ITIL

Officially authorized to carry out a Role. For example anAccredited body may be authorized to provide training orto conduct Audits.

A set of actions designed to achieve a particular result.Activities are usually defined as part of Processes or Plans,and are documented in Procedures.

A Document that describes a formal understandingbetween two or more parties. An Agreement is not legallybinding, unless it forms part of a Contract. See also ServiceLevel Agreement, Operational Level Agreement.

(Service Operation) A warning that a threshold has beenreached, something has changed, or a Failure hasoccurred. Alerts are often created and managed by SystemManagement tools and are managed by the EventManagement Process.

Software that provides Functions that are required by an ITService. Each Application may be part of more than one ITService. An Application runs on one or more Servers orClients. See also Application Management.

(Service Design) (Service Operation) The Functionresponsible for managing Applications throughout theirLifecycle.

(Service Design) The Activity responsible for understandingthe Resource Requirements needed to support a newApplication, or a major Change to an existing Application.Application Sizing helps to ensure that the IT Service canmeet its agreed Service Level Targets for Capacity andPerformance.

(Service Design) The structure of a System or IT Service,including the Relationships of Components to each otherand to the environment they are in. Architecture also| 191Definitions listincludes the Standards and Guidelines that guide the design and evolution of the System.

Formal agreement that an IT Service, Process, Plan, orother Deliverable is complete, accurate, Reliable and meetsits specified Requirements. Acceptance is usually precededby Evaluation or Testing and is often required beforeproceeding to the next stage of a Project or Process.

(Service Operation) The Process responsible for allowingUsers to make use of IT Services, data, or other Assets.Access Management helps to protect the Confidentiality,Integrity and Availability of Assets by ensuring that onlyauthorized Users are able to access or modify the Assets.Access Management is sometimes referred to as RightsManagement or Identity Management.

(Service Strategy) The Process responsible for identifyingactual Costs of delivering IT Services, comparing thesewith budgeted costs, and managing variance from theBudget.

Inspection and analysis to check whether a Standard or setof Guidelines is being followed, that Records are accurate,or that Efficiency and Effectiveness targets are being met.See also Audit.

(Service Strategy) Any Resource or Capability. Assets of aService Provider including anything that could contributeto the delivery of a Service. Assets can be one of thefollowing types: Management, Organization, Process,Knowledge, People, Information, Applications,Infrastructure, and Financial Capital.

(Service Transition) Asset Management is the Processresponsible for tracking and reporting the value andownership of financial Assets throughout their Lifecycle.Asset Management is part of an overall Service Asset andConfiguration Management Process.

(Service Transition) A piece of information about aConfiguration Item. Examples are: name, location, Versionnumber, and Cost. Attributes of CIs are recorded in theConfiguration Management Database (CMDB). See alsoRelationship.

Formal inspection and verification to check whether aStandard or set of Guidelines is being followed, thatRecords are accurate, or that Efficiency and Effectivenesstargets are being met. An Audit may be carried out byinternal or external groups. See also Certification,Assessment.

See RACI.

(Service Operation) Use of Information Technology todirect an incoming telephone call to the most appropriateperson in the shortest possible time. ACD is sometimescalled Automated Call Distribution.

(Service Design) Ability of a Configuration Item or ITService to perform its agreed Function when required.Availability is determined by Reliability, Maintainability,Serviceability, Performance, and Security. Availability isusually calculated as a percentage. This calculation is oftenbased on Agreed Service Time and Downtime. It is BestPractice to calculate Availability using measurements ofthe Business output of the IT Service.

(Service Design) The Process responsible for defining,analysing, Planning, measuring and improving all aspectsof the Availability of IT services. Availability Management isresponsible for ensuring that all IT Infrastructure, Processes,Tools, Roles, etc. are appropriate for the agreed ServiceLevel Targets for Availability.

(Service Design) A virtual repository of all AvailabilityManagement data, usually stored in multiple physicallocations. See also Service Knowledge ManagementSystem.

(Continual Service Improvement) A management tooldeveloped by Drs. Robert Kaplan (Harvard Business School)and David Norton. A Balanced Scorecard enables aStrategy to be broken down into Key PerformanceIndicators. Performance against the KPIs is used todemonstrate how well the Strategy is being achieved. ABalanced Scorecard has four major areas, each of whichhas a small number of KPIs. The same four areas areconsidered at different levels of detail throughout theOrganization.

■ An ITSM Baseline can be used as a starting point tomeasure the effect of a Service Improvement Plan■ A Performance Baseline can be used to measurechanges in Performance over the lifetime of an ITService■ A Configuration Management Baseline can be used toenable the IT Infrastructure to be restored to a knownConfiguration if a Change or Release fails.

(Continual Service Improvement) The recorded state ofsomething at a specific point in time. A Benchmark can becreated for a Configuration, a Process, or any other set ofdata. For example, a benchmark can be used in:■ Continual Service Improvement, to establish thecurrent state for managing improvements■ Capacity Management, to document performancecharacteristics during normal operations.See also Benchmarking, Baseline.

(Continual Service Improvement) Comparing a Benchmarkwith a Baseline or with Best Practice. The termBenchmarking is also used to mean creating a series ofBenchmarks over time, and comparing the results tomeasure progress or improvement.

Proven Activities or Processes that have been successfullyused by multiple Organizations. ITIL is an example of BestPractice.

A list of all the money an Organization or Business Unitplans to receive, and plans to pay out, over a specifiedperiod of time. See also Budgeting, Planning.

The Activity of predicting and controlling the spending ofmoney. Consists of a periodic negotiation cycle to setfuture Budgets (usually annual) and the day-to-daymonitoring and adjusting of current Budgets.

(Service Strategy) An overall corporate entity orOrganization formed of a number of Business Units. In thecontext of ITSM, the term Business includes public sectorand not-for-profit organizations, as well as companies. AnIT Service Provider provides IT Services to a Customerwithin a Business. The IT Service Provider may be part ofthe same Business as its Customer (Internal ServiceProvider), or part of another Business (External ServiceProvider).

(Service Design) In the context of ITSM, Business CapacityManagement is the Activity responsible for understanding future Business Requirements for use in the Capacity Plan.See also Service Capacity Management.

(Service Strategy) Justification for a significant item ofexpenditure. Includes information about Costs, benefits,options, issues, Risks, and possible problems.

(Service Design) The Business Process responsible formanaging Risks that could seriously impact the Business.BCM safeguards the interests of key stakeholders,reputation, brand and value-creating activities. The BCMProcess involves reducing Risks to an acceptable level andplanning for the recovery of Business Processes should adisruption to the Business occur. BCM sets the Objectives,Scope and Requirements for IT Service ContinuityManagement.

(Service Strategy) A recipient of a product or a Servicefrom the Business. For example, if the Business is a carmanufacturer then the Business Customer is someone whobuys a car.

(Service Strategy) BIA is the Activity in Business ContinuityManagement that identifies Vital Business Functions andtheir dependencies. These dependencies may includeSuppliers, people, other Business Processes, IT Services,etc. BIA defines the recovery requirements for IT Services.These requirements include Recovery Time Objectives,Recovery Point Objectives and minimum Service LevelTargets for each IT Service.

(Service Strategy) The Objective of a Business Process, orof the Business as a whole. Business Objectives supportthe Business Vision, provide guidance for the IT Strategy,and are often supported by IT Services.

(Service Strategy) The day-to-day execution, monitoringand management of Business Processes.

(Continual Service Improvement) An understanding of theService Provider and IT Services from the point of view ofthe Business, and an understanding of the Business fromthe point of view of the Service Provider.

A Process that is owned and carried out by the Business. ABusiness Process contributes to the delivery of a productor Service to a Business Customer. For example, a retailermay have a purchasing Process that helps to deliverServices to its Business Customers. Many BusinessProcesses rely on IT Services.

(Service Strategy) The Process or Function responsible formaintaining a Relationship with the Business. BusinessRelationship Management usually includes:■ Managing personal Relationships with Businessmanagers■ Providing input to Service Portfolio Management■ Ensuring that the IT Service Provider is satisfying theBusiness needs of the CustomersThis Process has strong links with Service LevelManagement.

An IT Service that directly supports a Business Process, asopposed to an Infrastructure Service, which is usedinternally by the IT Service Provider and is not usuallyvisible to the Business.The term Business Service is also used to mean a Servicethat is delivered to Business Customers by Business Units.For example, delivery of financial services to Customers ofa bank, or goods to the Customers of a retail store.Successful delivery of Business Services often depends onone or more IT Services.

(Service Strategy) A segment of the Business that has itsown Plans, Metrics, income and Costs. Each Business Unitowns Assets and uses these to create value for Customersin the form of goods and Services.

(Service Operation) A telephone call to the Service Deskfrom a User. A Call could result in an Incident or a ServiceRequest being logged.

(Service Strategy) The ability of an Organization, person,Process, Application, Configuration Item or IT Service tocarry out an Activity. Capabilities are intangible Assets ofan Organization. See also Resource.

(Continual Service Improvement) Capability MaturityModel(r) Integration (CMMI) is a process improvementapproach developed by the Software Engineering Institute(SEI) of Carnegie Melon University, US. CMMI providesorganizations with the essential elements of effectiveprocesses. It can be used to guide process improvementacross a project, a division, or an entire organization.CMMI helps integrate traditionally separate organizationalfunctions, set process improvement goals and priorities,provide guidance for quality processes, and provide apoint of reference for appraising current processes. Seewww.sei.cmu.edu/cmmi for more information. See alsoMaturity.

(Service Design) The maximum Throughput that aConfiguration Item or IT Service can deliver whilst meetingagreed Service Level Targets. For some types of CI,Capacity may be the size or volume, for example a diskdrive.

(Service Design) The Process responsible for ensuring thatthe Capacity of IT Services and the IT Infrastructure is ableto deliver agreed Service Level Targets in a Cost Effectiveand timely manner. Capacity Management considers allResources required to deliver the IT Service, and plans forshort-, medium- and long-term Business Requirements.

(Service Design) A virtual repository of all CapacityManagement data, usually stored in multiple physicallocations. See also Service Knowledge ManagementSystem.

(Service Design) The Activity within Capacity Managementresponsible for creating a Capacity Plan.

A named group of things that have something incommon. Categories are used to group similar thingstogether. For example, Cost Types are used to groupsimilar types of Cost. Incident Categories are used togroup similar types of Incident, CI Types are used to groupsimilar types of Configuration Item.

Issuing a certificate to confirm Compliance to a Standard.Certification includes a formal Audit by an independentand Accredited body. The term Certification is also used tomean awarding a certificate to verify that a person hasachieved a qualification.

(Service Transition) The addition, modification or removalof anything that could have an effect on IT Services. TheScope should include all IT Services, Configuration Items,Processes, Documentation, etc.

(Service Transition) A group of people that advises theChange Manager in the Assessment, prioritization andscheduling of Changes. This board is usually made up ofrepresentatives from all areas within the IT ServiceProvider, representatives from the Business and ThirdParties such as Suppliers.

(Service Transition) The Process responsible for controllingthe Lifecycle of all Changes. The primary objective ofChange Management is to enable beneficial Changes tobe made, with minimum disruption to IT Services.

See Request for Change.

(Service Transition) A Document that lists all approvedChanges and their planned implementation dates. AChange Schedule is sometimes called a Forward Scheduleof Change, even though it also contains information aboutChanges that have already been implemented.

(Service Strategy) Requiring payment for IT Services.Charging for IT Services is optional, and manyOrganizations choose to treat their IT Service Provider as aCost Centre.

A generic term that means a Customer, the Business or aBusiness Customer. For example, Client Manager may beused as a synonym for Account Manager. The term client is also used to mean:■ A computer that is used directly by a User, forexample a PC, Handheld Computer, or Workstation■ The part of a Client-Server Application that the Userdirectly interfaces with. For example an e-mail Client.

(Service Operation) The final Status in the Lifecycle of anIncident, Problem, Change, etc. When the Status is Closed,no further action is taken.

(Service Operation) The act of changing the Status of anIncident, Problem, Change, etc. to Closed.

(Continual Service Improvement) Control Objectives forInformation and related Technology (COBIT) providesguidance and Best Practice for the management of ITProcesses. COBIT is published by the IT GovernanceInstitute. See www.isaca.org for more information.

A Guideline published by a public body or a StandardsOrganization, such as ISO or BSI. Many Standards consistof a Code of Practice and a Specification. The Code ofPractice describes recommended Best Practice.

Ensuring that a Standard or set of Guidelines is followed,or that proper, consistent accounting or other practicesare being employed.

A general term that is used to mean one part ofsomething more complex. For example, a computerSystem may be a component of an IT Service, anApplication may be a Component of a Release Unit.Components that need to be managed should beConfiguration Items.

(Service Design) (Continual Service Improvement) TheProcess responsible for understanding the Capacity,Utilization, and Performance of Configuration Items. Datais collected, recorded and analysed for use in the CapacityPlan. See also Service Capacity Management.

(Service Design) A technique that helps to identify theimpact of CI failure on IT Services. A matrix is created withIT Services on one edge and CIs on the other. This enablesthe identification of critical CIs (that could cause the failureof multiple IT Services) and of fragile IT Services (that havemultiple Single Points of Failure).

(Service Design) A security principle that requires that datashould only be accessed by authorized people.

(Service Transition) A generic term, used to describe agroup of Configuration Items that work together to deliveran IT Service, or a recognizable part of an IT Service.Configuration is also used to describe the parametersettings for one or more CIs.

(Service Transition) Any Component that needs to bemanaged in order to deliver an IT Service. Informationabout each CI is recorded in a Configuration Record withinthe Configuration Management System and is maintainedthroughout its Lifecycle by Configuration Management. CIsare under the control of Change Management. CIs typicallyinclude IT Services, hardware, software, buildings, people,and formal documentation such as Process documentationand SLAs.

(Service Transition) The Process responsible for maintaininginformation about Configuration Items required to deliveran IT Service, including their Relationships. Thisinformation is managed throughout the Lifecycle of the CI.Configuration Management is part of an overall ServiceAsset and Configuration Management Process.

(Service Transition) A database used to store ConfigurationRecords throughout their Lifecycle. The ConfigurationManagement System maintains one or more CMDBs, andeach CMDB stores Attributes of CIs, and Relationships withother CIs.

(Service Transition) A set of tools and databases that areused to manage an IT Service Provider’s Configurationdata. The CMS also includes information about Incidents, Problems, Known Errors, Changes and Releases; and maycontain data about employees, Suppliers, locations,Business Units, Customers and Users. The CMS includestools for collecting, storing, managing, updating, andpresenting data about all Configuration Items and theirRelationships. The CMS is maintained by ConfigurationManagement and is used by all IT Service ManagementProcesses. See also Configuration Management Database,Service Knowledge Management System.

Continual Service Improvement) A stage in the Lifecycleof an IT Service and the title of one of the Core ITILpublications. Continual Service Improvement is responsiblefor managing improvements to IT Service ManagementProcesses and IT Services. The Performance of the ITService Provider is continually measured andimprovements are made to Processes, IT Services and ITInfrastructure in order to increase Efficiency, Effectiveness,and Cost Effectiveness. See also Plan-Do-Check-Act.

A legally binding Agreement between two or more parties.

A means of managing a Risk, ensuring that a BusinessObjective is achieved, or ensuring that a Process isfollowed. Example Controls include Policies, Procedures,Roles, RAID, door locks, etc. A control is sometimes calleda Countermeasure or safeguard. Control also means tomanage the utilization or behaviour of a ConfigurationItem, System or IT Service.

See COBIT.

(Service Strategy) An approach to the management of ITServices, Processes, Functions, Assets, etc. There can beseveral different Control Perspectives on the same ITService, Process, etc., allowing different individuals orteams to focus on what is important and relevant to theirspecific Role. Example Control Perspectives includeReactive and Proactive management within IT Operations,or a Lifecycle view for an Application Project team.

The amount of money spent on a specific Activity, ITService, or Business Unit. Costs consist of real cost (money), notional cost such as people’s time, andDepreciation.

(Service Strategy) A Business Unit or Project to which costsare assigned. A Cost Centre does not charge for Servicesprovided. An IT Service Provider can be run as a CostCentre or a Profit Centre.

A measure of the balance between the Effectiveness andCost of a Service, Process or activity, A Cost EffectiveProcess is one that achieves its Objectives at minimumCost. See also KPI, Return on Investment, Value for Money.

(Service Strategy) A general term that is used to refer toBudgeting and Accounting, sometimes used as a synonymfor Financial Management.

Can be used to refer to any type of Control. The termCountermeasure is most often used when referring tomeasures that increase Resilience, Fault Tolerance orReliability of an IT Service.

Changes made to a Plan or Activity that has alreadystarted, to ensure that it will meet its Objectives. Coursecorrections are made as a result of Monitoring progress.

Something that must happen if a Process, Project, Plan, orIT Service is to succeed. KPIs are used to measure theachievement of each CSF. For example a CSF of ‘protect ITServices when making Changes’ could be measured byKPIs such as ‘percentage reduction of unsuccessfulChanges’, ‘percentage reduction in Changes causingIncidents’, etc.

A set of values that is shared by a group of people,including expectations about how people should behave,their ideas, beliefs, and practices. See also Vision.

Someone who buys goods or Services. The Customer of anIT Service Provider is the person or group that defines andagrees the Service Level Targets. The term Customers is also sometimes informally used to mean Users, forexample ‘this is a Customer-focused Organization’.

(Service Operation) A graphical representation of overall ITService Performance and Availability. Dashboard imagesmay be updated in real-time, and can also be included inmanagement reports and web pages. Dashboards can beused to support Service Level Management, EventManagement or Incident Diagnosis.

A way of understanding the relationships between data,information, knowledge, and wisdom. DIKW shows howeach of these builds on the others.

Something that must be provided to meet a commitmentin a Service Level Agreement or a Contract. Deliverable isalso used in a more informal way to mean a plannedoutput of any Process.

Activities that understand and influence Customer demandfor Services and the provision of Capacity to meet thesedemands. At a Strategic level Demand Management caninvolve analysis of Patterns of Business Activity and UserProfiles. At a tactical level it can involve use of DifferentialCharging to encourage Customers to use IT Services at lessbusy times. See also Capacity Management.

See Plan-Do-Check-Act.

The direct or indirect reliance of one Process or Activity onanother.

(Service Transition) The Activity responsible for movementof new or changed hardware, software, documentation,Process, etc. to the Live Environment. Deployment is partof the Release and Deployment Management Process.

(Service Design) An Activity or Process that identifiesRequirements and then defines a solution that is able tomeet these Requirements. See also Service Design.

(Service Operation) A stage in the Incident Lifecycle.Detection results in the Incident becoming known to theService Provider. Detection can be automatic, or can bethe result of a user logging an Incident.

(Service Design) The Process responsible for creating ormodifying an IT Service or Application. Also used to meanthe Role or group that carries out Development work.

(Service Operation) A stage in the Incident and ProblemLifecycles. The purpose of Diagnosis is to identify aWorkaround for an Incident or the Root Cause of aProblem.

Information in readable form. A Document may be paperor electronic. For example, a Policy statement, ServiceLevel Agreement, Incident Record, diagram of computerroom layout. See also Record.

(Service Design) (Service Operation) The time when aConfiguration Item or IT Service is not Available during itsAgreed Service Time. The Availability of an IT Service isoften calculated from Agreed Service Time and Downtime.

Something that influences Strategy, Objectives orRequirements. For example, new legislation or the actionsof competitors.

(Service Strategy) The reduction in average Cost that ispossible from increasing the usage of an IT Service orAsset.

(Continual Service Improvement) A measure of whetherthe Objectives of a Process, Service or Activity have beenachieved. An Effective Process or activity is one thatachieves its agreed Objectives. See also KPI.

(Continual Service Improvement) A measure of whetherthe right amount of resources has been used to deliver aProcess, Service or Activity. An Efficient Process achieves itsObjectives with the minimum amount of time, money,people or other resources. See also KPI.

(Service Transition) A subset of the IT Infrastructure that isused for a particular purpose. For Example: LiveEnvironment, Environment is also used as a generic term to mean theexternal conditions that influence or affect something.Test Environment, Build Environment. It ispossible for multiple Environments to share aConfiguration Item, for example Test and LiveEnvironments may use different partitions on a singlemainframe computer. Also used in the term PhysicalEnvironment to mean the accommodation, airconditioning, power system, etc.

(Service Operation) A design flaw or malfunction thatcauses a Failure of one or more Configuration Items or ITServices. A mistake made by a person or a faulty Processthat affects a CI or IT Service is also an Error.

(Service Operation) An Activity that obtains additionalResources when these are needed to meet Service LevelTargets or Customer expectations. Escalation may beneeded within any IT Service Management Process, but ismost commonly associated with Incident Management,Problem Management and the management of Customercomplaints. There are two types of Escalation, FunctionalEscalation and Hierarchic Escalation.

(Service Strategy) A framework to help IT Service Providersdevelop their IT Service Management Capabilities from aService Sourcing perspective. eSCM-SP was developed byCarnegie Mellon University, US.

(Service Transition) The Process responsible for assessing anew or Changed IT Service to ensure that Risks have beenmanaged and to help determine whether to proceed withthe Change. Evaluation is also used to mean comparing an actualOutcome with the intended Outcome, or comparing onealternative with another.

(Service Operation) A change of state that has significancefor the management of a Configuration Item or IT Service.The term Event is also used to mean an Alert ornotification created by any IT Service, Configuration Itemor Monitoring tool. Events typically require IT Operationspersonnel to take actions, and often lead to Incidentsbeing logged.

(Service Operation) The Process responsible for managingEvents throughout their Lifecycle. Event Management isone of the main Activities of IT Operations.

(Availability Management) Detailed stages in the Lifecycleof an Incident. The stages are Detection, Diagnosis, Repair,Recovery, Restoration. The Expanded Incident Lifecycle isused to help understand all contributions to the Impact ofIncidents and to Plan how these could be controlled orreduced.

A Customer who works for a different Business to the ITService Provider. See also External Service Provider, InternalCustomer.

(Service Strategy) An IT Service Provider that is part of adifferent Organization to its Customer. An IT ServiceProvider may have both Internal Customers and ExternalCustomers.

(Service Operation) Loss of ability to Operate toSpecification, or to deliver the required output. The termFailure may be used when referring to IT Services,Processes, Activities, Configuration Items, etc. A Failureoften causes an Incident.

See Error.

(Service Design) The ability of an IT Service orConfiguration Item to continue to Operate correctly afterFailure of a Component part. See also Resilience,Countermeasure.

(Service Design) (Continual Service Improvement) Atechnique that can be used to determine the chain ofevents that leads to a Problem. Fault Tree Analysisrepresents a chain of events using Boolean notation in adiagram.

(Service Strategy) The Function and Processes responsiblefor managing an IT Service Provider’s Budgeting,Accounting and Charging Requirements.

An informal term used to describe a Process, ConfigurationItem, IT Service, etc. that is capable of meeting itsobjectives or Service Levels. Being Fit for Purpose requiressuitable design, implementation, control and maintenance.

Performing Activities to meet a need or Requirement. Forexample, by providing a new IT Service, or meeting aService Request.

A team or group of people and the tools they use to carryout one or more Processes or Activities. For example theService Desk.The term Function also has two other meanings:■ An intended purpose of a Configuration Item, Person,Team, Process, or IT Service. For example one Functionof an e-mail Service may be to store and forwardoutgoing mails, one Function of a Business Processmay be to dispatch goods to Customers.■ To perform the intended purpose

(Continual Service Improvement) An Activity that comparestwo sets of data and identifies the differences. GapAnalysis is commonly used to compare a set ofRequirements with actual delivery. See also Benchmarking.

Ensuring that Policies and Strategy are actuallyimplemented, and that required Processes are correctlyfollowed. Governance includes defining Roles andresponsibilities, measuring and reporting, and takingactions to resolve any issues identified.

A Document describing Best Practice, which recommendswhat should be done. Compliance with a guideline is notnormally enforced. See also Standard.

(Service Operation) A point of contact for Users to logIncidents. A Help Desk is usually more technically focussedthan a Service Desk and does not provide a Single Point ofContact for all interaction. The term Help Desk is oftenused as a synonym for Service Desk.

(Service Operation) (Service Transition) A measure of theeffect of an Incident, Problem or Change on BusinessProcesses. Impact is often based on how Service Levelswill be affected. Impact and Urgency are used to assignPriority.

(Service Operation) An unplanned interruption to an ITService or reduction in the Quality of an IT Service. Failureof a Configuration Item that has not yet impacted Serviceis also an Incident. For example Failure of one disk from amirror set.

(Service Operation) The Process responsible for managingthe Lifecycle of all Incidents. The primary Objective ofIncident Management is to return the IT Service toCustomers as quickly as possible.

(Service Operation) A Record containing the details of anIncident. Each Incident record documents the Lifecycle ofa single Incident.

(Service Strategy) A Cost of providing an IT Service, whichcannot be allocated in full to a specific customer. Forexample, the Cost of providing shared Servers or softwarelicences. Also known as Overhead.

(Service Design) The Process that ensures theConfidentiality, Integrity and Availability of anOrganization’s Assets, information, data and IT Services.Information Security Management usually forms part of anOrganizational approach to Security Management that hasa wider scope than the IT Service Provider, and includeshandling of paper, building access, phone calls, etc., forthe entire Organization.

Service Design) The framework of Policy, Processes,Standards, Guidelines and tools that ensures anOrganization can achieve its Information SecurityManagement Objectives.

The use of technology for the storage, communication orprocessing of information. The technology typicallyincludes computers, telecommunications, Applications andother software. The information may include Business data,voice, images, video, etc. Information Technology is oftenused to support Business Processes through IT Services.

(Service Design) A security principle that ensures data andConfiguration Items are modified only by authorizedpersonnel and Activities. Integrity considers all possiblecauses of modification, including software and hardwareFailure, environmental Events, and human intervention.

A Customer who works for the same Business as the ITService Provider. See also Internal Service Provider, ExternalCustomer.

(Service Strategy) An IT Service Provider that is part of thesame Organization as its Customer. An IT Service Providermay have both Internal Customers and ExternalCustomers.

The International Organization for Standardization (ISO) isthe world’s largest developer of Standards. ISO is a nongovernmentalorganization that is a network of thenational standards institutes of 156 countries. Seewww.iso.org for further information about ISO.

See International Organization for Standardization (ISO).

(Service Operation) (Continual Service Improvement) Atechnique that helps a team to identify all the possiblecauses of a Problem. Originally devised by Kaoru Ishikawa,the output of this technique is a diagram that looks like afishbone.

A generic term that refers to a number of internationalStandards and Guidelines for Quality ManagementSystems. See www.iso.org for more information. See alsoISO.

Continual Service Improvement) ISO Code of Practice forInformation Security Management. See also Standard.

ISO Specification and Code of Practice for IT ServiceManagement. ISO/IEC 20000 is aligned with ITIL BestPractice.

(Service Design) (Continual Service Improvement) ISOSpecification for Information Security Management. Thecorresponding Code of Practice is ISO/IEC 17799. See alsoStandard.

All of the hardware, software, networks, facilities, etc. thatare required to develop, Test, deliver, Monitor, Control orsupport IT Services. The term IT Infrastructure includes allof the Information Technology but not the associatedpeople, Processes and documentation.

(Service Operation) The Function within an IT ServiceProvider that performs the daily Activities needed tomanage IT Services and the supporting IT Infrastructure. ITOperations Management includes IT Operations Controland Facilities Management.

A Service provided to one or more Customers by an ITService Provider. An IT Service is based on the use ofInformation Technology and supports the Customer’sBusiness Processes. An IT Service is made up from acombination of people, Processes and technology andshould be defined in a Service Level Agreement.

(Service Design) The Process responsible for managingRisks that could seriously affect IT Services. ITSCM ensuresthat the IT Service Provider can always provide minimumagreed Service Levels, by reducing the Risk to anacceptable level and Planning for the Recovery of ITServices. ITSCM should be designed to support BusinessContinuity Management.

The implementation and management of Quality ITServices that meet the needs of the Business. IT ServiceManagement are performed by IT Service Providersthrough an appropriate mix of people, Process andInformation Technology. See also Service Management.

The IT Service Management Forum is an independentOrganization dedicated to promoting a professionalapproach to IT Service Management. The itSMF is a notfor-profit membership Organization with representation inmany countries around the world (itSMF Chapters). TheitSMF and its membership contribute to the developmentof ITIL and associated IT Service Management Standards.See www.itsmf.com for more information.

(Service Strategy) A Service Provider that provides ITServices to Internal Customers or External Customers.

A set of Best Practice guidance for IT Service Management.ITIL is owned by the OGC and consists of a series ofpublications giving guidance on the provision of Quality ITServices, and on the Processes and facilities needed tosupport them. See www.itil.co.uk for more information.

A Document that defines the Roles, responsibilities, skillsand knowledge required by a particular person. One JobDescription can include multiple Roles, for example theRoles of Configuration Manager and Change Manager maybe carried out by one person.

(Service Operation) (Continual Service Improvement) Astructured approach to Problem solving. The Problem isanalysed in terms of what, where, when and extent.Possible causes are identified. The most probable cause istested. The true cause is verified.

(Service design) (Continual Service Improvement) A Metricthat is used to help manage a Process, IT Service orActivity. Many Metrics may be measured, but only themost important of these are defined as KPIs and used toactively manage and report on the Process, IT Service orActivity. KPIs should be selected to ensure that Efficiency,Effectiveness, and Cost Effectiveness are all managed. Seealso Critical Success Factor.

(Service Transition) A logical database containing the dataused by the Service Knowledge Management System.

(Service Transition) The Process responsible for gathering,analysing, storing and sharing knowledge and informationwithin an Organization. The primary purpose ofKnowledge Management is to improve Efficiency byreducing the need to rediscover knowledge. See also Datato-Information-to-Knowledge-to-Wisdom and ServiceKnowledge Management System.

The various stages in the life of an IT Service,Configuration Item, Incident, Problem, Change, etc. TheLifecycle defines the Categories for Status and the Statustransitions that are permitted. For example:■ The Lifecycle of an Application includes Requirements,Design, Build, Deploy, Operate, Optimize■ The Expanded Incident Lifecycle includes Detect,Respond, Diagnose, Repair, Recover, Restore■ The Lifecycle of a Server may include: Ordered,Received, In Test, Live, Disposed, etc.

(Service Transition) A controlled Environment containingLive Configuration Items used to deliver IT Services toCustomers.

(Service Design) A measure of how quickly and Effectivelya Configuration Item or IT Service can be restored tonormal working after a Failure. Maintainability is oftenmeasured and reported as MTRS.Maintainability is also used in the context of Software or ITService Development to mean ability to be Changed orRepaired easily.

(Service Strategy) A perspective on IT Services whichemphasizes the fact that they are managed. The termManaged Services is also used as a synonym forOutsourced IT Services.

Information that is used to support decision making bymanagers. Management Information is often generatedautomatically by tools supporting the various IT ServiceManagement Processes. Management Information oftenincludes the values of KPIs such as ‘Percentage of Changesleading to Incidents’, or ‘first-time fix rate’.

The OGC methodology for managing Risks. M_o_Rincludes all the Activities required to identify and Controlthe exposure to Risk, which may have an impact on theachievement of an Organization’s Business Objectives. Seewww.m-o-r.org for more details.

The framework of Policy, Processes and Functions thatensures an Organization can achieve its Objectives.

(Continual Service Improvement) A measure of theReliability, Efficiency and Effectiveness of a Process,Function, Organization, etc. The most mature Processesand Functions are formally aligned to Business Objectivesand Strategy, and are supported by a framework forcontinual improvement.

A named level in a Maturity model such as the CarnegieMellon Capability Maturity Model Integration.

(Service Design) A Metric for measuring and reportingReliability. MTBF is the average time that a ConfigurationItem or IT Service can perform its agreed Function withoutinterruption. This is measured from when the CI or ITService starts working, until it next fails.

(Continual Service Improvement) Something that ismeasured and reported to help manage a Process, ITService or Activity. See also KPI.

(Service Design) Software that connects two or moresoftware Components or Applications. Middleware isusually purchased from a Supplier, rather than developedwithin the IT Service Provider.

The Mission Statement of an Organization is a short butcomplete description of the overall purpose and intentionsof that Organization. It states what is to be achieved, butnot how this should be done.

A representation of a System, Process, IT Service,Configuration Item, etc. that is used to help understand orpredict future behaviour.

A technique that is used to predict the future behaviour ofa System, Process, IT Service, Configuration Item, etc.Modelling is commonly used in Financial Management,Capacity Management and Availability Management.

(Service Operation) Monitoring the output of a Task,Process, IT Service or Configuration Item; comparing thisoutput to a predefined Norm; and taking appropriateaction based on this comparison.

(Service Operation) Repeated observation of aConfiguration Item, IT Service or Process to detect Eventsand to ensure that the current status is known.

The defined purpose or aim of a Process, an Activity or anOrganization as a whole. Objectives are usually expressedas measurable targets. The term Objective is also informally used to mean a Requirement. See alsoOutcome.

OGC owns the ITIL brand (copyright and trademark). OGCis a UK Government department that supports the deliveryof the government’s procurement agenda through itswork in collaborative procurement and in raising levels ofprocurement skills and capability with departments. It alsoprovides support for complex public sector projects.

To perform as expected. A Process or Configuration Item issaid to Operate if it is delivering the Required outputs.Operate also means to perform one or more Operations.For example, to Operate a computer is to do the day-todayOperations needed for it to perform as expected.

(Service Operation) Day-to-day management of an ITService, System, or other Configuration Item. Operation isalso used to mean any pre-defined Activity or Transaction.For example loading a magnetic tape, accepting money ata point of sale, or reading data from a disk drive.

The lowest of three levels of Planning and delivery(Strategic, Tactical, Operational). Operational Activitiesinclude the day-to-day or short-term Planning or deliveryof a Business Process or IT Service Management Process.The term Operational is also a synonym for Live.

(Service Design) (Continual Service Improvement) AnAgreement between an IT Service Provider and anotherpart of the same Organization. An OLA supports the ITService Provider’s delivery of IT Services to Customers. TheOLA defines the goods or Services to be provided and theresponsibilities of both parties. For example there could bean OLA:■ Between the IT Service Provider and a procurementdepartment to obtain hardware in agreed times■ Between the Service Desk and a Support Group toprovide Incident Resolution in agreed times.See also Service Level Agreement.

See IT Operations Management.

Review, Plan and request Changes, in order to obtain themaximum Efficiency and Effectiveness from a Process,Configuration Item, Application, etc.

A company, legal entity or other institution. Examples ofOrganizations that are not companies include InternationalStandards Organization or itSMF. The term Organization issometimes used to refer to any entity that has People,Resources and Budgets. For example a Project or BusinessUnit.

The result of carrying out an Activity; following a Process;delivering an IT Service, etc. The term Outcome is used torefer to intended results, as well as to actual results. Seealso Objective.

(Service Strategy) Using an External Service Provider tomanage IT Services.

See Indirect cost.

A relationship between two Organizations that involvesworking closely together for common goals or mutualbenefit. The IT Service Provider should have a Partnershipwith the Business, and with Third Parties who are criticalto the delivery of IT Services.

A measure of what is achieved or delivered by a System,person, team, Process, or IT Service.

(Continual Service Improvement) The Process responsiblefor day-to-day Capacity Management Activities. Theseinclude monitoring, threshold detection, Performanceanalysis and Tuning, and implementing changes related toPerformance and Capacity.

(Service Transition) A limited Deployment of an IT Service,a Release or a Process to the Live Environment. A pilot isused to reduce Risk and to gain User feedback andAcceptance. See also Test, Evaluation.

A detailed proposal that describes the Activities andResources needed to achieve an Objective. For example aPlan to implement a new IT Service or Process. ISO/IEC20000 requires a Plan for the management of each ITService Management Process.

(Continual Service Improvement) A four-stage cycle forProcess management, attributed to Edward Deming. Plan-Do-Check-Act is also called the Deming Cycle.PLAN: Design or revise Processes that support the ITServices.DO: Implement the Plan and manage the Processes.CHECK: Measure the Processes and IT Services, comparewith Objectives and produce reports.ACT: Plan and implement Changes to improve theProcesses.

An Activity responsible for creating one or more Plans. Forexample, Capacity Planning.

A Project management Standard maintained andpublished by the Project Management Institute. PMBOKstands for Project Management Body of Knowledge. Seewww.pmi.org for more information. See also PRINCE2.

Formally documented management expectations andintentions. Policies are used to direct decisions, and toensure consistent and appropriate development andimplementation of Processes, Standards, Roles, Activities, ITInfrastructure, etc.

A Review that takes place after a Change or a Project hasbeen implemented. A PIR determines if the Change orProject was successful, and identifies opportunities forimprovement.

A way of working, or a way in which work must be done.Practices can include Activities, Processes, Functions,Standards and Guidelines. See also Best Practice.

(Service Strategy) The Activity for establishing how muchCustomers will be Charged.

The standard UK government methodology for Projectmanagement. See www.ogc.gov.uk/prince2 for moreinformation. See also PMBOK.

(Service Transition) (Service Operation) A Category used toidentify the relative importance of an Incident, Problem orChange. Priority is based on Impact and Urgency, and isused to identify required times for actions to be taken. Forexample the SLA may state that Priority 2 Incidents mustbe resolved within 12 hours.

(Service Operation) Part of the Problem ManagementProcess. The Objective of Proactive Problem Managementis to identify Problems that might otherwise be missed.Proactive Problem Management analyses Incident Records,and uses data collected by other IT Service ManagementProcesses to identify trends or significant problems.

(Service Operation) A cause of one or more Incidents. Thecause is not usually known at the time a Problem Recordis created, and the Problem Management Process isresponsible for further investigation.

(Service Operation) The Process responsible for managingthe Lifecycle of all Problems. The primary objectives ofProblem Management are to prevent Incidents fromhappening, and to minimize the Impact of Incidents thatcannot be prevented.

(Service Operation) A Record containing the details of aProblem. Each Problem Record documents the Lifecycle ofa single Problem.

A Document containing steps that specify how to achievean Activity. Procedures are defined as part of Processes.See also Work Instruction.

A structured set of Activities designed to accomplish aspecific Objective. A Process takes one or more definedinputs and turns them into defined outputs. A Processmay include any of the Roles, responsibilities, tools andmanagement Controls required to reliably deliver theoutputs. A Process may define Policies, Standards,Guidelines, Activities, and Work Instructions if they areneeded.

The Activity of planning and regulating a Process, with theObjective of performing the Process in an Effective,Efficient, and consistent manner.

A Role responsible for Operational management of aProcess. The Process Manager’s responsibilities includePlanning and coordination of all Activities required to carryout, monitor and report on the Process. There may beseveral Process Managers for one Process, for exampleregional Change Managers or IT Service ContinuityManagers for each data centre. The Process Manager Roleis often assigned to the person who carries out theProcess Owner Role, but the two Roles may be separate inlarger Organizations.

A Role responsible for ensuring that a Process is Fit forPurpose. The Process Owner’s responsibilities includesponsorship, Design, Change Management and continualimprovement of the Process and its Metrics. This Role isoften assigned to the same person who carries out theProcess Manager Role, but the two Roles may be separatein larger Organizations.

See Live Environment.

A number of Projects and Activities that are planned andmanaged together to achieve an overall set of relatedObjectives and other Outcomes.

A temporary Organization, with people and other Assetsrequired to achieve an Objective or other Outcome. EachProject has a Lifecycle that typically includes initiation,Planning, execution, Closure, etc. Projects are usuallymanaged using a formal methodology such as PRINCE2.

See PRINCE2

(Service Transition) An Activity that ensures that ITInfrastructure is appropriate, and correctly configured, tosupport an Application or IT Service. See also Validation.

The ability of a product, Service, or Process to provide theintended value. For example, a hardware Component canbe considered to be of high Quality if it performs asexpected and delivers the required Reliability. ProcessQuality also requires an ability to monitor Effectivenessand Efficiency, and to improve them if necessary. See alsoQuality Management System.

(Service Transition) The Process responsible for ensuringthat the Quality of a product, Service or Process willprovide its intended Value.

(Continual Service Improvement) The set of Processesresponsible for ensuring that all work carried out by anOrganization is of a suitable Quality to reliably meetBusiness Objectives or Service Levels. See also ISO 9000.

(Continual Service Improvement) An improvement Activitythat is expected to provide a Return on Investment in ashort period of time with relatively small Cost and effort.

(Service Design) (Continual Service Improvement) A Modelused to help define Roles and Responsibilities. RACI standsfor Responsible, Accountable, Consulted and Informed. Seealso Stakeholder.

A Document containing the results or other output from aProcess or Activity. Records are evidence of the fact thatan activity took place and may be paper or electronic. Forexample, an Audit report, an Incident Record, or theminutes of a meeting.

(Service Design) (Service Operation) Returning aConfiguration Item or an IT Service to a working state.Recovery of an IT Service often includes recovering data toa known consistent state. After Recovery, further steps maybe needed before the IT Service can be made available tothe Users (Restoration).

See Fault Tolerance.The term Redundant also has a generic meaning ofobsolete, or no longer needed.

A connection or interaction between two people or things.In Business Relationship Management it is the interactionbetween the IT Service Provider and the Business. InConfiguration Management it is a link between twoConfiguration Items that identifies a dependency orconnection between them. For example Applications maybe linked to the Servers they run on, IT Services havemany links to all the CIs that contribute to them.

(Service Transition) A collection of hardware, software,documentation, Processes or other Components requiredto implement one or more approved Changes to ITServices. The contents of each Release are managed,tested, and deployed as a single entity.

(Service Transition) The Process responsible for bothRelease Management and Deployment.

(Service Transition) The Process responsible for Planning,scheduling and controlling the movement of Releases toTest and Live Environments. The primary Objective ofRelease Management is to ensure that the integrity of theLive Environment is protected and that the correctComponents are released. Release Management is part ofthe Release and Deployment Management Process.

(Service Transition) A Record in the CMDB that defines thecontent of a Release. A Release Record has Relationshipswith all Configuration Items that are affected by theRelease.

(Service Design) (Continual Service Improvement) Ameasure of how long a Configuration Item or IT Servicecan perform its agreed Function without interruption.Usually measured as MTBF or MTBSI. The term Reliabilitycan also be used to state how likely it is that a Process,Function, etc. will deliver its required outputs. See alsoAvailability.

(Service Operation) The replacement or correction of afailed Configuration Item.

(Service Transition) A formal proposal for a Change to bemade. An RFC includes details of the proposed Change,and may be recorded on paper or electronically. The termRFC is often misused to mean a Change Record, or theChange itself.

(Service Design) A formal statement of what is needed. Forexample, a Service Level Requirement, a ProjectRequirement or the required Deliverables for a Process.

(Service Design) The ability of a Configuration Item or ITService to resist Failure or to Recover quickly following aFailure. For example an armoured cable will resist failurewhen put under stress. See also Fault Tolerance.

(Service Operation) Action taken to repair the Root Causeof an Incident or Problem, or to implement a Workaround.In ISO/IEC 20000, Resolution Processes is the Processgroup that includes Incident and Problem Management.

(Service Strategy) A generic term that includes ITInfrastructure, people, money or anything else that mighthelp to deliver an IT Service. Resources are considered tobe Assets of an Organization. See also Capability, ServiceAsset.

A measure of the time taken to complete an Operation orTransaction. Used in Capacity Management as a measureof IT Infrastructure Performance, and in IncidentManagement as a measure of the time taken to answerthe phone, or to start Diagnosis.

A measurement of the time taken to respond tosomething. This could be Response Time of a Transaction,or the speed with which an IT Service Provider respondsto an Incident or Request for Change, etc.

See Restore.

(Service Operation) Taking action to return an IT Service tothe Users after Repair and Recovery from an Incident. Thisis the primary Objective of Incident Management.

(Service Transition) Permanent removal of an IT Service, orother Configuration Item, from the Live Environment.Retired is a stage in the Lifecycle of many ConfigurationItems.

(Service Strategy) (Continual Service Improvement) Ameasurement of the expected benefit of an investment. Inthe simplest sense it is the net profit of an investmentdivided by the net worth of the assets invested. See alsoValue on Investment.

An evaluation of a Change, Problem, Process, Project, etc.Reviews are typically carried out at predefined points inthe Lifecycle, and especially after Closure. The purpose ofa Review is to ensure that all Deliverables have beenprovided, and to identify opportunities for improvement.See also Post-Implementation Review.

A possible event that could cause harm or loss, or affectthe ability to achieve Objectives. A Risk is measured by theprobability of a Threat, the Vulnerability of the Asset tothat Threat, and the Impact it would have if it occurred.

The initial steps of Risk Management. Analysing the valueof Assets to the business, identifying Threats to thoseAssets, and evaluating how Vulnerable each Asset is tothose Threats. Risk Assessment can be quantitative (basedon numerical data) or qualitative.

The Process responsible for identifying, assessing andcontrolling Risks. See also Risk Assessment.

A set of responsibilities, Activities and authorities grantedto a person or team. A Role is defined in a Process. Oneperson or team may have multiple Roles, for example theRoles of Configuration Manager and Change Manager maybe carried out by a single person.

(Service Operation) The underlying or original cause of anIncident or Problem.

(Service Operation) An Activity that identifies the RootCause of an Incident or Problem. RCA typicallyconcentrates on IT Infrastructure failures. See also ServiceFailure Analysis.

The ability of an IT Service, Process, Configuration Item,etc. to perform its agreed Function when the Workload orScope changes.

The boundary, or extent, to which a Process, Procedure,Certification, Contract, etc. applies. For example the Scopeof Change Management may include all Live IT Servicesand related Configuration Items, the Scope of an ISO/IEC20000 Certificate may include all IT Services delivered outof a named data centre.

See Information Security Management.

See Information Security Management.

(Service Operation) A computer that is connected to anetwork and provides software Functions that are used byother Computers.

A means of delivering value to Customers by facilitatingOutcomes Customers want to achieve without theownership of specific Costs and Risks.

Any Capability or Resource of a Service Provider. See alsoAsset.

(Service Transition) The Process responsible for bothConfiguration Management and Asset Management.

(Service Design) (Continual Service Improvement) TheActivity responsible for understanding the Performanceand Capacity of IT Services. The Resources used by each ITService and the pattern of usage over time are collected,recorded, and analysed for use in the Capacity Plan. Seealso Business Capacity Management, Component CapacityManagement.

(Service Design) A database or structured Document withinformation about all Live IT Services, including thoseavailable for Deployment. The Service Catalogue is theonly part of the Service Portfolio published to Customers,and is used to support the sale and delivery of IT Services.The Service Catalogue includes information aboutdeliverables, prices, contact points, ordering and requestProcesses.

A Customer-oriented Culture. The major Objectives of aService Culture are Customer satisfaction and helpingCustomers to achieve their Business Objectives.

(Service Design) A stage in the Lifecycle of an IT Service.Service Design includes a number of Processes andFunctions and is the title of one of the Core ITILpublications. See also Design.

(Service Operation) The Single Point of Contact betweenthe Service Provider and the Users. A typical Service Deskmanages Incidents and Service Requests, and also handlescommunication with the Users.

(Service Design) An Activity that identifies underlyingcauses of one or more IT Service interruptions. SFAidentifies opportunities to improve the IT Service Provider’sProcesses and tools, and not just the IT Infrastructure. SFAis a time-constrained, project-like activity, rather than anongoing process of analysis. See also Root Cause Analysis.

(Continual Service Improvement) A formal Plan toimplement improvements to a Process or IT Service.

(Service Transition) A set of tools and databases that areused to manage knowledge and information. The SKMSincludes the Configuration Management System, as well asother tools and databases. The SKMS stores, manages,updates, and presents all information that an IT ServiceProvider needs to manage the full Lifecycle of IT Services.

Measured and reported achievement against one or moreService Level Targets. The term Service Level is sometimesused informally to mean Service Level Target.

(Service Design) (Continual Service Improvement) AnAgreement between an IT Service Provider and aCustomer. The SLA describes the IT Service, documentsService Level Targets, and specifies the responsibilities ofthe IT Service Provider and the Customer. A single SLAmay cover multiple IT Services or multiple customers. Seealso Operational Level Agreement.

(Service Design) (Continual Service Improvement) TheProcess responsible for negotiating Service LevelAgreements, and ensuring that these are met. SLM isresponsible for ensuring that all IT Service ManagementProcesses, Operational Level Agreements, andUnderpinning Contracts, are appropriate for the agreedService Level Targets. SLM monitors and reports on ServiceLevels, and holds regular Customer reviews.

Service Design) (Continual Service Improvement) ACustomer Requirement for an aspect of an IT Service. SLRsare based on Business Objectives and are used tonegotiate agreed Service Level Targets.

(Service Design) (Continual Service Improvement) Acommitment that is documented in a Service LevelAgreement. Service Level Targets are based on ServiceLevel Requirements, and are needed to ensure that the ITService design is Fit for Purpose. Service Level Targetsshould be SMART, and are usually based on KPIs.

Service Management is a set of specialized organizationalcapabilities for providing value to customers in the form ofservices.

An approach to IT Service Management that emphasizesthe importance of coordination and Control across thevarious Functions, Processes, and Systems necessary tomanage the full Lifecycle of IT Services. The ServiceManagement Lifecycle approach considers the Strategy,Design, Transition, Operation and ContinuousImprovement of IT Services.

A manager who is responsible for managing the end-toendLifecycle of one or more IT Services. The term ServiceManager is also used to mean any manager within the ITService Provider. Most commonly used to refer to aBusiness Relationship Manager, a Process Manager, anAccount Manager or a senior manager with responsibilityfor IT Services overall.

(Service Operation) A stage in the Lifecycle of an ITService. Service Operation includes a number of Processesand Functions and is the title of one of the Core ITILpublications. See also Operation.

(Continual Service Improvement) A Role that isaccountable for the delivery of a specific IT Service.

(Service Strategy) A detailed description of an IT Servicethat is available to be delivered to Customers. A Service Package includes a Service Level Package and one or moreCore Services and Supporting Services.

(Service Strategy) The complete set of Services that aremanaged by a Service Provider. The Service Portfolio isused to manage the entire Lifecycle of all Services, andincludes three Categories: Service Pipeline (proposed or inDevelopment); Service Catalogue (Live or available forDeployment); and Retired Services. See also ServicePortfolio Management.

(Service Strategy) The Process responsible for managingthe Service Portfolio. Service Portfolio Managementconsiders Services in terms of the Business value that theyprovide.

(Service Strategy) An Organization supplying Services toone or more Internal Customers or External Customers.Service Provider is often used as an abbreviation for ITService Provider.

(Continual Service Improvement) The Process responsiblefor producing and delivering reports of achievement andtrends against Service Levels. Service Reporting shouldagree the format, content and frequency of reports withCustomers.

(Service Operation) A request from a User for information,or advice, or for a Standard Change or for Access to an ITService. For example to reset a password, or to providestandard IT Services for a new User. Service Requests areusually handled by a Service Desk, and do not require anRFC to be submitted.

(Service Strategy) The title of one of the Core ITILpublications. Service Strategy establishes an overallStrategy for IT Services and for IT Service Management.

(Service Transition) A stage in the Lifecycle of an IT Service.Service Transition includes a number of Processes andFunctions and is the title of one of the Core ITILpublications. See also Transition.

(Service Design) (Continual Service Improvement) Theability of a Third-Party Supplier to meet the terms of itsContract. This Contract will include agreed levels ofReliability, Maintainability or Availability for a ConfigurationItem.

(Service Design) (Continual Service Improvement) Atechnique that creates a detailed model to predict thebehaviour of a Configuration Item or IT Service. SimulationModels can be very accurate but are expensive and timeconsuming to create. A Simulation Model is often createdby using the actual Configuration Items that are beingmodelled, with artificial Workloads or Transactions. Theyare used in Capacity Management when accurate resultsare important. A simulation model is sometimes called aPerformance Benchmark.

(Service Operation) Providing a single consistent way tocommunicate with an Organization or Business Unit. Forexample, a Single Point of Contact for an IT ServiceProvider is usually called a Service Desk.

(Service Design) Any Configuration Item that can cause anIncident when it fails, and for which a Countermeasure hasnot been implemented. A SPOF may be a person, or astep in a Process or Activity, as well as a Component ofthe IT Infrastructure. See also Failure.

(Continual Service Improvement) A Service LevelAgreement Monitoring Chart is used to help monitor andreport achievements against Service Level Targets. A SLAMChart is typically colour coded to show whether eachagreed Service Level Target has been met, missed, ornearly missed during each of the previous 12 months.

(Service Design) (Continual Service Improvement) Anacronym for helping to remember that targets in ServiceLevel Agreements and Project Plans should be Specific,Measurable, Achievable, Relevant and Timely.

(Service Transition) The current state of a Configuration ascaptured by a discovery tool. Also used as a synonym forBenchmark. See also Baseline.

A formal definition of Requirements. A Specification maybe used to define technical or Operational Requirements,and may be internal or external. Many public Standardsconsist of a Code of Practice and a Specification. TheSpecification defines the Standard against which anOrganization can be Audited.

All people who have an interest in an Organization,Project, IT Service, etc. Stakeholders may be interested inthe Activities, targets, Resources, or Deliverables.Stakeholders may include Customers, Partners, employees,shareholders, owners, etc. See also RACI.

A mandatory Requirement. Examples include ISO/IEC20000 (an international Standard), an internal securitystandard for Unix configuration, or a government standardfor how financial Records should be maintained. The termStandard is also used to refer to a Code of Practice orSpecification published by a Standards Organization suchas ISO or BSI. See also Guideline.

The name of a required field in many types of Record. Itshows the current stage in the Lifecycle of the associatedConfiguration Item, Incident, Problem, etc.

(Service Operation) The Process responsible for managingthe storage and maintenance of data throughout itsLifecycle.

(Service Strategy) The highest of three levels of Planningand delivery (Strategic, Tactical, Operational). StrategicActivities include Objective setting and long-term Planningto achieve the overall Vision.

(Service Strategy) A Strategic Plan designed to achievedefined Objectives.

(Service Strategy) (Service Design) A Third Partyresponsible for supplying goods or Services that arerequired to deliver IT services. Examples of suppliersinclude commodity hardware and software vendors,network and telecom providers, and outsourcingOrganizations. See also Underpinning Contract, SupplyChain.

(Service Design) The Process responsible for ensuring thatall Contracts with Suppliers support the needs of theBusiness, and that all Suppliers meet their contractualcommitments.

(Service Strategy) The Activities in a Value Chain carriedout by Suppliers. A Supply Chain typically involvesmultiple Suppliers, each adding value to the product orService.

(Service Operation) A group of people with technical skills.Support Groups provide the Technical Support needed byall of the IT Service Management Processes. See alsoTechnical Management.

(Continual Service Improvement) A technique that reviewsand analyses the internal strengths and weaknesses of anOrganization and of the external opportunities and threatsthat it faces. SWOT stands for Strengths, Weaknesses,Opportunities and Threats.

A number of related things that work together to achievean overall Objective. For example:■ A computer System including hardware, software andApplications■ A management System, including multiple Processesthat are planned and managed together. For example,a Quality Management System■ A Database Management System or Operating Systemthat includes many software modules that aredesigned to perform a set of related Functions.

The middle of three levels of Planning and delivery(Strategic, Tactical, Operational). Tactical Activities includethe medium-term Plans required to achieve specificObjectives, typically over a period of weeks to months.

(Service Operation) The Function responsible for providingtechnical skills in support of IT Services and managementof the IT Infrastructure. Technical Management defines theRoles of Support Groups, as well as the tools, Processesand Procedures required.

(Continual Service Improvement) A technique used inService Improvement, Problem investigation andAvailability Management. Technical support staff meet tomonitor the behaviour and Performance of an IT Serviceand make recommendations for improvement.

See Technical Management.

(Continual Service Improvement) A set of related Metrics,in which improvements to one Metric have a negativeeffect on another. Tension Metrics are designed to ensurethat an appropriate balance is achieved.

(Service Transition) An Activity that verifies that aConfiguration Item, IT Service, Process, etc. meets itsSpecification or agreed Requirements. See also Acceptance.

(Service Transition) A controlled Environment used to TestConfiguration Items, Builds, IT Services, Processes, etc.

A person, group, or Business that is not part of the ServiceLevel Agreement for an IT Service, but is required toensure successful delivery of that IT Service. For example, asoftware Supplier, a hardware maintenance company, or afacilities department. Requirements for Third Parties aretypically specified in Underpinning Contracts orOperational Level Agreements.

Anything that might exploit a Vulnerability. Any potentialcause of an Incident can be considered to be a Threat. Forexample a fire is a Threat that could exploit theVulnerability of flammable floor coverings. This term iscommonly used in Information Security Management andIT Service Continuity Management, but also applies toother areas such as Problem and Availability Management.

The value of a Metric that should cause an Alert to begenerated, or management action to be taken. Forexample ‘Priority 1 Incident not solved within four hours’,‘more than five soft disk errors in an hour’, or ‘more than10 failed changes in a month’.

(Service Design) A measure of the number of Transactions,or other Operations, performed in a fixed time. Forexample, 5,000 e-mails sent per hour, or 200 disk I/Os persecond.

(Service Strategy) A methodology used to help makeinvestment decisions. TCO assesses the full Lifecycle Costof owning a Configuration Item, not just the initial Cost orpurchase price.

(Continual Service Improvement) A methodology formanaging continual Improvement by using a QualityManagement System. TQM establishes a Culture involvingall people in the Organization in a Process of continualmonitoring and improvement.

A discrete Function performed by an IT Service. Forexample transferring money from one bank account toanother. A single Transaction may involve numerousadditions, deletions and modifications of data. Either all ofthese complete successfully or none of them is carried out.

(Service Transition) A change in state, corresponding to amovement of an IT Service or other Configuration Itemfrom one Lifecycle status to the next.

(Continual Service Improvement) Analysis of data toidentify time-related patterns. Trend Analysis is used inProblem Management to identify common Failures orfragile Configuration Items, and in Capacity Managementas a Modelling tool to predict future behaviour. It is alsoused as a management tool for identifying deficiencies inIT Service Management Processes.

The Activity responsible for Planning changes to make themost efficient use of Resources. Tuning is part ofPerformance Management, which also includesPerformance monitoring and implementation of therequired Changes.

(Service Design) A Contract between an IT Service Providerand a Third Party. The Third Party provides goods orServices that support delivery of an IT Service to aCustomer. The Underpinning Contract defines targets andresponsibilities that are required to meet agreed ServiceLevel Targets in an SLA.

(Service Strategy) The Cost to the IT Service Provider ofproviding a single Component of an IT Service. Forexample the Cost of a single desktop PC, or of a singleTransaction.

(Service Transition) (Service Design) A measure of howlong it will be until an Incident, Problem or Change has asignificant Impact on the Business. For example a highImpact Incident may have low Urgency, if the Impact willnot affect the Business until the end of the financial year.Impact and Urgency are used to assign Priority.

A person who uses the IT Service on a day-to-day basis.Users are distinct from Customers, as some Customers donot use the IT Service directly.

(Service Strategy) Functionality offered by a Product orService to meet a particular need. Utility is oftensummarized as ‘what it does’.

(Service Transition) An Activity that ensures a new orchanged IT Service, Process, Plan, or other Deliverablemeets the needs of the Business. Validation ensures thatBusiness Requirements are met even though these mayhave changed since the original design. See alsoVerification, Acceptance, Qualification.

(Service Strategy) A sequence of Processes that creates aproduct or Service that is of value to a Customer. Eachstep of the sequence builds on the previous steps andcontributes to the overall product or Service.

An informal measure of Cost Effectiveness. Value forMoney is often based on a comparison with the Cost ofalternatives.

(Continual Service Improvement) A measurement of theexpected benefit of an investment. VOI considers bothfinancial and intangible benefits. See also Return onInvestment.

The difference between a planned value and the actualmeasured value. Commonly used in FinancialManagement, Capacity Management and Service LevelManagement, but could apply in any area where Plans arein place.

(Service Transition) An Activity that ensures a new orchanged IT Service, Process, Plan, or other Deliverable iscomplete, accurate, Reliable and matches its designspecification. See also Validation, Acceptance.

(Service Transition) A Version is used to identify a specificBaseline of a Configuration Item. Versions typically use anaming convention that enables the sequence or date ofeach Baseline to be identified. For example PayrollApplication Version 3 contains updated functionality fromVersion 2.

A description of what the Organization intends to becomein the future. A Vision is created by senior managementand is used to help influence Culture and StrategicPlanning.

(Service Design) A Function of a Business Process that iscritical to the success of the Business. Vital BusinessFunctions are an important consideration of BusinessContinuity Management, IT Service ContinuityManagement and Availability Management.

A weakness that could be exploited by a Threat. Forexample an open firewall port, a password that is neverchanged, or a flammable carpet. A missing Control is alsoconsidered to be a Vulnerability.

A Document containing detailed instructions that specifyexactly what steps to follow to carry out an Activity. AWork Instruction contains much more detail than aProcedure and is only created if very detailed instructionsare needed.

(Service Operation) Reducing or eliminating the Impact ofan Incident or Problem for which a full Resolution is notyet available. For example by restarting a failedConfiguration Item. Workarounds for Problems aredocumented in Known Error Records. Workarounds forIncidents that do not have associated Problem Records aredocumented in the Incident Record.

The Resources required to deliver an identifiable part of anIT Service. Workloads may be Categorized by Users, groupsof Users, or Functions within the IT Service. This is used toassist in analysing and managing the Capacity,Performance and Utilization of Configuration Items and ITServices. The term Workload is sometimes used as asynonym for Throughput.