.

New York: Simon & Schuster.

ISBN 0-684-85636-0. [2] “permission marketing.” OED Online.

Third Edition, December 2005.

Oxford University Press.

Accessed 29 March 2011 (http:/ / view/ Entry/ 141214#eid30892945) [3] Scott, David Meerman (2007).

The new rules of marketing and PR how to use news releases, blogs, podcasts, viral marketing and online media to reach your buyers directly.

Hoboken, N.J.: J.

Wiley & Sons, Inc..

P. 162.

ISBN 978-0-470-11345-5. “…if you’re asking for someone’s e-mail address …

You must provide something equally valuable in return.” [4] http:/ / www.mgmt487. — [1] “Network Advertising Initiative” (http:/ / managing/ opt_out.

Asp). . [2] Smart Computing Article – Pop-ups (http:/ / Editorial/ article.

Asp?article=articles/ WebOnly/ TechSupport/ 441w10/ 41w01.

Asp& guid=) [3] http:/ / columns/ 041015.

Html [4] http:/ / articles/ artistic-popup-approach.

Html [5] http:/ / patft.


Gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool.

Html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=7,386,555& OS=7,386,555& RS=7,386,555 [6] http:/ / patft.


Gov/ netacgi/ nph-Parser?Sect1=PTO2& Sect2=HITOFF& p=1& u=%2Fnetahtml%2FPTO%2Fsearch-bool.

Html& r=1& f=G& l=50& co1=AND& d=PTXT& s1=7,353,229& OS=7,353,229& RS=7,353,229 External links • How To Stop Internet Popups ( – entry in wikiHow • Pop-under ads may hit publisher wallets ( 2100-1023_3-931069.html) • IAB Pop-Up Guidelines and Best Practice ( 508767/1461) Problem management 565 Problem management This article is about Problem Management Process, as defined by ITIL.

ITIL defines a problem as the cause of one or more incidents.

Problem Management is the process responsible for managing the lifecycle of all problems.

The primary objectives of Problem Management are to prevent problems and resulting incidents from happening, to eliminate recurring incidents and to minimize the impact of incidents that cannot be prevented. Scope Problem Management includes the activities required to diagnose the root cause of Incident Management and to determine the resolution to those problems.

It is also responsible for ensuring that the resolution is implemented through the appropriate control procedures, especially Change Management and Release Management.

Problem Management will also maintain information about problems and the appropriate workarounds and resolutions, so that the organization is able to reduce the number and impact of Incident Management over time.

In this respect, Problem Management has a strong interface with Knowledge Management, and tools such as the Known Error Database will be used for both.

Although Incident Management and Problem Management are separate processes, they are closely related and will typically use the same tools, and may use similar categorization, impact and priority coding systems.

This will ensure effective communication when dealing with related incidents and problems. Value to business Problem Management works together with Incident Management and Change Management to ensure that IT service availability and quality are increased.

When incidents are resolved, information about the resolution is recorded.

Over time, this information is used to speed up the resolution time and identify permanent solutions, reducing the number and resolution time of incidents.

This results in less downtime and less disruption to business critical systems.

Additional value is derived from the following: • • • • Higher availability of IT services Higher productivity of business and IT staff Reduced expenditure on workarounds or fixes that do not work Reduction in cost of effort in fire-fighting or resolving repeat incidents. Process activities, methods and techniques Problem Management consists of two major processes: • Reactive Problem Management, which is generally executed as part of Service Operation • Proactive Problem Management which is initiated in Service Operation, but generally driven as part of Continual Service Improvement (CSI). Problem detection • Suspicion or detection of a cause of one or more incidents by the Service Desk, resulting in a Problem Record being raised – Service Desk may have resolved the incident but has not determined a definitive cause and suspects that it is likely to recur. Problem management • Analysis of an incident by a technical support group which reveals that an underlying problem exists, or is likely to exist. • Automated detection of an infrastructure or application fault, using event/alert tools automatically to raise an incident which may reveal the need for a Problem Record. • A notification from a supplier or contractor that a problem exists that has to be resolved. • Analysis of incidents as part of proactive Problem Management: watch-bulletins, releases, relevant papers — External links • Revere, Inc.

Official Website ( • Maintenance Management Software Blog ( • Avantce, LLC Official Website ( RPR Problem Diagnosis RPR is a problem diagnosis method specifically designed to determine the root cause of IT problems. Overview RPR (Rapid Problem Resolution) deals with failures, incorrect output and performance issues, and its particular strengths are in the diagnosis of ongoing & recurring grey problems.

The method comprises: • Core Process • Supporting Techniques The Core Process defines a step-by-step approach to problem diagnosis and has three phases: • Discover • Gather & review existing information • Reach an agreed understanding • Investigate • Create & execute a diagnostic data capture plan • Analyse the results & iterate if necessary • Identify Root Cause • Fix • Translate diagnostic data • Determine & implement fix • Confirm Root Cause addressed The Supporting Techniques detail how the objectives of the Core Process steps are achieved, and cite examples using tools and techniques that are available in every business. Standards alignment RPR has been fully aligned with ITIL v3 since RPR 2.01 was released in April 2008.

RPR fits directly into the ITIL v3 Problem Management Process as a sub-process.

Some organisations handle ongoing recurring problems within Incident Management, and RPR also fits into the ITIL v3 Incident Management Process as a sub-process.

COBIT also defines a Problem Management Process (DS10) with key activity of Perform root cause analysis.

RPR is a superset of this step in that it defines a process that covers all of the activities needed to perform Problem investigation & diagnosis, including Root Cause identification. RPR Problem Diagnosis 604 Limitations RPR has some limitations and considerations, including: • RPR deals with a single symptom at a time • RPR is not a forensic technique and so historical data alone is rarely sufficient • The Investigate phase requires the user to experience the problem one more time History The method was originally developed by Advance7 in 1990 as the Rapid Problem Resolution Method, with the first fully documented version produced in 1995.

Early versions included problem management guidance but this was removed over time as the method became more closely aligned to ITIL.

RPR is now focused on Problem Diagnosis based on Root Cause Identification.

Due to the highly practical nature of the Supporting Techniques and the ever changing IT landscape, Advance7 continues to develop RPR to keep it relevant to current IT environments.

Until November 2007 Advance7 made the RPR material available to its employees only, although a limited number of other IT professionals had been trained in the use of the method.

In late 2007 the company announced its intention to make RPR training and material more widely available.

In March 2009 the TSO added a significant amount of RPR information to the ITIL Best Practice Live website within the areas dealing with Problem Management. Further reading • RPR presentation to the British Computer Society [2] • Case Study: [1] Aberdeen City Council solves four-month IT problem in two days • Article: [1] Misunderstand the symptoms, fail with the cure References [1] http:/ / community/ blogs/ index.

Cfm?entryId=2099& blogId=29 Run Book Automation 605 Run Book Automation Run Book Automation (RBA) is the ability to define, build, orchestrate, manage and report on workflows that support system and network operational processes.

A run book process can cross all management disciplines and interact with all types of infrastructure elements, such as applications, databases and hardware.

According to Gartner, the growth of RBA has coincided with the need for IT operations executives to deliver and prove higher IT operations efficiencies including reducing mean time to repair (MTTR), increasing mean time between failures (MTBF) and automating the provisioning of IT resources.

In addition, it is necessary to have the mechanisms to implement best practices (for example, implement and manage IT operations processes in line with IT Infrastructure Library ITIL), increase IT personnel effectiveness (for example, automate repetitive tasks associated with IT operations process) and have the tools to fully report on how the processes are executed in line with established policies and service levels. Market consolidation As a new area of infrastructure components, this market has seen a number of acquisitions as the major data centre vendors vie for the various startups with new applications in this area.[1] Runbook Automation Software While nearly every major Runbook Automation software company has been acquired by major software vendors such as HP or Microsoft it is still a growing market so other existing companies are emerging with software of their own or new companies are being founded to build these types of software tools. • Cisco Tidal Enterprise Orchestrator acquired from Tidal Software • Opsware acquired from iConclude • • • • • • HP acquired Opsware BMC acquired Realops IBM acquired Maximo CA acquired Optinuity Microsoft acquired Opalis iWave Software acquired Enigmatec [2] References • IT Operations Run Book Automation, by David Williams, Gartner.

May 4, 2007. [1] Gartner “IT Operations Run Book Automation – The Evolving Vendor Landscape” [2] IT management and automation market shrinks, yet players grow (https:/ / newsletters/ nsm/ 2010/ 040510nsm2.

Html) Selerant 606 — A business unit manager’s perspective Business Unit Managers determine what services to “publish” to end-users via the service catalog.

Business Unit Managers and Analysts would determine what questions are to be asked of the user, any approvals necessary for a request, and what other systems or processes are needed to fulfill the request.

Once the service is defined and the fulfillment process organized, these people or a more technical employee would build the requisite functionality into the service definition and then publish this to the service catalog. External links • How to Produce An Actionable IT Service Catalog [1] • The Eight Essential Elements of an IT Service Lifecycle [2] References DuMoulin, Fine, Flores.

Defining IT Success through the IT Service Catalog, Van Haren Publishing.

ISBN 978-9077212967 References [1] http:/ / itil/ article.

Php/ 3520901 [2] http:/ / itil/ article.

Php/ 3691561 Service Desk (ITSM) 612 Service Desk (ITSM) A Service Desk is a primary IT service called for in IT service management (ITSM) as defined by the Information Technology Infrastructure Library (ITIL).

It is intended to provide a Single Point of Contact (“SPOC”) to meet the communication needs of both Users and IT employees.

But also to satisfy both Customer and IT Provider objectives. “User” refers to the actual user of the service, while “Customer” refers to the entity that is paying for service. Service desk types Many organizations have implemented a central point of contact for handling Customer, User and other issues.

The Service Desk types are based on the skill level and resolution rates for service calls.

The different service desk types include: • Call center • Contact center • Help desk ITIL approach The ITIL approach considers the Service Desk to be the central point of contact between service providers and users/customers on a day-to-day basis.

It is also a focal point for reporting Incidents (disruptions or potential disruptions in service availability or quality) and for users making Service Requests (routine requests for services). Other activities The Service Desk handles incidents and service requests, as well as providing an interface to users for other ITSM activities such as: 1.

Incident Management 2.

Problem Management 3.

Configuration Management 4.

Change Management 5.

Release Management 6.

Service Level Management 7.

Availability Management 8.

Capacity Management 9.

Financial Management 10.

IT Service Continuity Management 11.

Security Management Differences from a call center, contact center, help desk The Service Desk differs from a call center, contact center and a help desk by offering a more broad and user-centred approach, which seeks to provide a user with an informed single point of contact for all of their IT requirements.

A Service Desk seeks to facilitate the integration of business processes into the Service Management infrastructure.

In addition to actively monitoring and owning Incidents and user questions, and providing the communications channel for other Service Management disciplines with the user community, a Service Desk also provides an interface for other activities such as customer Change requests, third parties (EG maintenance contracts), and software licensing. Service Desk (ITSM) 613 External links • Service Desk Objectives in ITIL Foundation [1] • User reviews of popular service desk software [2] References [1] http:/ / Service-Desk-Objectives-in-ITIL-Foundation_43.

Html [2] http:/ / tools/ helpdesk-software-directory/ helpdesk-servicedesk/ Service Integration Maturity Model The Service Integration Maturity Model (SIMM) is a standardized model for organizations to guide their SOA transformation journey.

By having a standard maturity model, it becomes possible for the organizations or industry to benchmark their SOA levels, to have a roadmap for transformation to assist their planning and for vendors to offer services and software against these benchmarks.

SIMM may also serve as a framework for the transformation process that can be customized to suit the specific needs of organizations and assessments.

This process is a simple sequence of steps: configure the assessment framework, determine the initial level of maturity, and determine the target level of maturity and a transformation path from initial to target level.

The Service Integration Maturity Model (SIMM) helps an organization create a roadmap for the incremental transformation of that organisation towards more mature levels of service integration in order to achieve increasing business benefits associated with higher levels of maturity.

SIMM is used to determine which organisational characteristics are desirable in order to attain a new level of maturity.

This will determine whether problems occurring at the current level can be solved by evolving to a higher level of service integration maturity.

The Open Group has adopted SIMM as the foundation for the Open Group Service Integration Maturity Model (OSIMM).

OSIMM [1] is the industry’s first collaborative maturity model for SOA adoption. Articles • IBM Article [2] References [1] http:/ / projects/ osimm/ [2] http:/ / developerworks/ webservices/ library/ ws-soa-simm/ Service level agreement 614 Service level agreement — Outsourcing involves the transfer of responsibility from an organization to a supplier.

The management of this new arrangement is through a contract that may include a service level agreement.

The contract may involve financial penalties and the right to terminate if SLAs metrics are consistently missed.

Setting, tracking, and managing SLAs is an important part of the Outsourcing Relationship Management (ORM) discipline.

It is typical that specific SLAs are negotiated up front as part of the outsourcing contract, and they are utilized as one of the primary tools of outsourcing governance. Service level agreement 617 References [1] [2] [3] [4] [5] [6] [7] [8] An outline of the core elements of an SLA.

The Service Level Agreement (http:/ / www.sla-zone.



Http:/ / support/ sla/ network.

Cfm http:/ / terms/ global_latency_sla.

Xml http:/ / gen/ general?pid=6622 http:/ / en. wiki/ Telecommunications_Act_of_1996#SEC. _101. _ESTABLISHMENT_OF_PART_II_OF_TITLE_II.

Http:/ / www.research. wsla/ WSLASpecV1-20030128.

Pdf – Service Level Agreements (http:/ / sla-article.

Html) [email protected] (http:/ / sla-at-soi.

Eu) Service level requirement In the IT field, a Service Level Requirement (SLR) is a broad statement from a customer to a service provider describing their service expectations.

It includes the requirements of the customer from the service provider.

A service provider then prepares the service level agreement (SLA) based on the requirements from the customer.

For example: A customer may require a server be operational (uptime) for 99.95% of the year excluding maintenance.

SLRs are part of the Service Level Management stage of Service Design within the IT field.

The organization of these concepts is spelled out in the Information Technology Infrastructure Library (ITIL); a method of standardizing the practices of IT services and design. References • Bajada, Stephen (2008), ITIL v3 Foundations Certification Training, GTSLearning External links • Definition at ITIL People website [1] • Sample Service Level Requirement form [2] • Service Level Requirement Agreement, Indiana Office of Technology [3] References [1] http:/ / Glossary/ Glossary_s.

Htm [2] http:/ / slr-template.

Htm [3] http:/ /

Gov/ iot/ files/ SLA_7-09.

Pdf Service Measurement Index 618 Service Measurement Index The Service Measurement Index is a framework designed to “Measure the relative goodness of an IT Service”.

Formally: The Service Measurement Index (SMI) defines a framework and method for the calculation of a relative index, which may be used to compare IT Services against one another, or to track services over time.

From a practical standpoint, SMI enables consumers of IT business services to perform “apples-to-apples” comparisons so they can make informed decisions about selecting specific services and service providers.

SMI works by letting consumers of cloud services rate them, via standardized surveys, across six key metrics: quality, agility, risk, cost, capability, and security (more about that below).

There is a large and growing database of completed surveys and currently over 120 services have been rated.

One unique feature for the person wishing to compare services is that he/she can indicate how important each of the six metrics is to him/her for a particular type of service.

These ratings then generate comparison scores (1-99), relative to other services of the same type – scored in consideration of the concerns of this person.

For example, if you want to compare email services and for you, Security is more important than Cost, the SMI will assign higher scores to email services where security is a stronger point than cost.

So the scores are customized to “your” concerns, even though the metrics are standardized.

Here is how it works.

In order to determine the relative goodness of an IT Service, we must first understand: • Relative to What? and • the meaning of goodness.

In order for a meaningful comparison (relative) of an IT Services, only those services which are functionally similar can be included in any comparison.

This implies either each user of the Service Measurement Index must define the functions they are searching for, or a standard taxonomy of IT Services must be used.

Such a taxonomy is currently being produced by the TM Forum project “Cloud Service Definitions (Taxonomy)”, and can be viewed here [1].

The term “goodness” is used to express the appropriateness or usefulness of the IT Service to a specific consumer of that service.

We must, therefore, define the factors, or characteristics, which go to making up the composite called “goodness”; understanding that each consumer will have their own weighting of the characteristics making it unique to them.

The initial characteristics are organized in an hierarchical structure as follows: • The value to the consumer of an index, such as SMI, is especially great with the expansion of both Service and Sourcing choices brought about by the widespread adoption (by Vendors) of cloud-based Services and Service delivery. • The characteristics and sub-characteristics shown above are measured through a set of metrics or indicators, following an ontology similar to that defined by Punter in Using checklists to evaluate software product quality [2]. SMI Characteristics • Where possible, available and well-known characteristics were used from such standards as ISO/IEC 9126/25000 and ISO/IEC 20000, and concepts introduced by ISACA in its COBIT framework were also incorporated. • In order to progress the initial Service Measurement Index framework toward an International Standard, a consortium led by Carnegie Mellon University has been formed.

The announcement of the formation of the Cloud Service Measurement Index Consortium (CSMIC) is available here [3].

Additional information relating to SMI and CSMIC can be found on the Cloud Commons web site here [4].

Cloud Commons is an independent community of IT professionals, analysts, technology providers, and industry experts.

In — [1] http:/ / [2] Ipoque: http:/ / [3] Juan Pedro Fernandez-Palacios Gimenez, Maria Angeles Callejo Rodriguez, Hasan Hasan, Tobias Hobfeld, Dirk Staehle, Zoran Despotovic, Wolfgang Kellerer, Konstantin Pussep, Ioanna Papafili, George D.

Stamoulis, and Burkhard Stiller, “A New Approach for Managing Traffic of Overlay Applications of the SmoothIT Project”, in 2nd International Conference on Autonomous Infrastructure, Management and Security (AIMS08), Bremen, Germany, July 2008. [4] Simon Oechsner, Sergios Soursos, Ioanna Papafili, Tobias Hobfeld, George D.

Stamoulis, Burkhard Stiller, Maria Angeles Callejo, Dirk Staehle, “A framework of economic traffic management employing self-organization overlay mechanisms”, Third International Workshop on Self-Organizing Systems (IWSOS08), Vienna, Austria, December 2008. [5] “Comcast throttles bittorrent traffic, seeding impossible”, http:/ / comcast-throttles-bittorrent-traffic-eedingimpossible/ , 2007. [6] Stevens Le Blond, Arnaud Legout, and Walid Dabbous, “Pushing BitTorrent Locality to the Limit”, Tech.

Rep., Dec 2008. [7] Ruchir Bindal, Pei Cao, William Chan, Jan Medval, George Suwala, Tony Bates, and Amy Zhang, “Improving traffic locality in bittorrent via biased neighbor selection”, in Proceedings of the 26th IEEE International Conference on Distributed Computing Systems, IEEE, 2006, p. 66, IEEE Computer Society Washington, DC, USA. [8] Haiyong Xie, Richard Y.

Yang, Arvind Krishnamurthy, Yanbin G.

Liu, and Abraham Silberschatz, “P4P: Provider portal for applications”, SIGCOMM Comput.commun.

Rev., vol. 38, no. 4, pp. 351-362, 2008. [9] David R.

Choffnes and Fabian E.

Bustamante, “Taming the torrent: a practical approach to reducing cross-ISP traffic in Peer-to-Peer systems”, SIGCOMM Comput.commun.

Rev., vol. 38, no. 4, pp. 363-374, 2008. External links • “Application-layer traffic optimization (ALTO)”, SMPI 633 SMPI The Service Management Proficiency Index (SMPI) is an industry-neutral measurement of maturity and capability an organisation has in relation to the Information Technology Infrastructure Library (ITIL).

ITIL is a set of concepts and practices for managing Information Technology (IT) Services (ITSM), IT development, and IT Operations.

The SMPI is supported by the Service Management Proficiency Dashboard (SMPD), providing a means to manage an organisation’s overall proficiency rating.

The SMPI was developed in 2009 as a joint programme of industry specialists and is endorsed by the IT Service Management Forum of South Africa (itSMFsa).

The IT Service Management Forum (itSMF) is an internationally recognised professional body that is dedicated to developing and promoting ‘best practice’ and standards in IT Service Management.‘Best practice’ can be summarized as ‘an industry accepted way of doing something that works’.

The Best Practice approach to IT Service Management delivers quantifiable business benefits.

These benefits can assist organizations achieve a sustainable, competitive advantage and improved business performance.

The SMPI is a programme and tool that enables companies to Measure, Improve and Develop best practice standards in IT Service Management.

It combines strategy, maturity and capability.

SMPI focuses on people, processes, technology and governance.

The SMPD provides manageable access to an organization’s personal data repository and provides the means to: • • • • • input actions and measurement criteria update and measure improvements; extract reports undertake trend analysis draw comparative analysis against a global market References Socitm 634 Socitm As described on the Socitm website, “The Society of Information Technology Management was founded in 1986 as the professional association for information technology managers working in and for the public sector in the UK. External links • Software Asset Management Software Asset Management (SAM) is a business practice that involves managing and optimizing the purchase, deployment, maintenance, utilization, and disposal of software applications within an organization.

According to the Information Technology Infrastructure Library (ITIL), SAM is defined as “…all of the infrastructure and processes necessary for the effective management, control and protection of the software assets…throughout all stages of their lifecycle.”[1] Fundamentally intended to be part of an organization’s information technology business strategy, the goals of SAM are to reduce information technology (IT) costs and limit business and legal risk related to the ownership and use of software, while maximizing IT responsiveness and end-user productivity.[2] SAM is one facet of a broader business discipline known as IT asset management, which includes overseeing both software and hardware that comprise an organization’s computers and network. Role within organizations SAM can serve many different functions within organizations, depending on their software portfolios, IT infrastructures, resource availability, and business goals.

For many organizations, the goal of implementing a SAM program is very tactical in nature, focused specifically on balancing the number of software licenses purchased with the number of actual copies installed.

In doing so, organizations can minimize liabilities associated with software piracy in the event of an audit by a software vendor or a third party such as the Business Software Alliance (BSA).

SAM, according to this interpretation, involves conducting detailed software inventories on a periodic basis to determine the exact number of software installations, comparing this information with the number of licenses purchased, and establishing controls to ensure that proper licensing practices are maintained on an ongoing basis.

This can be accomplished through a combination of IT processes, purchasing policies and procedures, and technology solutions such as software inventory tools.[3] More broadly defined, the strategic goals of SAM often include (but are not limited to) the following: • Reduce software and support costs by negotiating volume contract agreements and eliminating or reallocating underutilized software licenses[2] • Enforce compliance with corporate security policies and desktop standards[4] • Improve worker productivity by deploying the right kinds of technology more quickly and reliably[2] • Limit overhead associated with managing and supporting software by streamlining and/or automating IT processes (such as inventory tracking, software deployment, issue tracking, and patch management)[5] • Establish ongoing policies and procedures surrounding the acquisition, documentation, deployment, usage and retirement of software in an effort to recognize long-term benefits of SAM[6] Software Asset Management 635 SAM Technology A number of technologies are available to support key SAM processes: • Software inventory tools intelligently “discover” software installed across the computer network, and collect software file information such as title, product ID, size, date, path, and version.

Some inventory tools compare software inventory data with purchasing information to reveal license deficits and ensure that organizations remain compliant with their licensing agreements. • Software metering tools monitor the utilization of software applications across a network.

They can also provide real-time enforcement of compliance for applications licensed based on usage. • Application control tools restrict what and by whom particular software can be run on a computer as a means of avoiding security and other risks.[7] • Software deployment tools automate and regulate the deployment of new software. • Patch management tools automate the deployment of software patches to ensure that computers are up-to-date and meet applicable security and efficiency standards. International Organization for Standardization (ISO) In 2006, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) began working with the SAM industry to develop a standard of best practices for software asset management programs.

Standard ISO/IEC 19770-1:2006, Information technology – software asset management – Part 1, was published by the ISO and IEC in May 2006.

Part 1 of the standard details SAM processes including control environment, planning and implementation, inventory, verification and compliance, operations management and life cycle.[8] ISO/IEC 19770-2:2009 – Part 2: Software identification tag[9] ; establishes specifications for tagging software to optimize its identification and management.

Using Software Identification Tags or SWID Tags makes discovery a simpler and more accurate process that can be verified by software vendors if they audit an organisations entire estate. Issues with scalability An example of issues faced when scaling up discovery tools is with Microsoft’s System Centre Configuration Manager (SCCM).

Using metering rules to monitor software deployment and usage across a small estate is relatively easy and reliable given the total number of unique executables (.exe files) and the number of instances of each executable.

If you try turning on metering rules for every packaged application and every executable in a large estate the volume of data generated quickly becomes unmanageable and expensive to maintain. References Reference Number 4 is no longer valid (missing link). [1] ITIL’s Guide to Software Asset Management [2] “Information technology — Software asset management– Part 1: Processes”.

International Standard.

International Organization for Standardization and International Electrotechnical Commission. 2006-05-01.

Pp. 5 [3] “What is SAM?” (http:/ / resources/ sam/ what.


Microsoft. .

Retrieved 2008-03-19. [4] Dunn, Ian; Daniel Dresner (2004). “SAM Best Practice” (http:/ /

Uk/ groups/ AMG-FASTtalkArticleSAMBestPractice.

Pdf) (PDF).

Federation Against Software Theft. .

Retrieved 2008-03-19. [5] “Information technology — Software asset management– Part 1: Processes”.

International Standard.

International Organization for Standardization and International Electrotechnical Commission. 2006-05-01.

Pp. 19 [6] “Microsoft Software Asset Management: Step-by-Step Training – Step 4” (http:/ / resources/ sam/ sbs_4.


Microsoft. .

Retrieved 2008-03-19. [7] Ogren, Eric (2006-11-03). “Application control coming your way” (http:/ / node/ 3890).computerWorld. .

Retrieved 2008-04-03. Software Asset Management [8] “Information technology — Software asset management– Part 1: Processes”.

International Standard.

International Organization for Standardization and International Electrotechnical Commission. 2006-05-01 [9] http:/ / iso/ catalogue_detail.

Htm?csnumber=53670 636 External links • • • • • • • • Business Software Alliance (BSA) ( Federation Against Software Theft (FAST) ( 19770-1:2006 ( ISO/IEC Information Centre ( index.html) International Business Software Managers Association (IBSMA ( International Association of Information Technology Asset Managers (IAITAM) ( Software & Information Industry Association (SIIA) ( The ITAM Review ( Software factory In software engineering and enterprise software architecture, a software factory is an organizational structure that specializes in producing computer software applications or software components according to specific, externally-defined end-user requirements through an assembly process.

A software factory applies manufacturing techniques and principles to Software Development to mimic the benefits of traditional manufacturing.

Software factories are generally involved with outsourced software creation.

See also outsourcing.

Since coding requires a software engineer, (or the parallel in traditional manufacturing, a skilled craftsman) it is eliminated from the process at the application layer, the software is created by assembling predefined components instead of using traditional IDE’s .

See also composite application.

Traditional coding, is left only for creating new components or services.

Like traditional manufacturing, the engineering is left to the creation of the components and the requirements gathering for the system.

A composite application is the end result of manufacturing in a software factory. Implementations • The first company to adopt this term was Hitachi in 1969 with its Hitachi Software Works.

Later, other companies such as System Development Corporation in 1975, NEC, Toshiba and Fujitsu in 1976 and 1977 followed the same organizational approach. • Software factory–based application development addresses the problem of traditional application development where applications are developed and delivered without taking advantage of the knowledge gained and the assets produced from developing similar applications.

Many approaches, such as training, documentation, and frameworks, are used to address this problem; however, using these approaches to consistently apply the valuable knowledge previously gained during development of multiple applications can be an inefficient and error-prone process. • Software factories address this problem by encoding proven practices for developing a specific style of application within a package of integrated guidance that is easy for project teams to adopt.

Developing applications using a suitable software factory can provide many benefits, such as improved productivity, quality and evolution capability (according for example to SoftFluent [1], the software publisher of CodeFluent Entities [2], a model-driven software factory. — 685 Further reading • Geographically Dispersed Teams (1999).

Valerie Sessa et al.

ISBN 1-882197-54-2 • Duarte, D.L., & Snyder, N.T. (2006).

Mastering Virtual Teams (3rd ed.).

San Francisco: Jossey-Bass.

ISBN 0-7879-8280-6 • Hertel, G., Geister, S., & Konradt, U. (2005).

Managing virtual teams: A review of current empirical research.

Human Resource Management Review, 15, 69-95.

ISSN: 1053-4822 • Lipnack, Jessica and Stamps, Jeffrey Virtual Teams.

Wiley (2 edition – September 13, 2000) ISBN 0471388254 ( • Wiggins, B.E. (2009, July).

Global teams and media selection.

In Proceedings of World Conference on Educational Multimedia, Hypermedia and Telecommunications (pp. 705–710).

Chesapeake, VA: AACE.

Retrieved from • Konetes, G., & Wiggins, B.E. (2009, September).

The effectiveness of virtual teams.

In Proceedings of the Laurel Highlands Communications Conference (pp. 11–18).

Indiana: Indiana University of Pennsylvania. External links • Virtual Teams ( (Robert Davison, ISWORLD) • Team-building key for virtual workplace ( team-building-key-for-virtual-workplace-10076) Business Edge (2006) • Dr Alister Jury’s research into Leadership Effectiveness within Virtual Teams ( view/UQ:152005) (University of Queensland) Visual CMDB An ITIL Visual Configuration Management Database (Visual CMDB) is a series of spreadsheet applications that integrates the CMDB with Change Management and Service Level Management.

A Visual CMDB provides a unified view of the Information Technology (IT) infrastructure in a visual representation.

This common view is a cornerstone for implementing a successful Configuration Management process.

A Visual CMDB helps manage IT assets(CIs) such as Hardware, Software and network components and associated details such as data files, documentation and service level information.

The integration of Change Management with a Visual CMDB allows users to do impact assessments for change and to make the correct changes to the infrastructure to keep the CMDB in sync with reality.

The Forward Schedule of Change provides additional visual information to help with change impact assessment over time. References • Office of Government Commerce (OGC), ed.: Service Support.

IT Infrastructure Library (ITIL).

The Stationery Office, Norwich, UK (2000) • OGC, ed.: Introduction to ITIL.

IT Infrastructure Library.

The Stationery Office (2005) Visual learning 686 Visual learning Visual learning is a teaching and learning style in which ideas, concepts, data and other information are associated with images and techniques.

It is one of the three basic types of learning styles in the widely-used [1] Fleming VAK/VARK model that also includes kinesthetic learning and auditory learning. Theory First let us place visual learning in its proper context, learning as a whole.

The influential management and systems thinker pioneer Russel Ackoff suggested, the most important contribution of a first rate 21st century education is not content.

It is that we acquire the capability to learn and are motivated to do so throughout our lives, we are, by any objective standard, not doing a very good job.

In the developed world today, falling global competitiveness is blamed on education [Karen Ward HSBC:2011 ], our schools, our universities, our tried and tested auditory sequential systems are broken, no longer fit for purpose, a relic of the 19th century [Ackoff].

It is through this lens that we should judge the early pioneers attempts to use psychology to better our society.

The great promise of learning styles, we can prepare our population so they are better able to internalize, reflect, boil down, apply and synthesize information from many, many different sources over extended time frames.

As a society, we can do better.

We must do better, and we will do better.

Although learning styles have “enormous popularity” and both children and adults express personal preferences, there is no evidence that identifying a student’s learning style produces better outcomes, and there is significant evidence that the widespread “meshing hypothesis” (that a student will learn best if taught in a method deemed appropriate for the student’s learning style) is invalid.[2] Well-designed studies “flatly contradict the popular meshing hypothesis”.[2] The studies flat contradiction fails by confusing practice and theory; for deep background see [Linda Silverman, Thomas G West, Stephen Heppel].

The popular meshing hypothesis as implemented by the study designers is much too simplistic in both application and conception.

If learning styles are to become a true science of attention proper screening has to be introduced, differentiated materials need to be prepared and communicated in multiple mediums so the learning channels need to overlapped in the correct order.

In short a scientific approach. Visual learning techniques Creating graphic organizers – Students create graphic organizers such as diagrams, webs, and concept maps by selecting symbols to represent ideas and information.

To show the relationships between ideas, students link the symbols and add words to further clarify meaning.

By representing information spatially and with images, students are able to focus on meaning, reorganize and group similar ideas easily, make better use of their visual memory.

In a study entitled Graphic Organizers: A Review of Scientifically Based Research, The Institute for the Advancement of Research in Education at AEL evaluated 29 studies and concluded that visual learning improves student performance in the following areas: • Critical Thinking–Graphic organizers link verbal and visual information to help students make connections, understand relationships and recall related details.

Retention According to research, students better remember information when it’s represented and learned both visually and verbally.comprehension Students better comprehend new ideas when they are connected to prior knowledge. Visual learning Organization Students can use diagrams to display large amounts of information in ways that are easy to understand and help reveal relationships and patterns.

Visualising data – When working with data, students build data literacy as they collect and explore information in a dynamic inquiry process, using tables and plots to visually investigate, manipulate and analyze data.

As students explore the way data moves through various plot types, such as Venn, stack, pie and axis, they formulate questions and discover meaning from the visual representation. — SteinbDJ, Stephen Bain, Stev0, Stevietheman, Stevo1234567890, Suffusion of Yellow, Suisse2007, Superblu, Superworms, Suptegrove, SusanLesch, Svetovid, Swatjester, SyedHasan.Mahmood82, Syedhasanmahmood, THEN WHO WAS PHONE?, TTGL, Takumi22, Talking image, Tallac20, Teapotgeorge, Tech8000, Technopat, Teles, Tempshill, Teo64x, The Haunted Angel, The Rambling Man, The Thing That Should Not Be, The undertow, TheKMan, TheWeakWilled, Thegn, Thejeansdroop, Themfromspace, Theodolite, Thesecret16, Thingg, Think outside the box, ThinkEnemies, Thinkbeta, Thomas Larsen, Thunderwing, Thw1309, Timtamtoboot, Tintenfischlein, Tiptoety, Tomnap, Tormah hetah, Totus 11, Toytoy, Tr10d, Trevorb19067, Trialsanderrors, Trusilver, Ttonyb1, Turnkey Websites, Tylerdjefferson, U.S.A.U.S.A.U.S.A., Ukfashionhouse1, Uncle G, UnitedStatesian, Untchbl, Unyoyega, Upholder, Utcursch, Uvacss, VSabre, Veinor, Velella, Venom1blood, Versageek, Vespristiano, Victser, Vivio Testarossa, Voldemortuet, Walton One, Waterfox, Waterscapeman, Wayward, Weregerbil, Whisky drinker, Whoisjohngalt, WigsgiW, WikHead, Wiki alf, Wiki-vr, Wikiklrsc, Wikipe-tan, Williamctam, Willking1979, Winchelsea, Wine kid, Wisemankosi, WriterListener, Wrockca, Wwwild, X!, Xomid, Yamaguchi??, Yandman, Yesbaby, Yohay123, Yomaceo, Youssefsan, Yucamaster, ZimZalaBim, Ziplip, Zzuuzz, Ô, Žiedas, 1526 anonymous edits Electronic data processing  Source:  Contributors: A More Perfect Onion, Abtract, Angr, Apparition11, AvicAWB, CLW, Chris the speller, ClaesWallin, Derbeth, Discospinster, Folks at 137, Glenn, Hadal, Jerome Charles Potts, LMB, Lumos3, Masgatotkaca, Maurreen, Midgrid, Mspraveen, Mydogategodshat, Niteowlneils, Recurring dreams, RedWolf, Ronark, Rwwww, SJP, Stw, THEN WHO WAS PHONE?, TopGunSF, Vrrajasekaran, Work permit, Ziko, ????????05, 57 anonymous edits Electronic Document and Records Management System  Source:  Contributors: Bastun, DaOurZ, Greyskinnedboy, Nick Number, Toddst1, Winterst, Woohookitty, 7 anonymous edits Electronic Human Resources  Source:  Contributors: Akray41, Cindamuse, Davidhaspas, Pnm, Rich Farmbrough, Seaphoto, Timrw, Tmol42, WereSpielChequers, 6 anonymous edits Enterprise bus matrix  Source:  Contributors: Alqayoom, Babylonian Armor, Bearcat, Ijha itu, LilHelpa, Santryl, Slasher-fun Enterprise content management  Source:  Contributors: 16×9, Aaronbrick, Accounting4Taste, Alanps, AlphaMatrix, Alusayman, Andrewpmk, Andy Dingley, Ankursen, Anna Lincoln, Antonrojo, Archite, Ash H., Ashleymayer22, Asocall, Barek, Bazzargh, Bctg23, BenjaminNeale, Bloodshedder, Bobrayner, Bonadea, Cameron Scott, Can’t sleep, clown will eat me, CanisRufus, Capricorn42, Car031, Casper2k3, CatSchley, Catfoo, Ceefour, Ceptorial, Chaojoker, Chris the speller, Clinton0, Cmg07068, Cmosso, Cmstester, Colonies Chris, Correogsk, CraigBailey, Craigb81, Crusio, Cynical, DDerby, DabMachine, Danielchalef, Danieljames, Danim, DaveJohnsonSD, Dawnseeker2000, Deejmer, Docmgmt, Dougsey, Dragan Varagic, Dyun, ECM Dan, ECMExpert, ECMgirl, Ecm2006, Ecmguru, Ecmondemand, Elagatis, Eloi.gerard, EncMstr, EoGuy, Epbr123, Equendil, Evolve2k, Farkasattila, Favonian, Fdigital2011, Fmccown, Fotofan, Fratrep, Fred Bradstadt, Funandtrvl, Fæ, Gdm, Gedman, Gioto, GoodDamon, GraemeL, Grafen, Gvanrensburg, Gwern, Haakon, HaloProcess, Harvey the rabbit, Hebsgaard, Herbythyme, Hessamnia, Ian Pitchford, Info.abstracta, Iridescent, J.delanoy, J04n, JHunterJ, JLaTondre, Jaeger5432, Jauerback, Jmancini77, John Seward, Johnkmetha, Johntex, JonHarder, Jonverve, Joshuaklind, Jpbowen, Jsloey, Kaitlin510, Katiem222, Kevinxml007, Kff, Kraftlos, Kuru, Kyle.Lindsay, Lambiam, Lee1872, Lfstevens, LilHelpa, Lkinkade, Longshot14, Luna Santin, Macwhiz, Maglish, Mahanchian, Manwichosu, MarkPDF, Marqoz, Mathisfenne, Matslats, Mattousai, MaxHund, Mbrousseau1, Merana, MichaelFrayDK, Mikelawrence1, Mild Bill Hiccup, Miyagawa, Mkmcconn, Mkuehn10, Monirugg, MrOllie, Muhandes, Mushroom, Napwilson, NawlinWiki, Nbvsrk, Ncw0617, Nmaquaire, Noq, Nurg, OBJECT1VE*CORPORATION, Ohnoitsjamie, Oicumayberight, OnePt618, Opagecrtr, Palapa, PaulHanson, Paulawalka, Pbaan, Peak, Pearle, Petrb, Pganza, Pippa007, PowerFlower, PriscillaBerry, Puneeta prose, Ray3055, RedLavaLamp, ReynoldLeming, Rich Farmbrough, Rjwilmsi, Rob smith 06, Rodamaker, Ronz, Rosiestep, Roystonea, Rwwww, S.K., Satori Son, Sebastian Pikur, Sharnden, Signalhead, Sindri, SiobhanHansa, Spliffy, Sprmw7, Squids and Chips, StevenBirnam, Storkk, Sunsaturn, Sworthy246, Tbyrne, The Thing That Should Not Be, Thehelpfulone, Therealpowerflower, Thingg, Thumperward, Tide rolls, Timc, Tjcoppet, TommyG, Trust2520, Ttallaksen, Ubiscope, UnitedStatesian, Van der Hoorn, Venache, Vendettax, VernoWhitney, Versageek, Vikramsetia, Vivicia, Voidxor, Volphy, Walkingbeard, Webmistress25, Welsh, Winterst, Wyatt Riot, Ytee25, ZimZalaBim, 464 anonymous edits Enterprise information management  Source:  Contributors: DARTH SIDIOUS 2, Doctorfluffy, JLaTondre, JasonLax, Jpbowen, Markcowan, MrOllie, Oli Filth, Pbaan, PigFlu Oink, RHaworth, Rberzle, Rprpr, Squids and Chips, Voidxor, Wikihelper9000, Winterst, Woohookitty, 29 anonymous edits Enterprise IT Management  Source:  Contributors: Benjoya, GregorB, Watpe01, Wikitawe Enterprise Output Management  Source:  Contributors: Adambro, Amirgil, FvdRidder, HPOMteam, Haikon, HarryAlexander, Jpbowen, Kku, Kubiwan, Nekohakase, Rjwilmsi, Sadads, Tikiwont, 7 anonymous edits Enterprise portal  Source:  Contributors: 16×9, Adriantaylor2, Aftabaie, Ahoerstemeier, Amyyaley, Arjayay, Aryanic, Beezhive, Bonadea, Borg42, Bovineone, Bravo2zero, Bricktopbill, Caorongjin, Chadnash, CobraA1, Codrinb, CraigBailey, Cygnusecks, Dkushner, Drparin,, Enric Naval, Exor674, Falkayn, Fasihi, Geniac, Geodinca, Ghuron, Haakon, Harryboyles, Hoatle, Hrasteau, Iheartlondon, Ilmano, Ioannes Pragensis, Iridescent, Itsmetx, JBsupreme, JLaTondre, Jakku Hii, Jaycoates, JimHelwig, JonHarder, Jorgehenriquegarcia, Joseppi, Jsteinka,, Lloydchen, Localtoolbox, Lulu78, M1ss1ontomars2k4, Manud fr, Maruthi Patlo, Maxxyme, Merylk, Mesgary, Mfogar01, Mlaffs, Mshafrir, Neelix, Newsingh, Nfguide, Nicolas1981, Nyttend, Obankston, OsamaK, Petrb, Piano non troppo, Police,Mad,Jack, Porterj99, Psvanstrom, R’n’B, Revelation8, Rjwilmsi, Samsammy00, SchuminWeb, See7tee, Semponna, Shadowjams, Somno, Sonyabraham, Sucker pvn, Sultanzahir, Swaq, TarHippo, Tedickey, Telecomtom, TheMile, Tiberius Claudius Nero, Timeport101, Timvand, Toddrav, Truthbro, UnionSquare, William Avery, Woohookitty, YGE, Zadmehr, 169 anonymous edits Enterprise project management  Source:  Contributors: Andresvv75, Apapadop, Biljana123, Bonadea, Captainm, Cburnett, Ccpond, Crasshopper, Ct31, Donrayner, Dsp13, Elena1234, Excitingfuture, Fikus, Flopsy Mopsy and Cottonmouth, Haakon, Isismarketing, JarredTheYoutuber2, John of Reading, JonHarder, Jpbowen, King of Hearts, Kuru, Kylvag, Lerkey, LilHelpa, Luís Felipe Braga, MrOllie, Nbcruz, Niteowlneils, Peterpvw, Pm master, RHaworth, Reedy, Robertvan1, Smoothhenry, Solarapex, Sverin, Swapy jain, The Silent Contributor, Tubedale, Veinor, Ylebihan, 44 anonymous edits Enterprise wiki  Source:  Contributors: Abaqus, Apokrif, Bernd in Japan, Brainkeeper, Camerojo, Cganske, ChrisUK, DanielHansch, Davidz07, Davydog, Deepak D’Souza, Domguillermo, Donaldjbarry, Dubetantum, Elonka, EntWikish, Exeunt, Gallaugher, GirlDog, Gnu-gnome, Grlloyd, He3nry, Heron, Ian Burnet, Iridescent, J.delanoy, Jarothbart, JzG, Kondara4, Lucid, Marclaporte, Mephistophelian, Mhenry07, Mmv-ru, Neverclear, Ofol, PeterThoeny, Ppetr82, Psantora, Ranafon, Risoto2000, Rkeurentjes, Ronz, Sergiu.dumitriu, Slmader, Steel, SteffenPoulsen, Stevage, Steven Walling, Teratornis, The Anome, ThurnerRupert, Toussaint, Waldir, Y0u, Yaron K., 67 anonymous edits Epitechnology  Source:  Contributors: Bearcat, Despatches, GoingBatty, Jpbowen, Otisjimmy1, Pascal666, Xezbeth ERP for IT  Source:  Contributors: AlonB, Charles T.

Betz, Coolelle, Emigdiolopez, Isuntangle, Jonik,, Margeru, Mjava, Mortense, Pnm, Raysonho, S.K., Sunil patil12123, The Thing That Should Not Be, 17 anonymous edits eSCM (eSourcing Capability Model)  Source:  Contributors: GrapedApe, JHunterJ, MeganFox2, Olevy eSCM-CL  Source:  Contributors: EdGl, Gerry.avilez, GrapedApe, Jpbowen, Olevy, 7 anonymous edits eSCM-SP  Source:  Contributors: Elaine Hyder, Gerry.avilez, GrapedApe, Jpbowen, Kku, Olevy, Plrk, Rcawsey, Resurgent insurgent, Tabletop, 14 anonymous edits European Research Center for Information Systems  Source:  Contributors: Bluegreenblue, Guroadrunner, JonHarder, Karl-Friedrich Boerne, Lunalona, Mathmo, Mdd, Poor Yorick, 2 anonymous edits Executive information system  Source:  Contributors: Anna Lincoln, Arpabr, AssistantX, Bellenion, Ben.c.roberts, Blanchardb, Boxplot, Brightmetrics, Chimin 07, Click23, Compo, Crysb, Cybercobra, DXBari, Derbeth, Edcolins, Elsendero, Gachet, Gail, GroveGuy, Gscshoyru, Gsmgm, HalfShadow, Ixfd64, JubalHarshaw, Kuru, Lelkesa, Logan, MER-C, Malathikp, Mark Renier, Mattisse, Maurreen, Mild Bill Hiccup, Mydogategodshat, Nuno Tavares, Oicumayberight, Pearle, Radagast83, RalphCEO, Ronz, Rxnd, ST47, Shyambajra, Silvioabela, Stevag, Tlou-zdong, Van helsing, 120 anonymous edits Financial Management for IT Services (ITSM)  Source:  Contributors: Appraiser, Ariebsomer, BibTheLion, Cander0000, Juanparve, Jyril, Mattg82, Modulum, Saibo, Shaymandel, Toddetucker, 18 anonymous edits Financial Management Standard  Source:  Contributors: Elonka, Samhiggins1973, Shiftchange, 1 anonymous edits FORTRAS  Source:  Contributors: Fedor, RadioFan GESMES/TS  Source:  Contributors: Anch02, Bwilkins, Obodi, 11 anonymous edits Global delivery model  Source:  Contributors: Katharineamy, Maheshsingh, Malcolma, Thecheesykid, Utcursch, 4 anonymous edits Corporate Governance of ICT  Source:  Contributors: Itgovernancenetwork, Singhalawap, Themfromspace, 4 anonymous edits 704 Article Sources and Contributors Corporate governance of information technology  Source:  Contributors: A.

B., AMPJA, Adrius42, Alanpc1, Andyjsmith, Ash, Beland, Brandguru, CelloerTB, Charles T.

Betz, China Crisis, Cirrus Editor, Cnilep, Coreygorman, Cverlinden, DaddyAndy, Dandan1, David.t.bath, Djamund, Edcolins, Ehheh, Everton1984, Frank Kai Fat Chow, Gforcewebdesign, GilbertoSilvaFan, Hairhorn, HectorM, Hervegirod, IT2BE, IvanLanin, JEH, Joe3600, Jpbowen, Juanpablosoto, Juster84, Jzupan, Khalid hassani, Kim Maes 23,, Kitdaddio, Kku, Kubanczyk, Kuru, LMPerry, LOL, Leoplus, Lumos3, Mantagroup, Marsim, Mgillett, Mild Bill Hiccup, Mmiriam, Moonriddengirl, NSR, Nancy, Nickcarr, Olivier.bally, Ps07swt, Randomalious, Rcardenas, Renaultal, Rich Farmbrough, Richard Bartholomew, RichardVeryard, Rkaseler, Rodecode, Ronz, Roystonea, Sadads, Saurabhdutta, Singhalawap, Steverapaport, Supadawg, TScabbard, Technopilgrim, Televi, TheTito, Tonywhite68, Vaceituno, Van helsing, Wayraw, Wiki3 1415, Xerstau, Yogishpai, 118 anonymous edits Granular Configuration Automation  Source:  Contributors: Bearcat, Fetchcomms, Fstop22, Grafen, Jpbowen, My76Strat, Nick Number, SteveLoughran, 2 anonymous edits Grey problem  Source:  Contributors: Credible58, DH85868993, Jpbowen, LilHelpa, Nikkimaria, [email protected] Hierarchical storage management  Source:  Contributors: Acertain, Alexius08, Alvestrand, AugieWest, Axter, Betacommand, Bissinger, Corto, Cryptic, Fairwin99, Fryed-peach, Guy Harris, Headphone Jack, J04n, JMAN1156, JoanneB, Kbdank71, Kubanczyk, Macrakis, Marketing PoINT, Michael.meseke, Nafets-0791, NapoliRoma, Peter bertok, Poli, Pugglewuggle, Radagast83, Raysonho, Rbarreira, Reedy, Rich257, Rmky87, Rocinante9x, Rroloff, Rudnuts, SimonP, SoleraTec, Thomas.uhl, ThomasGN, Woohookitty, Xaminmo, YUL89YYZ, 54 anonymous edits High Availability Application Architecture  Source:  Contributors: Alice.haugen, Chowbok, Fabrictramp, Funandtrvl, J04n, Katharineamy, Malcolma, Mpurinton, Rror, TMango, Woohookitty Holistic Data Management  Source:  Contributors: Cander0000, DePiep, GregorB, Homoregie, Zollerriia, 1 anonymous edits HP FutureSmart firmware  Source:  Contributors: Lrcubero HP Open Extensibility Platform (OXP)  Source:  Contributors: Bearcat, Flyingprogrammer, IntraconNA, Lrcubero, Sn rlly, Sw2008, 1 anonymous edits Human interaction management  Source:  Contributors: Adoble, Ammalu, Ansell, Bnorrie, Doug Bell, JasonLax, Joel Alcalay, Keith.harrison-broninski, Martin.ashcroft, Michael Hardy, Pgagge, Reinyday, Rightbrainguy, Yandman, Zzuuzz, 16 anonymous edits IBM Tivoli Unified Process (ITUP)  Source:  Contributors: Chowbok, Eustress, Giraffedata, IDefx, Kubanczyk, MikeDogma, MrOllie, Palbright, WeisheitSuchen, Woohookitty, 4 anonymous edits Identity Governance Framework  Source:  Contributors: Dawn Bard, John of Reading, Pjdhunt, Pnm, SatyrTN, 9 anonymous edits IFPUG  Source:  Contributors: Adri Timp, Beano, Ebyabe, IFPUG1, JeepdaySock, JoeScho, Kenilworth Terrace, Mihir.pattanaik, Phoebe, Robertvan1, Uncle G, 3 anonymous edits Imaging for Windows  Source:  Contributors: Colonies Chris, Computerjoe, DanielPharos, Dlrohrer2003, Dougbertram, Eric Kvaalen, Formerly the IP-Address, Hu12, JonHarder, Jonnabuz, JubalHarshaw, Pasquale, Pearle, Prolog, RaviC, Rich Farmbrough, Sdbluhm, Techmdrn, Voidvector, 29 anonymous edits Incident Management (ITSM)  Source:  Contributors: Bizservice, Bonadea, Camw, Charles T.

Betz, Danielgwj, David James Bailey, Djryan, Griffiniii, Hadrianheugh, Harshdave50, Jpbowen, Jusdafax, Markhoney, Materialscientist, Mgillett, Miquel Nogué, Nsaa, Patchworker, Rjwilmsi, Scotharkins, SunSw0rd, 46 anonymous edits Information management  Source:  Contributors: 7, AIMSinfo, AJackl, Agendum, AndyB, Bumm13, Carrielle, ChrisCork, Dawnseeker2000, Delaszk, Dfrg.msc, El grimley, Evert r, Glendac, Glenn, Gurchzilla, Hadal, Harkonlucas, Heidijane, Hintss, Ja 62, JennyRad, Jinhyuk, JoseREMY, Jpbowen, Julcia, Kai a simon, L mahonsmith, Lead Farmer, Lepti, LibLord, Lietviki, Lupin, Malcolmxl5, Mark.s.patrick, Markcowan, Maxim Masiutin, MrOllie, NeilN, Nighthawk2050, O1eqlsfun, Oicumayberight, Oli Filth, Pawl Kennedy, Pheasantplucker, Poddly, Prof 7, Ronz, Rudowsky, SiobhanHansa, Someguy1221, SouthLake, Strikers 2, The Thing That Should Not Be, TrisDG, Tthheeppaarrttyy, Useight, V8Tbird, Veridia, Versageek, Versus22, Vespristiano, Veyklevar, Walexino, Wavelength, Wiffy, Wstankich, Ycsinger, 151 anonymous edits Information model  Source:  Contributors: AndriesVanRenssen, Asparagus, Buenasdiaz, Charles Matthews, EagleFan, Gandalf44, John of Reading, Liyu, Mammux, Mark Renier, Mdd, Modify, Princess Tiswas, R’n’B, Sascha Silbe, ShelfSkewed, Warren, ???, 21 anonymous edits Information protection policy  Source:  Contributors: Frank Kai Fat Chow, PamD, Samohyl Jan, Zodon, 1 anonymous edits Information security governance  Source:  Contributors: Cascadeuse, Mauls, Nigholith, Ophirz, Pegship, Ronz, Shonharris, 10 anonymous edits Information Services Procurement Library  Source:  Contributors: Betacommand, ChrisG, ESkog, Grenavitar, Jorrit, Jstruve, Malo, Mcalukin, Mdd, Niteowlneils, R’n’B, Ravedave, Spiritofdeaddog, Tagishsimon, The Thing That Should Not Be, Uncle G, 10 anonymous edits Information technology consulting  Source:  Contributors: 10metreh, Aboutmovies, Afrasiatan, Alex mayorga, Allengeer, Allstarecho, Angr, Appsall, Arcadian, Arcroft, Balgovindpandey, Barneca, Bdelisle, Bearcat, Benjaminconnelly, Bflory, Bonadea, Bongomatic, Bongwarrior, C.subhaker, Ccrawford, Centralb, Chennaivennai, Chinnailu, Citiface, Ckatz, Clegasse, Coagmano, Cocomaxwater, Codeculturist, Consultingm2p, Corti, Cqjb, D, DanielPenfield, Danielmyasnikov, Datamatics, Delllatitude, Doulos Christos, DuncanHill, Edward321, Effer, Eszo, Fan-1967, Fastily, Flexijane, Fram, G900, Gary King, Gnanapiti, GraemeL, Greenmind, Hatch68, Hellfiresays, Henriquemschneider, Hubudi, Hyrden, Imran Quazi, IronGargoyle, Iteamllc, Itegbsystems, Itohacs, J.delanoy, J.smith, JHP, Jagged, Jamesasuncion, Janviermichelle, Jaxtro, Jayvirgil, Jobshoppinfool, JonHarder, JuJube, Kelly Martin, Ken Gallager, Khatru2, Kingturtle, Kku, Kuru, Kuzaar, Lbbzman, Lectonar, Linkspamremover, Lmumba, MarkBrooks, Mdd, Meand, Mhinyc, Michael Zimmermann, Michelle192837, Microagility, Mike Dillon, Mikeblas, Mini-Geek, Mpavankumar, Muru123, Mwanner, Nickynicky 01, Nicolas1981, Njan, Nobunaga24, Nssvn, Nubin wiki, NuclearWarfare, Ojlee, Paolonalin, Patriciaa, PaulHanson, Pavel Vozenilek, Pbook8989, Pdcook, Pengu, Ph6971, Phanikumarps, Philippe, Pk73622, Pramukh Arkalgud Ganeshamurthy, Pratimaa, Psantora, RJFJR, Reedy, Reisio, Retiono Virginian, Rhobite, Rjwilmsi, Robert, Robertducon, RobyWayne, Rogerd, Ronz, S.K., S3000, Saga City, Sahyogi, Scm83x, Search4Lancer, Serhio, Serketan, Shijaz, Silicon plains, Skura Corporation, Snehpawan, SoWhy, Speciate, Splash, Ssramkumar, Stevag, Stevenburris, Stevenmitchell, Subikar, Sunil1234b, Szijlstr, T0m, Taco325i, Taibah U, TenPoundHammer, Tmazzullo, Tom.serres, Tonypptony, UnitedStatesian, Vbakke, Veinor, WaltBusterkeys, Web&ITSolutions, Wikifiles, WolfgangFaber, Xezbeth, Yoshi Canopus, Zainasheen, Zigo1232, Zipdrugs, Zondor, Zzuuzz, `Chimes` 1929`, 485 anonymous edits Information Technology Infrastructure Library  Source:  Contributors: A.

B., A3RO, AMe, Aberdeenwaters, Acm, Acpt22, ActiveSelective, Adrian.benko, Aerotheque, Aitias, Akbradford, Alanpc1, AlephGamma, Alimozcan, Allen4names, Andrea kempter, Andrzejkrajewski, Ankur onlyur, Anna Frodesiak, Antidoter, Aranel, AreJay, Ash, Aussieaubs, Avr, B Fizz, Barinder hothi, Baseball Bugs, Beland, BenAveling, BibTheLion, Bibikoff, Binarygal, Black Kite, Blehfu, Blroques, Bobrayner, Boekelj, Bradyn12, Brandguru, Brandon, Brianj hill, Butrain, CALR, CPrehn, Cain Mosni, Can’t sleep, clown will eat me, Canderson7, Captain panda, Cblanquer, Ccordray, Cgroberts, Charles T.

Betz, Chowbok, Chris.fischer, ChrisCork, ChrisG, Chzz, Cinfosys01, Cjdavis, Cmdrjameson, Coherers, Cometstyles, Credible58, Cuttysc, Damon, Dancter, Danialshazly, DanielPenfield, DanielVonEhren, Danielgwj, Darinkeir, Darth Panda, DaveWFarthing, Davebremer, David Biddulph, David.T.Bath, Davidbspalding, Dennisc68, Dia^, Discospinster, Dnblack, Dnicolaid, Docu, Doug Alford, Dpv, DragonflySixtyseven, Dritil, Eahiv, Edholden, Ehheh, Emba7 EilertE, Emesis, Epbr123, Estherschindler, Eugene-elgato, Evilmn, Excirial, Firsfron, Fortdj33, Fox, Frank, Freek Verkerk, Fstop22, Fudoreaper, Fustbariclation, Gaius Cornelius, Gcanyon, GerardM, Ghewgill, Ghw777, Goonies, Guigui NYC, Haakon, Halfgoku, Hengeloov, Hennek, Herbys, Hkroger, Hu12, Hulmem, IBM Press, IDefx, IET-Solutions, IIVQ, ITServiceGuy, Iness it, Itbeme, Itildude, Itsgeneb, IvanLanin, J.delanoy, J04n, JT72, Jammus, Jasenlee, JbRIV, Jclemens, Jlmata, JoeSmack, JonHarder, Jonik, Jovianeye, Jowanner, KKuczko, Kaihsu, Kartisan, Keebrook, Keilana, Kevnosisyx, Kf4bdy, Kinu, Krackpot, Krusch, Kuru, Kycook, KyuuA4, Laug, Lehmannjl, Leirith, Lluinenb, MC MasterChef, MER-C, MMSequeira, Madman37, Magnus Manske, Majid iqbal, Malleus Fatuorum, Malo, Marcelo Pinto, Marcusmccoy, Markhoney, Martey, Martian, Materialscientist, Matthewedwards, Maximaximax, Mboverload, Mcsboulder, Mdd, Mellery, Metagraph, Mgillett, Michael Hardy, Michael J.

Cunningham, Michig, Michigan user, MikeDogma, Moeron, MrOllie, Mrehere, Mserge, Mudgen, Myszliak, Mzrahman, Najeh, Nasnema, NeilN, NickBush24, Nicoatridge, Niteowlneils, Nk, NoticeBored, Nslonim, Nuno Tavares, Nuujinn, Ocaasi, Oleh77, Olivier Debre, Omicronpersei8, OnePt618, OsvaldoCarvalho, Otto ter Haar, PRRfan, Panlm, Pansearch, Patchworker, Paulbruton, Paulbuchanan, Paulseatonsmith, Peterl, Pg133, Phil [email protected], Philip ea, Piano non troppo, Pion, Pocopocopocopoco, Pparazorback, Pukerua, RHaworth, RainbowOfLight, Ralphbk, Raspolsky, Ravizone2000, Raysonho, Rchandra, Rehan20784, Rich Farmbrough, Rnsimmons, Robocoder, Rockfang, Ron Richard, Ronz, Rpeasley, Rugops, Runefrost, Sam Hocevar, SamG1978, SamTheButcher, Sandy ts2k, SaulPerdomo, Sbrumpton, Scott McNay, ScottWAmbler, Sdr, Sharpner, Shawnse, Smulvih2, Snori, Soifranc, Some jerk on the Internet, Somnoliento, Srandaman, Sspecter, Stakfry526, Stephanobianco, Stevegregory79, StoneIsle, StuartR, SunSw0rd, Svetlev, Ta bu shi da yu, Tabletop, Takamaxa, Tandric, Tarun.Varshney, Tassedethe, Tbsdy lives, Tcwilliams, Technobadger, The Anome, The Letter J, The Thing That Should Not Be, Thingg, Thumperward, Ticaro, Tiptoety, Tjarrett, Tobryant, Tpbradbury, TutterMouse, Twirligig, Twostardav, U11720, Uncle G, Vanbregt, 705 Article Sources and Contributors Vashtihorvat, Veinor, VerdigrisP, Vince.meulle, VinitAdhopia, Vipinhari, Vlad, WECullen, Waggers, Watroba, Waturuochav, WebCoder11, West81, Wik, Wiki3 1415, WikiNickEN, Winterst, Woohookitty, Wren337, WxGopher, Xsmith, Zachlipton, Zsh, ??????, 1308 anonymous edits Information technology planning  Source:  Contributors: Boson, Chowbok, Falcon8765, Jlamis, ThaddeusB, 4 anonymous edits Infra Corporation  Source:  Contributors: Graeme Bartlett, Ken Gallager, Rjwilmsi, Ta bu shi da yu, Tbsdy lives, Tjarrett, Waacstats, 1 anonymous edits Integrated Data Management  Source:  Contributors: Chafas, Chris the speller, Debresser, Pascal666, Pierre1209, Rich Farmbrough, 1 anonymous edits Intelligent device management  Source:  Contributors: Big Smooth, Chowbok, DanielPenfield, Deon, Esprida, Getreal19, Jhealey, John542555, JonHarder, Martin Hollender, Nelson50, Pigman, Pixel Eater, Sonic1980, Sturmgeist, TheParanoidOne, Tomerl, 26 anonymous edits Intelligent workload management  Source:  Contributors: Mtg1977, Nick Number, Nono64, Robofish, 1 anonymous edits International Association for Human Resource Information Management  Source:  Contributors: EdGl, Johngreer353, MuffledThud, RHaworth, Tdc2009, Whpq, 9 anonymous edits The International Records Management Trust  Source:  Contributors: Fetchcomms, GrahamHardy, Srip, 1 anonymous edits Intranet strategies  Source:  Contributors: Arbitrary doll, Athaenara, Chris the speller, Fuhghettaboutit, Masgatotkaca, Maurreen, Michael Hardy, Mydogategodshat, Nurg, Orlandob, Paxse, Piano non troppo, Zzuuzz, 23 anonymous edits ISO/IEC 19770  Source:  Contributors: Cekir, Davidgproctor, Digisus, Emijrp, GregorB, J Milburn, Jazzdanse, LA2, Lmatt, Miked27, Nasa-verve, RichardVeryard, Rjwilmsi, Wired64, 16 anonymous edits ISO/IEC 20000  Source:  Contributors: A.

B., Alanpc1, Alkazzi, Annafriel, Beland, Binarygal, Bitsm, Bobioso, Crazy Ivan2, Cruzlee, Ehn, Elwikipedista, FlyHigh, Ghw777, GregorB, Greyster, ITServiceGuy, IvanLanin, JDBravo, Jpbowen, Kuru, Linzn, Lkinkade, MMSequeira, Mgillett, Mild Bill Hiccup, Nasa-verve, Nicolas Ray, NoticeBored, RayGates, Snori, Tanvir Ahmmed, Think Fast, Xsmith, 67 anonymous edits ISO/IEC 27000-series  Source:  Contributors: A.

B., AlephGamma, AlexandreDulaunoy, Burt Harris, Djo3500, GregorB, Nasa-verve, NoticeBored, Nzjoe, Ron519098, Sagsaw, Star reborn, Tevildo, Zonecast, 34 anonymous edits IT Asset & Service Management  Source:  Contributors: Cander0000, Coppertwig, Davidgproctor, Jac16888, Miq, Ndunruh, Patchy1, RJFJR IT asset management  Source:  Contributors: Baa, Barek, Bped1985, Consultebs, Craigwb, DMD2007, Danlamb, Dennisc68, Dgtsyb, Dinkytown, DoriSmith, Epbr123, Harryair02, Hu12, Iridescent, Itamevents, Itassetmanagement, J04n, JSITAM, JonHarder, Kku, Kmsiever, Kuru, LoverOfTheRussianQueen, Malo, Marudubshinki, Maurice Carbonaro, Naina Jain, Nissimsd, Pearle, Pmenefee, Raysonho, Rkaseler, Sdp desk, Stephenb, TEMOrg, Teapotgeorge, 58 anonymous edits IT baseline protection  Source:  Contributors: Rhoerbe, Rich Farmbrough, Richard Bartholomew, 2 anonymous edits IT cost transparency  Source:  Contributors: Ariebsomer, ChildofMidnight, CostCustodian, Jrg wiki, Juanparve, Kuru, M.Amato, Mbonadio, NOKESS, Nmazis, Open2universe, Paalappoo, Sceledrus, Sepersann, 8 anonymous edits IT Interaction Model  Source:  Contributors: Chinwaggy, Hull MIS, MISHull, Minnaert, Tomst IT portfolio management  Source:  Contributors: 1400degrees, Abbshore, Akbradford, Arpabr, Athaenara, Barrylb, Cbcurran, Charles T.

Betz, Cireshoe, Corn Neck, DARTH SIDIOUS 2, DeadlyAssassin, Dnstrom, Dwbrockway, Edcolins, Forestsmith, Graeme Bartlett, Gurch, Haakon, Hervegirod, Hu12, Jainvinay04, Jkaplan143, Jmlk17, Jncraton, Jowanner, Jpbowen, Kukini, Kuru, LOL, Madhava 1947, Malcolma, Mdd, Mgillett, Mnbaqir, MrOllie, Nasnema, Nickmalik, Notinasnaid, Plrk, Pmollins, Poweroid, Randybindia, Reedy, Richard R White, Rlasky, Ronz, Salliesatt, Shajela, Sstaunb, Stevendoll, Tedder, Titusmars, TreasuryTag, Yanksox, 70 anonymous edits IT risk  Source:  Contributors: 2, Alexa75, Andreas Kaufmann, Ben Ben, Dzsi, Frap, GoingBatty, Kubanczyk, LilHelpa, Martarius, Pastore Italy, Pnm, Pradameinhoff, Tinucherian, Utcursch, Wingfamily, Woohookitty, 2 anonymous edits IT risk management  Source:  Contributors: Chris the speller, CommonsDelinker, Gaius Cornelius, Itsecpardis, Pastore Italy, Pnm, 4 anonymous edits IT service continuity  Source:  Contributors: BCM adviser, Dina, Fishal, Jrockley, Mousey.Mouse, MrOllie, Quickstep25, Tinucherian, 1 anonymous edits IT service management  Source:  Contributors: Abrahami, AbsolutDan, AndySonden, Ash, AtTal, Awotter, AzaToth, Beland, Bizservice, Black Kite, Blehfu, Blkrockin, Brads98, Brianj hill, Canton Viaduct, Charles T.

Betz, Chicagocos, ChristianBk, Christiansarkar, Claudio.risco, Codevest, Corpx, Danialshazly, Darp-a-parp, Davidoff, Davidpsalt, Diannaa, Dicklyon, ESkog, Emba7 EilertE, Floydpiedad, Fox, Gadget850, Garion96, Gerry.avilez, Godfreyk, Haakon, IDefx, ITServiceGuy, Icairns, IvanLanin, Ivormacfarlane, J.delanoy, JoeyDay, JonHarder, Jorrit, Jpabellon, Jpbowen, Jvlock, Kkm010, Korg, Kuru, Lavinci, Len Hendershott, Lpgeffen, Mackensen, Mbookworm, Mcicogni, Mcsboulder, Mdd, Mgillett, MikeDogma, Mild Bill Hiccup, MrOllie, Nasnema, Ncw0617, Neelttpl, Nono64, Ohnoitsjamie, Olevy, PhilipR, Pukerua, RHaworth, Raysonho, Rixmith, Robertmcneill, RoySmith, Runningonbrains, Sepersann, Servicemanagement101, Sgalup, Smiteri, Stephen, Storace, StuffOfInterest, Ta bu shi da yu, Tangotango, TastyPoutine, Technobadger, TheProject, Tjarrett, Tsiaojian lee, Tthheeppaarrttyy, Veinor, Vsevolod4, Wangfat, Webmasterwales, WeisheitSuchen, Xansmit, Xsmith, Yone Fernandes, 165 anonymous edits IT Service Management Forum  Source:  Contributors: AMPJA, Akoszlajda, Beland, Bernburgerin, Cgroberts, Cheminfr, Dwineman, Flauto Dolce, Gonzague, Greyster, Hassen.Houssein, Itsmi, Janeirik, Josh Parris, LizJB, Master Of Ninja, Mgillett, Nissimsd, [email protected], Qqqqqq, R’n’B, RxS, Sensibleman, Ta bu shi da yu, Xsmith, 22 anonymous edits ITIL Planning to implement service management  Source:  Contributors: 9Nak, Allstar18, Amatriain, Annafriel, Lluinenb, Mdd, MikeDogma, Raysonho, Rjwilmsi, WeisheitSuchen, 22 anonymous edits ITIL security management  Source:  Contributors: Ant, Aspects, Bejnar, Conniecchang, Covington, EagleFan, HvL, J04n, Jlmata, Jncraton, John of Reading, Kuru, Mauls, Mgillett, Mjanulaitis, RHaworth, Saxbryn, Siebrand, The Thing That Should Not Be, Vaceituno, Woohookitty, 25 anonymous edits jAPS  Source:  Contributors: 16×9, Blakvswite, Deor, Eagleal, Frap, Funky97, Galloping Moses, Geniac, Gioto, Hence Jewish Anderstein, Icey, John Vandenberg, Kesshaka, Kl4m, Kl4m-AWB, Kozuch, MacGyverMagic, Mariwi, Mean as custard, Oda Mari, Pino100, Robyquare, Stormbay, Vipinhari, Wiz of Id, 28 anonymous edits Key server (software licensing)  Source:  Contributors: Alexbrennen, Djmckee1, EdgeOfEpsilon, Ewlyahoocom, Gregory js, Haakon, Jazzdanse, Karra.sun, Kralizec!, Manishearth, Pietdesomere, R’n’B, Stephan Leeds, Thumperward, Tycho, Woohookitty, 3 anonymous edits Knowledge management software  Source:  Contributors: Andrewspencer, Andygray.yo, Chire, ClubOranje, Eeekster, Gculpin, Harvey the rabbit, Iridescent, Maxcali, Nasa-verve, Phpkb, Pmillist, Rbmscc, Ronz, SchuminWeb, Spy99, TheAllSeeingEye, Themfromspace, Topiarydan, Vraya, 18 anonymous edits Knowledge spillover  Source:  Contributors: Bebestbe, Djpugel, Extraordinary, Geniac, Harvey the rabbit, If on a winters night, John Quiggin, LeBleu, Pjoef, Rich Farmbrough, Sross (Public Policy), 9 anonymous edits League Lab  Source:  Contributors: BD2412, Hootsk, Tesscass Lean IT  Source:  Contributors: 2aprilboy, 5 albert square, AliveFreeHappy, Ash, Benjoya, BlurTento, Dfev77, Gaius Cornelius, Htssouza, Jbernab, Jdmumper, Lean IT Coach, LilHelpa, Mgoode75, MrOllie, Nik.martin, Per Ardua, Rip969, Robinson weijman, SEI Publications, Servicemanagement101, UncleDouggie, Urbancowboy1773, Wikitawe, YUL89YYZ, ZahrGnosis, 13 anonymous edits 706 Article Sources and Contributors Legal matter management  Source:  Contributors: Barek, Bwpach, Crism, Hu12, Jpbowen, Kenrick.koo, KimBecker, Legalfiles, Osja, R’n’B, RHaworth, Rich Farmbrough, Rivertorch, Rjwilmsi, Rschroeder001, Szymonik, UnitedStatesian, Woohookitty, Wperdue, 20 anonymous edits Library Review  Source:  Contributors: Crusio, Jpbowen, Kajervi Local information systems  Source:  Contributors: Instantatlas, JonnyMas, Llamadrama, Muhandes, Niallkellyfluent, SeeEmSee, 34 anonymous edits Management information system  Source:  Contributors: Aaronbrick, Ab2kgj, Academic Challenger, AdeemM, AdjustShift, AgnosticPreachersKid, Aitias, Akamad, Alansohn, [email protected], Alilubna, Allstarecho, Ammiel1, Angela, Anonymous editor, Ansumang, Anwar saadat, BWeynants, Ba8inz, Barcelova, Basawala, Basu ayan3, Beardo, Bellenion, BeverlyCrusher, Bfigura’s puppy, Bilby, Binh Giang, Blainster, Bmgoldbe, Bohumir Zamecnik, Boron, Brc4, Brianlucas, Busiken, CMSimons, CapitalR, Capricorn42, CardinalDan, Cels2, Ch’marr, Chanakal, Charles T.

Betz, Cheeni, Chimin 07, Chris 73, ChunMort, Chzz, Ckatz, Closedmouth, CommodiCast, Compo, Critic, Cyslo, DXBari, Da monster under your bed, DePiep, Dekisugi, Del 1986, Dirkbb, Djwilliamson2, Doctormarkdraper, Download, Drmies, Drsuebrown, Drydom, Dylan Lake, ESkog, East718, EdH, Eddieblade, Eigenwijze mustang, Ejump82, Ekalbsevi, Ekdamcheap, Epbr123, Erkan Yilmaz, EvanCarroll, ExDeus, Excirial, Exit2DOS2000, Fang Aili, Fco5001, Foxdude333, Fredrik, GChriss, GKS, Gagan 3057, Gaius Cornelius, GamblinMonkey, Gimboid13, GregAsche, Group1and1, Gurch, HBSquall, HamburgerRadio, HasleMere, Hello32020, Hephaestos, HexaChord, Hjstern, Hmains, Humdhan, Husond, Hylist, IMSoP, Imdeng, Instigator2222, Instinct, Ish ishwar, IvanLanin, J.delanoy, JCLately, JTN, Ja 62, JaGa, Jackfork, Jackofwiki, Japo, JethroElfman, Jleedev, JoanneB, Joeking16, Jojhutton, Jpbowen, Juan A Romero, Juliancolton, Jurema Oliveira, Jw lamp, Kachlydave, KenKendall, Kgorman-ucb, Khalid, Killer puma, Kku, Kmsiever, KrakatoaKatie, KuRiZu, Kukini, Kuru, Kuyabribri, Lear’s Fool, Leinad, Lemmie, Lincolnshep, LittleOldMe, Lolsuper7am1, Lord Pistachio, Lueo, Lunalona, MBisanz, MER-C, Madhero88, Madrone, Manasprakash79, Mandarax, Manop, Marek69, Mark Renier, MartinRe, Materialscientist, Maurreen, Mdd, Meelar, Melizg, Metalflame, Mhering, Michael Devore, Mistiehicks, Mmortal03, Mohannade, Morwen, Mstocklos, Munchi Lee, Mydogategodshat, Nimur, Notinasnaid, Nsarthur, Ntavares, Nzd, OSS, Ohnoitsjamie, Oliver Lineham, Osarius, Oxymoron83, Pan1987, PatrickHadfield, Pgreenfinch, Philip Trueman, Piano non troppo, Plasticup, Pmresource, Poor Yorick, Psantora, PsychoSafari, Qxz, R.

Fiend, RB972, Ravichandar84, Razorflame, Rdsmith4, Redvers, Rfl, Rgill, RichardSaBoob, Rjwilmsi, Rkr1991, RobertG, Roberto Cruz, RobyWayne, Rocky11111, RoyBoy, Rror, Rustiq, Rxnd, Saintali, Sam Hocevar, Sam Korn, SamJohnston, Samuel, Sanida V., Sanjiv swarup, Schzmo, Secfan, Sengkang, Senorhobo, Seth Nimbosa, Shadowjams, Sharukhbajpai, Shefalibudhwani, Shell Kinney, Shinmawa, Showard, Simon South, Sohan.s, SomeStranger, Soumyasch, Spencer, StaticGull, Stevag, Subsurd, SueHay, Suisui, SuperHamster, Svetovid, Swaroop86, Swat671, Talkativeman, TenPoundHammer, The Anome, The Thing That Should Not Be, Thedemonhog, Thegsrguy, Thehelpfulone, Three, Tide rolls, Timrogersx, Tommy2010, TrioteXNeo, Ttonyb1, Txomin, Uncle Milty, Utcursch, Vary, Veinor, Versus22, Vikingstad, Vilerage, Vipinhari, Vis123, Wayward, Werdan7, Wiki corection, Wikidudeman, William Avery, Willking1979, Wolfrock, Woogee, Wtmitchell, Yhkhoo, Yhstef, Zhou Yu, Zoicon5, Zzuuzz, ?, ??????.???????.24, 1038 anonymous edits Many-to-many  Source:  Contributors: EnTheMohammad, Gracenotes, Gywst, JonHarder, Jpbowen, Lightdarkness, Lotje, Mike1lee, Modest Genius, Nihiltres, Nuno Tavares, PL290, Rich257, Rwwww, SimonClinch, Sizzelnz, SymlynX, VinceBowdren, XP1, 9 anonymous edits Master data management  Source:  Contributors: Ajindy, AlAngelici, Badger Drink, Cintari, Craig w cox, DePiep, Dmausner, Dougher, DragonHawk, DrydenGeary, Dsshaffer, Egalino, Evert r, Flatterworld, Fshenstone, Glenn Maddox, Gmlingus, Gobonobo, GregorB, JasonLax, KingsleyIdehen, Kuru, MDM maven, MacTed, Markcowan, Mdaconta, Michael Hardy, MikeLynch, MrOllie, Nathkrol, Oli Filth, Pamar, Piano non troppo, R’n’B, Ronz, Stephenpace, Syaskin, TScabbard, Tetracube, Vaga koleso, WestAustinite, Woohookitty, 71 anonymous edits Master of Business Informatics  Source:  Contributors: Blast Ulna, Bollweevil, Cnbrb, Ctbolt, Dbiel, Dublin123, Ideogram, Jbmurray, Jpbowen, Julcia, Mootros, Ottomanor, Oudetb, RobertG, Swijaya, Varun.here6, 7 anonymous edits Material requirements planning  Source:  Contributors: 2KT, AlMac, Angr, Anthony Appleyard, Atomskninja, Bobo192, BrianLeeDavis, BritIIIMicroMarcro, Brucevdk, Cahk, Can’t sleep, clown will eat me, Casito, Chris 73, Chris the speller, Cmdrjameson, CommonsDelinker, Contactsmc, CosmicPenguin, Dangelow, Daniel Midgley, Df747jet, Diggonator, DmitTrix, Elwikipedista, Emiya, Espoo, Faridani, Figueroa, Fish and karate, Fredsmith2, Gabriele.levy, HanH, Helmoony, Jbw2, Jelsova, Joedeshon, Jordiferrer, Kuru, Lofa, Lvildos, MER-C, Margishk, Maurreen, Mdd, Michael Hardy, Mydogategodshat, Park3r, PhilKnight, Pilotguy, Pnm, R’n’B, Ray Van De Walker, Rbrwr, Requestion, Rgill, S.K., Saxifrage, Sbisolo, Scaevus, Sean Whitton, Snezzy, Sp5uhe, Srice13, Svick, THEN WHO WAS PHONE?, Teles, Thom2002, Three, Tomdobb, Tommy2010, Train78, Uberblue, Utcursch, Vald, Van der Hoorn, Vina, Wayward, Wik, Wizard191, Wvgreenb, Zoicon5, 170 anonymous edits Microsoft Customer Care Framework  Source:  Contributors: Atanamir, Bethpage89, Ccf2008, Chris the speller, DannySinger, Dfantom, Dudley810, EmanWilm, Endorf, Firsfron, Funandtrvl, Jbarrett037, Jmcnamera, JohnWittle, LilHelpa, MaxDel, MaximumTruth, Ming-Susan, Mohummy, Nigelwalsh, Pearle, Reinoutr, Robert, Ryan Norton, Salad Days, Sanket.bakshi, Soumyasch, Xpclient, 90 anonymous edits Microsoft Operations Framework  Source:  Contributors: -Majestic-, Af648, Alphajuliet, Art Carlson, CommonsDelinker, Cynical, Euchiasmus, GregorB, IDefx, Jpbowen, La Corona, Luk, Mofwriter, Pedro.haruo, Pomte, Pvosta, QubitOtaku, Rajan52s, Ryan Norton, Squids and Chips, Stephen, T-borg, Werner Ochs, Woohookitty, 23 anonymous edits Mobile business development  Source:  Contributors: BD2412, Bluemoose, Bodoodle20, Charles Matthews, Cmdrjameson, Cnbrb, Crysb, Cyfal, Edward, Giraffedata, Jaapdt, Jpbowen, Soliloquial, The Thing That Should Not Be, Vegaswikian, 11 anonymous edits Mobile document access  Source:  Contributors: Hiberniantears, NAHID, Nono64, Ronz, Shenme, Tmcquill, 4 anonymous edits MobShop  Source:  Contributors: Auntof6, Bearcat, C0mm0n, Coreyh144, Katharineamy, Malcolma, Mobshop, Rich Farmbrough, 2 anonymous edits Multifunction printer  Source:  Contributors: 98dmalcolm, A.

B., Abirkhan, AlexeyV, Anetode, Armando, Benoni, Bobrayner, Bsteinmann, Calton, Cfeathergill, Chester Markel, Closedmouth, Coolcaesar, Cps group io 2006 07, DanielRigal, Davepruner, David Kernow, Delldot, Fir0002, First-class-business-solutions, Fletcher, Galaxia92, Goatasaur, Graham87, Groovenstein, Handbent, Hebrides, Herbythyme, Hideyuki, Idleguy, Ihope127, Imroy, JTN, Joekoz451, John Vandenberg, Kilo-Lima, Kingj123, Kl4m, Kozuch, Kristigaylord, Kristoferb, Lemi4, Livingston Li, Luis Dantas, MER-C, Mac, Marc Lacoste, Martial75, Maxí, Mboverload, Mfuller25, Mirror Vax, Modeyaka, Mouse Nightshirt, Muntfish, Mwanner, NawlinWiki, Niteowlneils, Nmichelpn, Pearle, Phatom87, Player82, Polluks, Printkit, Ralian, Raymondcapa, Reddi, Renan S2, Richard W.M.

Jones, Rilak, Rod57, Ronz, Sade, Sligocki, Slusk, Small business, Stephen Turner, Tannin, TerriersFan, The Thing That Should Not Be, Thepaladin16, Tom-, Triku, UkPaolo, Unyoyega, Vlad, Wernher, Wikirjd, WordyGirl90, Wynneliz, XTerminator2000, Xantian15, Xpclient, YttriumOx, 156 anonymous edits Mung (computer term)  Source:  Contributors: -Midorihana-, ACM2, Abeg92, Acroterion, Aitias, Andrewcotter, Aquillion, Arj, Asclepius, Aude, Bagatelle, Barefootguru, Bdj, Bind them, Bisected8, Blackflame22, Bobo192, Brian G.

Crawford, Bunchofgrapes, Bunnyhop11, Burntsauce, C.Fred, CLW, Caesura, Can’t sleep, clown will eat me, Cdc, Charles Matthews, Chrislk02, Cleared as filed, Closedmouth, Cowman109, Crazyburns, CuriousEric, D’Agosta, DNewhall, Daggoth, David Haslam, Definingstuff, Doctoroxenbriery, DoubleBlue, Dreadstar, Dysprosia, Esowteric, F-402, FireAarro, Fishtris01, Fru1tbat, Gdawg99, Gmz1023, Grenadinecros, Grön, Guettarda, Halmstad, Hephaestos, Herbertmarcuse, Hobartimus, Iammeheremeroar, Igoldste, Ikkakujyu, InformationalAnarchist, Ixfd64, J.delanoy, JHCC, JackTopi, Jean Lugan, Jklin, Joeblakesley, Jordanlewis, Jossi, Justyn, Kablammo, Karma Llama, Kinu, Kmanv23, Kop, Lord Cancer, Luk, Lyrl, Markaci, Marudubshinki, Meanolthing, Meelar, Miles9000, Mkweise, Moonty, Motor, Mrclean9865, Muchness, Mung Brothers, Nate Silva, NawlinWiki, Ntrain243, Ohnoitsjamie, Oxymoron83, PStrait, Paxsimius, Pennyforth, Persian Poet Gal, Peruvianllama, Possum, Ptochos, Qqwref, Radix, RainbowOfLight, Rnb, Robchurch, Rossami, SWAdair, Sam Hocevar, Sam Korn, Saxifrage, SchfiftyThree, Scottkeir, ShakingSpirit, Slavik0329, Snarius, Snickwills, Soda14, Sonne1922, Soundabuser, Starnestommy, Stellis, Stevolution2005, Stillnotelf, Strait, The Anome, Theresa knott, Tiddly Tom, Troy 07, Vary, Venu62, Walkerma, Wavy G, Werdan7, WereSpielChequers, White-rhino, Wimt, Ww, XuxiRawe22, Xyzzyplugh, Zanster5, 305 anonymous edits National Biological Information Infrastructure  Source:  Contributors: Bejnar, Denverjeffrey, Deville, Malcolma, Nick Number, Nigholith, Rlhuffine, Sm8900, Wheelebk Network configuration and change management  Source:  Contributors: Jpbowen, Leolaursen, Mwalsh34, RHaworth, Yhabibzai, 2 anonymous edits ODMA  Source:  Contributors: Athaenara, Bearcat, ENeville, Evolve2k, Fetofs, IndianGeneralist, Orcmid, Poweroid, Ronz, Sdudah, Sudhir h, Theo10011, 3 anonymous edits OMII-UK  Source:  Contributors: Chriscb, Sjhettrick, 1 anonymous edits One-to-many  Source:  Contributors: Avriette, Bobblehead, Boleyn, Davedev15, Discospinster, Elonka, EnTheMohammad, Erik Garrison, GTBacchus, I’m not human, IceCreamAntisocial, Jerimee, Jpbowen, Kbrose, Kvng, Mlewis000, Muhandes, Nbarth, Pearle, Radiojon, SteveM123, SymlynX, Tillmo, Woohookitty, 17 anonymous 707 Article Sources and Contributors edits One-to-one (communication)  Source:  Contributors: Edcolins, EnTheMohammad, Hectorthebat, Hertz1888, Jpbowen, King of Hearts, Kvng, Mcwillis, Muhandes, Queenmomcat, Rprpr, SymlynX, ZayZayEM, 8 anonymous edits Online analytical processing  Source:  Contributors: .:Ajvol:., 7, AK Auto, Afraietta, AlanUS, AlexAnglin, Alfio, Alvarezdebrot, Anwar saadat, Arcann, Beardo, Beland, Bitterpeanut, Bunnyhop11, COnFlIcT.sYs, CambridgeBayWeather, Campingcar, ChanciOly, Charleca, Chris lavigne, CommodiCast, Crysb, Csp987654321, DePiep, Deflective, Degroffdo, Djoni, Dll99, Dmsar, Dmuzza, DocendoDiscimus, Drewgut, Dturner46, EbenVisher, Elsendero, Elvis, Elwikipedista, Epbr123, FatalError, Flankk, Foot, Founder DIPM Institute, Gary a mason, Germanseneca, Goethean, Greenrd, Gscshoyru, Gspofford, Hanacy, Howcheng, Imhogan, JEB90, Jagyanseni, Jarda-wien, Jay, Jay-Jay, Jbecher, Jcarroll, JesseHogan, Jgiam, Jherm, Jmcc150, Jmd wiki99, John Vandenberg, Jon Awbrey, JonHarder, Kerenb, Kgrr, Kher122, Kronostos, Kuru, Kwamikagami, L Kensington, Larkspurs, Leandrod, Lemmie, Lingliu07, Livingthingdan, Lovedemon84, Magnabonzo, Mark Renier, Mark T, Markham, Masterpra2002, Maurreen, Mboverload, Mbowen, Mcvearry, Metaeducation, Miaow Miaow, Michael Hardy, Michaell, Mikeblas, Modify, MrDolomite, MrJones, Mydogategodshat, Ndenison, Numbsyd, Oaf2, Object01, Ohnoitsjamie, Oxymoron83, Pasquale, Pcb21, Pearle, Pgan002, Plasticup, Playmobilonhishorse, Psb777, Qxz, Ramki, Ratarsed, Retired username, Richmaddox, Ringbang, Rjwilmsi, S.K., S1199, Sally Ku, Sam Korn, Sansari13, Sarnholm, Saulat78, Selah28, Slposey, SqlPac, Sspecter, Stefan, Tbsdy lives, Tcloonan, The Thing That Should Not Be, Theo10011, Tikiwont, Tobycat, Tonyproctor, Tsjustme, TwoOneTwo, Vargabor, Veinor, Wikiolap, Winterst, Woohookitty, WorldsEndGirl, Writerguy71, Yabdulkarim, Zanaq, Zhenqinli, ZimZalaBim, 364 anonymous edits Open Cobalt  Source:  Contributors: AlistairMcMillan, Anniepoo, D6, Frap, Fudoreaper, GreenbushLabs, Jerryobject, Kocio, Miami33139, Miym, Morgan Leigh, Neustradamus, Odysseus1111, Pnm, Scirocco6, Tedickey, Toddst1, Toussaint, Woohookitty, 51 anonymous edits OpenACS  Source:  Contributors: 16×9, Adoniscik, Alerante, Brian Fenton, Cheeni, DanielPharos, Davehi1, Edward, Extraordinary, Frap, Fubar Obfusco, Gaius Cornelius, Ian Bailey, Jay, Jnc, JonHarder, KnightRider, MaNeMeBasat, Mike Linksvayer, Mion, Mydogategodshat, Phil Darnowsky, Reuvenk, Rfc1394, Shiney, Shirishag75, Sj, UU, WikiNickEN, 18 anonymous edits OpenIT  Source:  Contributors: Armbrust, Bobrayner, Brinella, CliffC, D6, Frap, Jpbowen, Mikelgabriel, Nickrds09, R’n’B, Rory096, Talaga87, Tanyakr, Ultimus, Wickethewok, Wiegels, Wwwwolf, Zohre6, 19 anonymous edits Operational database  Source:  Contributors: Drbreznjev, GregorB, Hanifbbz, Ldvaeth, Minnaert, NawlinWiki, RHaworth, Rvgd, 1 anonymous edits Operational intelligence  Source:  Contributors: Cander0000, Cat4567nip, Crysb, HighKing, I ching2006, Jevansen, Jpbowen, Jweder, Mhedblom, NawlinWiki, Nekohakase, Ninusen, Nuttah, Open2universe, Pauljdw, Peter850, Raghunathmenon, Rwwww, Sinotara, Stifle, Tassedethe, Trotter, Two tow, Wikiuser999, Woodshed, 17 anonymous edits Operational level agreement  Source:  Contributors: Aecis, Androux, Bearcat, Beeblebrox, Busy Stubber, DMighton, Daniel Olsen, Enterprise architect, Ezhiki, Gaius Cornelius, Gjs238, Jdcooper, John Vandenberg, Jpbowen, Longhair, Lousyd, Michael Devore, Mjquinn id, Nurg, Privman, RHaworth, [email protected], Siebrand, Srleffler, Zcoder, 6 anonymous edits Operational system  Source:  Contributors: DePiep, GregorB, Hanifbbz, Mange01, Mark Renier, Minnaert, RHaworth, Shreevatsa, Writerguy71, 10 anonymous edits Information technology operations  Source:  Contributors: EagleFan, Feureau, FreplySpang, Georgewilliamherbert, Guerino1, Jonik, Jpbowen, Jsimlo, JubalHarshaw, Lisatwo, Mkuehn10, PaulHanson, Pearle, RJFJR, Thatcher, 8 anonymous edits Operations architecture  Source:  Contributors: Awotter, Dlohcierekim, EdGl, Khatru2, Pascal.Tesson, Patrickachermann, R’n’B, RHaworth, Smalljim, 3 anonymous edits OPIDIS  Source:  Contributors: Adi4094, Jitmem, M-le-mot-dit, Malcolmxl5, Wperdue, 1 anonymous edits Optimization (Infrastructure & Application Platform)  Source:  Contributors: Ahunt, Belovedfreak, Chowbok, Fabrictramp, Frap, Katharineamy, Kku, Koavf, Opagecrtr, Pascal666, Pcap, Ryan Norton, Slwri, Svarya, 2 anonymous edits Organizational Memory System  Source:  Contributors: Cat4567nip, Cbdorsett, Jpbowen, NumberNumber5342, Saxifrage, Wissenslogistiker, 5 anonymous edits Pathology Messaging Implementation Project  Source:  Contributors: Bearingbreaker92, Birchcliff, David drew, Foggy Morning, Jfdwolff, Leszek Ja?czuk, Retired username, Squamate, Will Beback Auto, 8 anonymous edits People Capability Maturity Model  Source:  Contributors: Afzal, Cander0000, DarkFalls, Herman van Dellen, It afzal, Khalid hassani, Kuru, McSly, Pavan 2309, Pndfam05, RenniePet, Rror, SEI Publications, Stevej098, Vianello, Xsmith, 32 anonymous edits Performance engineering  Source:  Contributors: AbsolutDan, Andreas Kaufmann, Andy.k.chang, Antandrus, BAK, Bibbleboop, Can’t sleep, clown will eat me, Cgoldberg, ChrisLoosley, Closedmouth, Coroberti, Deicool, Derek E Weeks, Dolphin51, Downsize43, Hertzsprung, Hervegirod, Inaga, Indon, Intgr, Matahn, Mdd, Michig, MrOllie, Mtheus, Pinecar, Quuxplusone, RHaworth, RichardVeryard, Rjwilmsi, Rlsheehan, Rmsolfest, SEI Publications, SunSw0rd, Swpb, The other drziggy, Tonyshan, Trains66, Waddy100, Yarone, 55 anonymous edits Permission marketing  Source:  Contributors: AN(Ger), Aquilina, Ashton1983, Bernd in Japan, Bridgesb, Cmdrjameson, Dave Biskner, Edward, Fairsing, Grochim, Jane McCann, King of Hearts, Liface, Malcolmxl5, Maurreen, Mind flux, Muhends, Mydogategodshat, Pablo X, Pankajkumar1985, PaulKishimoto, Rdrozd, Rjwilmsi, Sean D Martin, SiobhanHansa, Snakewiki, Spudtater, Stefanomione, Stifle, Tabrez, Unm487, Vodnokon4e, Webconomist, Whpq, Wiki World, Woz2, X42bn6, Zzuuzz, 34 anonymous edits Personalized marketing  Source:  Contributors: Barfooz, Bento00, Benzamin, DavidWBrooks, Discodonut, Discospinster, Econent, Econtent, Edward, ErikWarmelink, Foobar, FreplySpang, Iridescent, Jj137, JonHarder, Joxemai, Keesiewonder, Ken g6, Kiore, Kvng, Malcolmxl5, Mattisse, Maurreen, Mydogategodshat, Paulcicero, Quatse, ShattaAD, Tomas e, Tschmalzl, Valenciano, Wahlau, Wendellc, Zigo1232, Zzuuzz, 21 anonymous edits Piazza Telematica  Source:  Contributors: Calaka, Cybercobra, Hmains, Jpbowen, Rror, Woohookitty, 33 anonymous edits Pop-up ad  Source:  Contributors: [email protected], 23skidoo, ADNghiem501, AUG, Aarontay, Accelerometer, Afluent Rider, Akamad, Akhristov, Alaning, Alekjds, AlistairMcMillan, AmericanLeMans, Anarkisto, Andymadigan, Andypandy.UK, Antonielly, Anárion, Appleboi1212, BCube, Beanboy89, Bill, Bobcat7, Bobo192, Borgx, Brat32, Breawycker, Brian Crawford, Cadsuane Melaidhrin, Can’t sleep, clown will eat me, Cander0000, Canister of Death, Capricorn42, Charles Gaudette, Charles Iliya Krempeaux, Chill Pill Bill, Chocolateboy, CliffC, Corbett3000, Cwolfsheep, DStoykov, DXRAW, DarkFalls, Datang, Denelson83, Dfcamara, Digifiend, Disavian, DocWatson42, Doctorfluffy, Domthedude001, Dreftymac, D?ugosz, E2eamon, Echuck215, EdC, Edlin2, Enos Shenk, Epbr123, Eskimospy, Evangeline, Evice, FML, Fakir005, FlyingPenguins, Frap, Frazzydee, FreakyMutantMan, FreplySpang, Froodiantherapy, Froth, Frotz, Fubar Obfusco, Furrykef, Futurix, Fæ, Graham87, Hackerb9, Haham hanuka, HamburgerRadio, Hcookeecs, Hdt83, Henry W.

Schmitt, Holek, Htaccess, ITurtle, Iain99, Idont Havaname, Infrogmation, Insolectual, Isam, J.delanoy, JGC, JRM, Jackhynes, Jakek101, Jan van Male, JavierMC, Jawshark, Jeff Silvers, Jesster79, Jossi, Joyous!, Karenjc, Kbdank71, Kenyon, Klosterdev, Knee427, Kurainosaru, Kwertii, LGagnon, Lenoxus, Lupin, Mabdul, Mani1, Marasmusine, Martial75, Maurreen, Maxamegalon2000, MikeLynch, Mindspillage, Minesweeper, Minghong, Mithridates, Mr.Z-man, Mshenley101, Musiccj38, Mxn, Myanw, Mydogategodshat, NawlinWiki, Ninjatoilet, Nintend06, Nohat, Ohnoitsjamie, Ojw, OlavN, Omegatron, Optimist on the run, Overtheblock, PPGMD, PTSE, Pgl, Phillsmith, Piano non troppo, PigFlu Oink, Ponder, Qwfp, R5white, Radiomanlaughs, RattleMan, Remember the dot, Revengeofthynerd, RexNL, Rich Farmbrough, Rich Janis, Rjwilmsi, Robillard, Rock2e, Roodog2k, SMakabwe, SWAdair, Saintrain, SamuraiClinton, Sceptre, Sdfisher, Seth Ilys, Shen, Shushruth, Sikon, SimonP, Skarebo, Skomorokh, Skyfiler, Soltrinox, Sophus Bie, Spartaz, Spug, Stefanomione, Stovetopcookies, SuperDude115, Szabunov, Tabletop, TakuyaMurata, TaleTreader, Tannin, The Anome, ThePlaz, Theleftorium, Thivierr, Tocharianne, Tokek, Tommy2010, Torritorri, Trud the Borg, Tub city adventures, Tuntable, Twsx, Uncle G, Vanished User 1004, Viajero, Vicarious, Vintei, Violetriga, Watcher, Webchat, Widefox, Willirennen, Wmahan, WookieInHeat, Wrybosome, XP1, Xhin, Xsmith, Ysamal, Zifert, Zuckerberg, 318 anonymous edits Problem management  Source:  Contributors: Dogg223405, Facts707, Freek Verkerk, Malcolma, 4 anonymous edits Process-centered design  Source:  Contributors: Brianvijay, 2 anonymous edits 708 Article Sources and Contributors Process-driven application  Source:  Contributors: Bobo192, Frecklefoot, Leolaursen, MrOllie, RHaworth, Seb WE, 12 anonymous edits Product Data Record  Source:  Contributors: Cobaltbluetony, Maxcochet, Mikola-Lysenko, PamD, Tassedethe Product lifecycle management  Source:  Contributors: Airunp, Alexvanderlinden, Allan McInnes, Andrewa, Antonielly, Archae13, Arunpurohit, Avenged Eightfold, Bcmchandra, Beland, Bluewaterpro, Bolglvy, C.Fred, CZmarlin, Ca latham, Calloused, Canderra, Captmjc, CharlesC, Chrattac, Chrislk02, Cybercobra, Dangelow, DarkSaber2k, Dcfleck, DiegoTamburini, Distributor1989, Dmanning, DocendoDiscimus, Dogears, Dorimedont, Download, DragonHawk, Dwarfpower, Ehheh, Emma.roach, Eric-Wester, Eric76, EricTalevich, Frap, Freeformer, FreplySpang, Gaius Cornelius, Gbarraco, Gofer246, Gpassey, Grayapple1980, Greyskinnedboy, Grochim, Gurch, Haakon, Heqs, Hideyuki, Hkabla, Hu12, Hult041956, Igfrace, InnovatorM, Inwind, Irishguy, Ixfd64, JMSwtlk, JTBX, Jackvinson, Jasynnash2, Jennifer.m.b, Jim Zizou, Jni, JohnCD, Johnhfox, Jon Awbrey, Kailas katkar, Kalypsolp, Kevinsbennett, Kku, Kordas, KrakatoaKatie, Krawi, Kungfuadam, Kuru, Kvenkateeshin, Lfarbo, LilHelpa, Lindenth, Lionbenjamins, Lothartklein, Lyman95, MCG, MER-C, Mac, Manufacturing, MattwikiEN, Mausy5043, Maximus Rex, Mcapitano, Mdd, Metron4, Michael Hardy, Mosca, MrMambo, MrOllie, Mroddey, Msridhar, Murrayo, NZarrow, Nick Number, Nienofer, Normsch, Nrcoopersd, Nzgabriel, Oleg Alexandrov, Omnify, Oracleconnect, Oscarthecat, PLMArchitect, PatricTimmermans, PaulDonnelly, Paulpoisson, Pcbdesigner, Peterloo, Pgdhonde, Phaedrus86, Pointillist, Prithvi k, Pwscottiv, Ramu50, Randallnewton, Raviprakashmba, Renesis, Requestion, ResidueOfDesign, Rettetast, Rjwilmsi, Rob0571, Rohit1001, Ronz, RoyBoy, Ruud Koot, S.K., Saaksvuo, Samantha datastay, Sandipjadhav, Sarah Miner, Shell Kinney, SiobhanHansa, Sjhaines, Skinneal, Softechinc, Somanagesh, Spinacia, Splash, Steel, Steven-arts, Stwalkerster, Sweetpea2007, TVBZ28, TinaCassler, UBF2005, Van der Hoorn, Warofdreams, Wayne Riddock, Wayofthemonkey, Wickethewok, Widgetkid, Winterst, Worm That Turned, Xsalia, Zigo1232, Zzuuzz, 386 anonymous edits Production Support  Source:  Contributors: Drpickem, Malcolma, Martin.delange, Quaeler, Rich Farmbrough, Rochelimit, Rockfang, Thimmaiah, 5 anonymous edits Project portfolio management  Source:  Contributors: 1400degrees, Akbradford, Akoso, Allan McInnes, Appraiser, Arunram, BinaryTed, Brad101, Btyner, Buzzaz, Clarkdd, Cliff2311, David.cote, Davidullman, Demiane, DivineAlpha, Dpm64, Edcolins, Edolee, Etackabery, Fbossuyt, Florent1024, Forestsmith, Franz D’Amato, Fuhghettaboutit, Gaius Cornelius, Haig, Hede2000, Hjassad, Hu12, Hubbardaie, Isismarketing, J.delanoy, JNW, Jaypc6711, Jpbowen, Kinu, Kuru, Lika2know, Mdd, Michael Hardy, MrOllie, Pearle, Petermui, Pm master, Polyextremophile, Price666, Psmcguin, Rich Farmbrough, RichardDenney, Rinconsoleao, Rlolsen, Sandymok, Serein (renamed because of SUL), SurfAndSwim, Thadius856AWB, The Anome, Thesquire, Tilleyg, Welsh, Wrjbrown, Ylebihan, 52 anonymous edits Purchase order request  Source:  Contributors: Alison9, Brighterorange, Calliopejen1, Exit2DOS2000, Graeme Bartlett, Hellsminion, Howabout1, Jdcooper, Jonathan Christensen, LilHelpa, Melcombe, Mysdaao, Niteowlneils, Severo, Teryx, Zondor, 8 anonymous edits Razorfish (company)  Source:  Contributors: Alabaster codify, An honest quixtar ibo, Antonrojo, Auric, Blakeyrat, Brianhe, Chikai1978, Chowbok, Chris93, Chrismartin76, CyberSkull, DGG, DanielPenfield, Daveboudreau, DidiDietrich, Dlabar, Dreish, Eunmac, Euryalus, Foobaz, Goalloverhere, Granleese, Greenshed, GregorB, HaeB, Heathergately, Hootsk, Hooverbag, Iliasbeshimov, Jakeene, Jareha, Jeltz, Jerryseinfeld, John Broughton, John of Reading, Juvan302, Jvandyke, Kjlewis, Kll2200, Kuru, Kvsnut, LadyofShalott, Lcblankenship, LesHurv, LindaSchoemaker, Luckyluke, MADe, Malepheasant, Mbmas01, Mboverload, Michael Snow, Momoricks, Mordien, Obiray, PigFlu Oink, RJFJR, Rickgmc3, Rjkokesh, Rjwilmsi, Ronz, Rvelez, Rxdxt, S, ST47, Shinmawa, Shortride, Stephen e nelson, Terrible Tim, Terrifician, Tklauder, Tophtucker, Uncle G, UnitedStatesian, Vcardillo, Wikidemon, Yaron K., 135 anonymous edits Real time enterprise  Source:  Contributors: Avneel Chand, Darp-a-parp, PamD, Pratyeka, Ronz, 2 anonymous edits Records Life Cycle  Source:  Contributors: Mdd, ThinkerWu Records management  Source:  Contributors: Abune, Adamgpope, Adjamir, Alberto bazzi, Allstarecho, Andrew8, Auntof6, Awarland, Barticus88, BaruseH, Blackash, Bradvoy, Cander0000, Chichimmera, CliffC, DanShearer, Dasmacintosh2, Deepsoulstarfish, Derekcslater, Dmclemore, Docmgmt, Edz314, Egil, Erianna, Figma, Firey, Frosmans, Giftlite, Gokmop, Goldtoes68, Greyskinnedboy, Happygo718, Heidijane, IM1515, International Teacher Cop, Isserdude07, Jaeger5432, Jagsdxb, JamesBWatson, Jauerback, Jehochman, JimR, Jnabel, JoeStewart, Johnkmetha, JonHarder, Josvanhelvoort, KMAdvisor, Katoscka, KelvinMo, Kevinxml007, Kff, Mailer diablo, Mais oui!, MarcFresko, MarcMFresko, Martarius, Mauls, Maurreen, Mcsboulder, Mhiji, Minnaert, Mkratz01, Mpt, Mr pand, Mrtriviamaniacman, Mwvandersteen, Nautilator, Nejsnave, Newidea75, Nick Number, Nidhis lawyer, OS2Warp, Ohnoitsjamie, P1cunnin, PROV Public Programs, Planetcopywriter, Plutten, Poweroid, Prasadr, PrattTA1, R’n’B, Rbreen, Records Solutions, Renesis, ReynoldLeming, Rich257, Richard fishburn, Rimman.larry, RobDe68, Ronz, Roystonea, Rschroeder001, S2uartorr, SHallathome, Sabathecat, Scanreg, Shadow1, Shell Kinney, Shiftchange, Shwetang.sharma, Sten2005, StephenBuxton, Sterry2607, Tagishsimon,, The Interior, Tinton5, Tom Worthington, Tomcat66 g500, Twaz, Ultraviolet scissor flame, Umbrete, UnitedStatesian, Veledan, Venache, Versageek, Weregerbil, Wyatt Riot, 233 anonymous edits Clinger–Cohen Act  Source:  Contributors: BVA, Billyboy01, Coxdj1, Ekrem415, Good Olfactory, Kumioko, Mandarax, Mdd, Nick Number, PaulHanson, Sbgaver, Vprajkumar, 9 anonymous edits Remote access policy  Source:  Contributors: DavidBailey, Frank Kai Fat Chow, Samohyl Jan, 1 anonymous edits Revere, Inc.  Source:  Contributors: Bama54 RPR Problem Diagnosis  Source:  Contributors: Blehfu, Charlesbaldo, Chzz, Credible58, Hu12, Muad, Xavier.durant, 5 anonymous edits Run Book Automation  Source:  Contributors: Alexandre.vallin, AlistairMcMillan, Amyjacobs, Aveitch, Cuttysc, Deweydecimal112, Ecarlson7, Ehheh, Fabrictramp, Fedorl, GenerationEtech, Gouranga, Insanity Incarnate, Iwavesoftware, JCerny, Jasenlee, Jkowall1, Jolanda Geerts, Jonathanmlsw, Jpbowen,, Maroussi, Mcondy, Mj.damage, Momma’s Little Helper, MrOllie, Notcoco, Ottomation, PamD, Ptilston, R’n’B, RA0808, Rich Farmbrough, RonGrevink, Ronz, Rror, Shephardd, Thru the night, 88 anonymous edits Selerant  Source:  Contributors: Cander0000, Dismas, Jcalfa70, Jncraton, 5 anonymous edits Sensemaking  Source:  Contributors: (aeropagitica), Adhib, Cody3019, Cybercobra, Dr.

Peter Lankton, EBRJoseph, Edchi, Gogo Dodo, Harvey the rabbit, Jeffmcneill, Jgd9, Liblarva, Linforest, Man pl, Manscher, Mariaflags, Mnwdmu, Newbyguesses, Nickdesbarats, Nuovosole, Printerbuilder, Rich Farmbrough, ScottMHoward, Snowded, Tamorlan, Thomas Basboll, Waaalrus, WheezePuppet, Zuposhade, 12 anonymous edits Service Catalog  Source:  Contributors: Active Banana, Akramer2, Alespb, Charles T.

Betz, Dwmcnabb, Gusgregory, Isolde98, Jmgendron, Jonik, K2heikkila, KnightLago, Lpgeffen, MGS1978, Pmgnet, Robertmcneill, SDrugger7, SWAdair, Serviceguy, West81, 48 anonymous edits Service Desk (ITSM)  Source:  Contributors: Albataineh, AlephGamma, Angusmclellan, Apparition11, Barek, Bastien.guillaume, Brianj hill, Charles T.

Betz, Ckrishnachaitanya, David James Bailey, David Waters, Diggindeeper, DuncanHill, HDReport, Haakon, Harshdave50, Hu12, ImGz, Jerryobject, Jowanner, Kycook, Markhoney, Martha32, Matt Laurenceau, Mcsboulder, Meelislubi, Mgillett, MoeRe, MrOllie, Nissimsd, Soifranc, Thingg, Tide rolls, West81, 53 anonymous edits Service Integration Maturity Model  Source:  Contributors: Cander0000, Ghettoblaster, Gmaxwell, Klholley, Markiewp, Mibrahim15, 1 anonymous edits Service level agreement  Source:  Contributors: Alanpc1, Alansohn, Ancheta Wis, AndHunt777, Andrew Delong, AndriuZ, AndyEdmonds, Angarg12, Anþony, Apapadop, Apfibox1, Auminski, Bastien.guillaume, Beland, Beve, Binarygal, Blinken, BobbyOwens, Bovineone, Brian Gunderson, Brodger3, Busy Stubber, CMTucker, Carl67lp, Cdc, Ceege, Charles T.

Betz, Conskeptical, Cory Donnelly, Credema, Darp-a-parp, Dawn Bard, Deville, Dfrench, Dfrg.msc, Dondegroovily, Dougofborg, Dside, Edcolins, Elkman, Falcon8765, FatalError, Fish and karate, Fishnet37222, Gliktch, Gordon.parker, Grafen, Gurch, HorsePunchKid, Immunize, Ipsla, Ixab, JLaTondre, Jeremy Visser, JohnCD, Jpbowen, JulesH, Kku, Kubanczyk, Lehmannjl, Lmendo, Longhair, Lunboks, Mannafredo, Marcel broumels, Meridies, Michael Hardy, Miquonranger03, Mr.

Random, Mwanner, Nickg, Nsaa, Ntalamai, Otrfan, Pansearch, Pete maloney, Pvosta, RDailey79, RHaworth, Ramdrake, RichardVeryard, RoyalBlueStuey, Saulinpa, Sepersann, Shigdon, Sigge2, Speedophile, Stifle, SunSw0rd, SuperHamster, Tanometal, Team4Technologies, Thu, Timhodgson, Tomgolden, Versus22, Vince.meulle, Waggers, Wayne Slam, West London Dweller, Wmahan, Xetxo, Ykanada, Zelmerszoetrop, Zhenqinli, 340 anonymous edits Service level requirement  Source:  Contributors: Bearcat, Herostratus, Katharineamy, LilHelpa, Malcolma, R’n’B, Ruchirda85, 1 anonymous edits Service Measurement Index  Source:  Contributors: B J Hughes, Malcolma, Paulmcdonald, R’n’B, 8 anonymous edits SFIAPlus  Source:  Contributors: BD2412, Greyskinnedboy, Kirk Hilliard, Rcawsey, WikHead, 7 anonymous edits — 711 Image Sources, Licenses and Contributors 712 Image Sources, Licenses and Contributors Writer.png  Source:  License: GNU Lesser General Public License  Contributors: Image:Astrologyproject.svg  Source:  License: GNU Free Documentation License  Contributors: User Chris Brennan on en.wikipedia Image:Animazione debito pubblico disoccupazione ricerca(small).gif  Source:  License: Public Domain  Contributors: Marcodianti Image:OSIsoft logo.jpg  Source:  License: Fair Use  Contributors: Tanamoril File:Fullscreen capture 122209 121026.bmp (800×465).jpg  Source:×465).jpg  License: unknown  Contributors: User:Wysprgr2005 File:Belgrade Planetarium theatre day.jpg  Source:  License: GNU Free Documentation License  Contributors: Vlajko File:Belgrade Planetarium theatre night.jpg  Source:  License: GNU Free Documentation License  Contributors: Vlajko File:FranekerPlanetarium.JPG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Niels Elgaard Larsen File:ZeissMark1.jpg  Source:  License: unknown  Contributors: Unknown, presumed to be a 1920s German photographer Image:Birla Planetarium, Kolkata.jpg  Source:,_Kolkata.jpg  License: Creative Commons Attribution-Sharealike 2.0  Contributors: Avrajyoti Mitra Image:Spitz Star Projector.jpg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Michael L.

Umbricht File:Goto-E5.jpg  Source:  License: Public Domain  Contributors: Ph.

Malburet File:Bhashani Novo Theatre Dhaka.jpg  Source:  License: Creative Commons Attribution 2.0  Contributors: Niloy File:EugenFound-023.jpg  Source:  License: unknown  Contributors: File:Hamburg Planetarium.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: Raymond – Raimond Spekking File:Bundesarchiv Bild 183-1987-1008-020, Berlin, Zeiss-Großplanetarium.jpg  Source:,_Berlin,_Zeiss-Großplanetarium.jpg  License: Creative Commons Attribution-Share Alike 3.0 Germany  Contributors: Settnik, Bernd File:Aleksandria raamatukogu IMG 0119.JPG  Source:  License: Creative Commons Attribution 3.0  Contributors: User:Avjoska File:Small inflatable portable planetarium dome.jpg  Source:  License: GNU Free Documentation License  Contributors: Torsten Krahn Original uploader was Torsten Krahn at de.wikipedia File:Bundesarchiv B 145 Bild-P018935, Berlin, Planetarium.jpg  Source:,_Berlin,_Planetarium.jpg  License: Creative Commons Attribution-Share Alike 3.0 Germany  Contributors: Frankl, A.

Image:ZeissPlanetariumProjector MontrealPlanetarium.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: Captmondo, FelixReimann, Shawn in Montreal, Trockennasenaffe File:Universarium in Planetarium Hamburg.jpg  Source:  License: Public Domain  Contributors: Pudding4brains File:ADLIP Jena.JPG  Source:  License: Creative Commons Attribution-Sharealike 2.0  Contributors: Christoph Gommel File:Ncp 2.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: Gawin File:PLGen.PNG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Mercicos File:PLview.PNG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Mercicos File:PLCore.PNG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Mercicos File:PLPost.PNG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Mercicos File:Pzizz Software.png  Source:  License: unknown  Contributors: Taggard File:SocialSolutionslogo.png  Source:  License: Fair Use  Contributors: Ukexpat File:Aarohanlogo.jpg  Source:  License: Public Domain  Contributors: CCA Image:ao-logo-whitebg.jpg  Source:  License: Fair Use  Contributors: Iqlas, Melesse Image:ASL-model-apllicationserviceslibrary.jpg  Source:  License: GNU Free Documentation License  Contributors: User:Sybren Image:Bcks logo med.gif  Source:  License: Public Domain  Contributors: Tcphll Image:Bonitasoft-logo.png  Source:  License: Fair Use  Contributors: Melesse, Mickael.istria Image:Safewaydeliverytruck.jpg  Source:  License: GNU Free Documentation License  Contributors: Original uploader was Coolcaesar at en.wikipedia image:Business model.png  Source:  License: Public Domain  Contributors: AfkHideki (talk) Image:Business Process Management Life-Cycle.svg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Aleksander Blomskøld Image:BPM Workflow Service Pattern.gif  Source:  License: Public Domain  Contributors: File:LogoPNMsoft.jpg  Source:  License: Fair Use  Contributors: Emstutz File:Guangzhou-electronic-components-shop-0479.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: User:Vmenkov Image:Patchpannelrear.JPG  Source:  License: Public Domain  Contributors: Original uploader was Pcpeggs at en.wikipedia Image:Cablespaghetti2.jpg  Source:  License: Public Domain  Contributors: User:Edward (Original) / Dpbsmith (Enhanchments).

Original uploader was Dpbsmith at en.wikipedia File:CAD model and CNC machined part.PNG  Source:  License: Public Domain  Contributors: Mike1024 File:Disc with dental implants made with WorkNC.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.0  Contributors: Sescoi CAD/CAM File:NIST Manufacturing Systems Integration Program.jpg  Source:  License: Public Domain  Contributors: National Institute of Standards and Technology’s Manufacturing Engineering Image:Computer Integrated Manufacturing control system.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Jean-Baptiste Waldner Image Sources, Licenses and Contributors Image:Interactive 3D map of same world.jpg  Source:  License: Public Domain  Contributors: Ale jrb, Socinian, 1 anonymous edits Image:Adding Notes To 3D objects and places.jpg  Source:  License: Public Domain  Contributors: Socinian Image:Edit Source Code.jpeg  Source:  License: Public Domain  Contributors: Socinian Image:Croquet Screenshot.jpeg  Source:  License: Public Domain  Contributors: Socinian Image:Multi-user text editing in 3D.jpg  Source:  License: Public Domain  Contributors: Original uploader was Marudubshinki at en.wikipedia Image:Croquet Spreadsheet.jpeg  Source:  License: Public Domain  Contributors: Socinian File:Value Demand v small2.png  Source:  License: Creative Commons Zero  Contributors: didunculus99 File:Demand chain medium.png  Source:  License: Public Domain  Contributors: Didunculus99 Image:Devops.png  Source:  License: Creative Commons Attribution 3.0  Contributors: Rajiv.Pant Image:Agile-vs-iterative-flow.jpg  Source:  License: Creative Commons Attribution 3.0  Contributors: Christopher Little File:VFinity Logo with R (Thumbnail).jpg  Source:  License: Public Domain  Contributors: VFinity Image:Distributed Dev Graphic3.gif  Source:  License: Public Domain  Contributors: Clas Image:Outsourcing-Offshoring.svg  Source:  License: Public Domain  Contributors: TyIzaeL File:Nasdaq2.png  Source:  License: Public Domain  Contributors: Little Professor (talk) File:Automated online assistant.png  Source:  License: Attribution  Contributors: Mikael Häggström File:Bundesarchiv B 145 Bild-F038812-0022, Wolfsburg, VW Autowerk, EDV.jpg  Source:,_Wolfsburg,_VW_Autowerk,_EDV.jpg  License: Creative Commons Attribution-Share Alike 3.0 Germany  Contributors: Schaack, Lothar File:Ehr diagram.jpg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Davidhaspas Image:MuensterLeonardoCampusInformationSystems.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: STBR Image:Problem quadrant diagram.png  Source:  License: Creative Commons Attribution 3.0  Contributors: Credible58 File:hp jd protocols.png  Source:  License: Creative Commons Attribution 3.0  Contributors: Lrcubero File:HP OXP Fig1.png  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: IntraconNA Image:B 5 1 IDEF1X Diagram.jpg  Source:  License: Public Domain  Contributors: Image:ER Diagram MMORPG.png  Source:  License: GNU Free Documentation License  Contributors: Original uploader was TheMattrix at en.wikipedia Image:A 01 Audio compact disc collection.jpg  Source:  License: Public Domain  Contributors: Michael R.

McCaleb, National Institute of Standards and Technology Image:PD-icon.svg  Source:  License: Public Domain  Contributors: Various.

See log. (Original SVG was based on File:PD-icon.png by Duesentrieb, which was based on Image:Red copyright.png by Rfl.) Image:Wearer of an ITIL Foundation Certificate pin.jpg  Source:  License: Creative Commons Attribution-ShareAlike 3.0 Unported  Contributors: Tijmen Stam (User:IIVQ) Image:IRMT_logo.gif  Source:  License: Fair Use  Contributors: Eastmain, Srip File:Risk Management Elements.jpg  Source:  License: Public Domain  Contributors: Original uploader was Mdd at en.wikipedia File:Osa metamodel v003.png  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Open Security Architecture File:The Risk Management Process.png  Source:  License: Attribution  Contributors: ENISA File:Octave like.jpg  Source:  License: Attribution  Contributors: ENISA File:2010-T10-ArchitectureDiagram.png  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Neil Smithline File:NIST SP 800-30 Figure 3-1.png  Source:  License: Public Domain  Contributors: Gary Stoneburner File:NIST SP 800-30 Figure 4-2.png  Source:  License: Public Domain  Contributors: Gary Stoneburner File:NIST SP 800-30 Figure 4-1.png  Source:  License: Public Domain  Contributors: Gary Stoneburner Image:Procesdatadiagram planning to implement ITIL.png  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: L.

Luinenburg (Lluinenb) Original uploader was Lluinenb at en.wikipedia Image:Control Process model.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Control Data model.JPG  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Control Process data model.JPG  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Plan process data model.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Implementation process data model.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata, Where, 1 anonymous edits Image:evaluation process data model.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Maintenance process data model.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:Process data model security management.jpg  Source:  License: Creative Commons Attribution-Sharealike 2.5  Contributors: Bkell, Jlmata Image:CabrilloBusinessPark-1.png  Source:  License: GNU Free Documentation License  Contributors: Alanmak, Avron, TommyBee, Xnatedawgx, 1 anonymous edits File:league lab logo.jpg  Source:  License: Fair Use  Contributors: Hootsk, Sfan00 IMG File:Library Review.gif  Source:  License: unknown  Contributors: Kajervi Image:CCF Screenshot.png  Source:  License: unknown  Contributors: Dfantom, Soumyasch, 1 anonymous edits Image:Multifunctional Samsung.jpg  Source:  License: Public Domain  Contributors: Luis Dantas Image:Photosmart C3180.jpg  Source:  License: Creative Commons Attribution 2.5  Contributors: Original uploader was Renan S2 at en.wikipedia 713 Image Sources, Licenses and Contributors Image:KonicaMinolta-bizhub210.png  Source:  License: Creative Commons Attribution-Sharealike 3.0,2.5,2.0,1.0  Contributors: YttriumOx Image:Canon ir2270.jpg  Source:  License: GNU Free Documentation License  Contributors: BrokenSphere, Fir0002, Luis Dantas, Qurren Image:KonicaMinolta-bizhubC451.png  Source:  License: Creative Commons Attribution-Sharealike 3.0,2.5,2.0,1.0  Contributors: YttriumOx Image:KonicaMinolta-bizhub750.png  Source:  License: Creative Commons Attribution-Sharealike 3.0,2.5,2.0,1.0  Contributors: YttriumOx, 1 anonymous edits Image:Nbii logo.gif  Source:  License: Public Domain  Contributors: NBII File:Loudspeaker.svg  Source:  License: Public Domain  Contributors: Bayo, Gmaxwell, Husky, Iamunknown, Myself488, Nethac DIU, Omegatron, Rocket000, The Evil IP address, Wouterhagens, 9 anonymous edits Image:Open cobalt logo.png  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Julian Lombardi Image:cobalt screenshot pre alpha.jpg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Julian Lombardi Image:cobalt portals pre alpha.jpg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Julian Lombardi Image:Vnc in cobalt pre alpha.jpg  Source:  License: Creative Commons Attribution 3.0  Contributors: Julian Lombardi Image:cobalt desktop.jpg  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Julian Lombardi Image:Open ACS.png  Source:  License: Fair Use  Contributors: Reuvenk File:OpenIT logo.png  Source:  License: Fair Use  Contributors: Armbrust Image:IO All Up Model.png  Source:  License: Attribution  Contributors: Microsoft Corporation Image:CoreIO Model.png  Source:  License: Attribution  Contributors: Opagecrtr Image:BPIO Model.png  Source:  License: Attribution  Contributors: Microsfot Image:APO Model.png  Source:  License: Attribution  Contributors: Opagecrtr Image:pcmmStructure.PNG  Source:  License: GNU Free Documentation License  Contributors: Afzal, Codetiger, 3 anonymous edits Image:Piazzetta telematica for journalists -Italia90 – Roma.JPG  Source:  License: unknown  Contributors: Piazze Telematiche Image:Pop-up ads.jpg  Source:  License: unknown  Contributors: Bevo, CliffC, Damian Yerrick, EagleOne, Ente75, Minesweeper, Mrschimpf, Sverdrup, T-borg, Tintero, 4 anonymous edits File:Product’s lifecycle.svg  Source:’s_lifecycle.svg  License: Public Domain  Contributors: Product’s_lifecycle.jpg: National Institute of Standards and Technology’s Manufacturing Engineering derivative work: Yzmo (talk) Image:plm1.png  Source:  License: GNU Free Documentation License  Contributors: Freeformer, 1 anonymous edits Image:Project Investment Portfolio Occam s Tree.gif  Source:  License: Public Domain  Contributors: User:Fangz Image:Records Life Cycle.svg  Source:  License: Public Domain  Contributors: FEA File:Flag of Italy.svg  Source:  License: Public Domain  Contributors: see below File:SMI Characteristics.JPG  Source:  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Jdabbott File:Flag of the United States.svg  Source:  License: Public Domain  Contributors: Dbenbenn, Zscout370, Jacobolus, Indolences, Technion.

Image:SmoothIT_Project_Logo.png  Source:  License: unknown  Contributors: SmoothIT Consortium Image:spammed-mail-folder.png  Source:  License: GNU General Public License  Contributors: Ascánder, Bawolff, KAMiKAZOW, LordT, RJaguar3, 8 anonymous edits File:Flag of Brazil.svg  Source:  License: Public Domain  Contributors: Brazilian Government File:Flag of India.svg  Source:  License: Public Domain  Contributors: User:SKopp File:Flag of South Korea.svg  Source:  License: Public Domain  Contributors: Various File:Flag of Turkey.svg  Source:  License: Public Domain  Contributors: David Benbennick (original author) File:Flag of Vietnam.svg  Source:  License: Public Domain  Contributors: L?u Ly v? l?i theo ngu?n trên File:Flag of the People’s Republic of China.svg  Source:'s_Republic_of_China.svg  License: Public Domain  Contributors: Drawn by User:SKopp, redrawn by User:Denelson83 and User:Zscout370 Recode by cs:User:-xfi- (code), User:Shizhao (colors) File:Flag of Poland.svg  Source:  License: Public Domain  Contributors: Mareklug, Wanted File:Flag of Russia.svg  Source:  License: Public Domain  Contributors: Zscout370 File:Flag of Argentina.svg  Source:  License: Public Domain  Contributors: Work of Dbenbenn about a national sign File:Lexus Gen V navigation system.jpg  Source:  License: GNU Free Documentation License  Contributors: Original uploader was Enigma3542002 at en.wikipedia File:UC4SoftwareLogo.png  Source:  License: Copyrighted free use  Contributors: Claudmar File:Diagram of the focus of virtual team research (Powell, Piccoli and Ives, 2004, p.8).png  Source:,_Piccoli_and_Ives,_2004,_p.8).png  License: Creative Commons Attribution-Sharealike 3.0  Contributors: Vesala Image:Xinetlogo.jpg  Source:  License: Fair Use  Contributors: Salavat, Zzmay Image:XmlEdifact_Order_Form.png  Source:  License: Public Domain  Contributors: PaulXemdli 714 License 715 License Creative Commons Attribution-Share Alike 3.0 Unported http:/ / licenses/ by-sa/ 3. 0/

Read more about ITIL : 82 84 85 88 93 97 98 105 107 108….:

Accredited ITIL Foundation, Intermediate and Expert Certifications

Accredited ITIL Foundation, Intermediate and Expert Certifications, Learn more about ITIL HERE:

ITIL and ITIL : 82 84 85 88 93 97 98 105 107 108….

ITIL - ITIL : 82 84 85 88 93 97 98 105 107 108….

ITIL and ITIL : 82 84 85 88 93 97 98 105 107 108….

ITIL - ITIL : 82 84 85 88 93 97 98 105 107 108….