Skip to content


ITIL in 3 Minutes

Itil_licensed affilliate

1. The current version

ITIL (Information Technology Infrastructure Library) 2011 Edition

2. The basics

ITIL® is the most widely accepted approach to IT service management in the world; it focuses on aligning IT services with the needs of the business.

3. Summary

ITIL was created in the 1980s by the UK government’s CCTA (Central Computer and Telecommunications Agency) with the objective of ensuring better use of IT services and resources. ITIL is now owned by Axelos: the current version is ITIL 2011 Edition (published July 2011), which updates ITIL v3.

ITIL advocates that IT services must be aligned with the needs of the business and underpin the core business processes. It provides guidance to organizations on how to use IT as a tool to facilitate business change, transformation and growth. The ITIL best practices are described in five core guides that map the entire ITIL Service Lifecycle (see Figure).

  • Service Strategy – understanding who the IT customers are, the service offerings to meet their needs, and the IT capabilities and resource to deliver the services
  • Service Design – assures that new and changed services are designed effectively to meet customer expectations, including the technology, architecture and processes that will be required

Continued…

Posted in Exams, IT Service Mgmt.

Tagged with , , .


BRMP® – Building a Bridge Between Business Value and Technology

APMG-International and Leading Edge Forum (LEF) recently delivered a webinar on Business Relationship Management, delivered by Tudor Rees, Associate at LEF.

IT enterprises are facing a dilemma between having a COST agenda for back office efficiency or having a VALUE agenda to achieve front-office effectiveness.

The difference between the two are: in a COST agenda, the approach is often inside-out. There is efficiency and control on processes, standard platforms that teams can work on, structured data, established suppliers, simple and certain ways of work, high compliance but there is also a ‘one size fits all’ approach.

On the other hand, in the VALUE agenda, it is an ‘outside-in’ approach with a focus on value creation. In such organizations, employees are often empowered to think and do outside the box, new technologies are adopted, creativity is encouraged, individuals often bring unique capabilities to the team and are led by business intelligence. However, in these organizations, the risks tend to be higher with a reward to match the risks involved.

Today, new business models are more like the latter, outside-in in approach, and with a strong digital agenda. Organizations embracing this approach engage with key executives, keep customers and partners informed and updated, promote transparency within the business and have a digital focus.

Continued…

Posted in Accreditation, Business relationship management, Project Mgmt.

Tagged with , , , , , .


ISO/IEC 20000 – Different Types of Audit

Print

 

ISO/IEC 20000 audits

In ISO/IEC 20000-1 there are requirements for 3 types of audits. Most people recognize the need for internal audit but may forget that there are also requirements for information security audits and configuration audits.

Internal audit (clause 4.5.4.1/2 of ISO20000-1)

The internal audit requirements are common to all management system standards e.g. 9001, 27001. The audit is not just against the requirements of ISO20000-1 but also against the service requirements and the SMS i.e. the organization’s SM policy, SM objectives, SM plan. There is a requirement to audit that all of these items are ‘effectively implemented and maintained’.

Internal audits need to be conducted to ensure objectivity and impartiality. Auditors are not allowed to audit their own work. There are usually 3 options to resource auditors:

  • an internal audit department within your organization
  • staff within IT services auditing each other’s work
  • external consultants conducting internal audits on your behalf.

A procedure is required to provide details of the objectives of internal audits, responsibilities and reporting. The internal audit programme needs to be planned including the criteria, scope, frequency and methods for the audit. The audit may find nonconformities and can make recommendations for improvement.

After an audit, the audit results are written up and reported to the management responsible for the  audited area that are then responsible for ensuring that corrective actions are taken. The actions also need to be verified to close any nonconformities found.

ISO 19011 provides useful guidance on internal auditing.

Continued…

Posted in ISO Schemes.

Tagged with , .


APMG Launches New Operation in Brazil

Priscylla Monteiro -Business Development Manager, APMG South and Central America

Priscylla Monteiro -Business Development Manager, APMG South and Central America

APMG International is thrilled to unveil the successful launch of our new operation in Brazil, São Paulo.

The launch of this operation has been catalyzed by a rise in Professional Certifications in South America.

This operation allows us to expand our reach to Portuguese speaking professionals – giving them access to our extensive portfolio of qualifications. It’s an exciting prospect – as this expansion gives many more individuals the opportunity to enhance their business knowledge, skills and performance.

Priscylla Monteiro is spear-heading the operation as manager – enabling Accredited Training Organizations (ATOs) in South America access to over 40 APMG certification and qualification schemes.

Priscylla said that the operation has so far been well received, “The market is pleased to have a local APMG presence. Having the chance to represent APMG in South America will be a great and enjoyable challenge for me.

“My strategy will be to work closely with our customers to help them to identify the best product for their business and to develop a successful growth plain in partnership with them.”

Continued…

Posted in Events.

Tagged with , .


Signing On the Dotted Line

IACCM Logo

Contracts are a part of everyday life; from employment contracts and mortgages to the additional warranty offered on purchases of white goods. So should I be reading every word in these documents, or I should I just shrug and put my signature in the allocated space? Most people will agree with me when I say that a contract is not a riveting read. But we all know that we should be aware of what we are signing ourselves up for before we put pen to paper.

I am the first to admit that I always tick the ‘I agree’ or ‘I have read & understood the terms and conditions’ box as soon as it appears – without clicking on the link to read the details of the terms and conditions. It’s quicker that way; I don’t have time to read the small print, I just want to get to where I am going without paperwork holding me up. I make the assumption that the terms and conditions given to me by my lender or high street retailer are OK, because surely anything untoward in there would have already been picked up by someone else signing before me?

However in business we don’t see these ‘standard’ agreements as often. Contracts between organizations are usually initiated for a specific project. Therefore the detail contained within the contract will be more highly defined and appropriate to the parties involved than a high street retailer agreement. There would have been negotiation and discussion on the responsibilities and requirements of both parties before the contract was drafted. And both of you have pledged your commitment to this venture.

Continued…

Posted in Qualifications.

Tagged with , , , , .


How Cyber-Space Has Changed The Way We Export

The Queen's Awards for Enterprise: International Trade 2010UK Trade and Investment (UKTI) has nearly reached the end of its sixth Export Week. UKTI hold a series of export-focused events throughout the UK – empowering businesses to start their venture into exporting or increasing their international trade.

Harnessing the excitement surrounding this occasion – we reflect on APMG’s own success in exporting and its journey towards achieving a Queens Award for Enterprise in the International Trade Category.

Awarded to us in 2012 – the award serves as recognition of outstanding continuous performance over a period of six years. APMG proudly displays the Queen’s Award Emblem as recognition of our enduring commitment to developing leading qualifications – that challenge and reward candidates with critical knowledge and skills.

The award also recognizes the exemplary training delivered by our Accredited Training Organizations (ATOs) who operate across the globe. It’s commendable that our ATOs survive our scrupulous assessment process – so candidates can be confident that our ATOs are committed to providing world-class training.

Continued…

Posted in Accreditation, Cyber Security, Events, Exams, Project Mgmt, Qualifications.

Tagged with , , , , , .


COBIT in 3 Minutes

COBIT 5 Logo1. The current version 

COBIT®5

2. The basics

Originally designed for auditors to audit the IT organization, COBIT 5 (Control Objectives for Information and Related Technology) is about linking business goals to IT objectives (note the linkage here from vision to mission to goals to objectives). COBIT 5 (launched April 2012) provides metrics and maturity models to measure whether or not the IT organization has achieved its objectives. Additionally, COBIT identifies the associated responsibilities of the business process owners as well as those of the IT process owners.

3. Summary

COBIT is owned and supported by ISACA. It was released in 1996; the current Version 5.0 (April 2012) brings together COBIT 4.1, Val IT 2.0 and Risk IT frameworks.

The COBIT 5 principles and enablers are generic and useful for enterprises of all sizes, whether commercial, not-for -profit or in the public sector (Figures 1 and 2).

COBIT 5 Principles

Figure 1: The COBIT 5 Principles

Continued…

Posted in Exams, IT Service Mgmt.

Tagged with , , .


BiSL in 3 Minutes

bisl-fcmac

1. Current version

BiSL® (Business Information Services Library) 2nd Edition

2. The basics

BiSL (Business Information Services Library) is a framework and collection of best practices for business information management.

3. Summary

BiSL (Business Information Services Library) was developed by a Dutch IT service provider, PinkRoccade and made public in 2005. BiSL was then transferred to the public domain and adopted by the ASL BiSL Foundation. The current version is the 2nd Edition, published in 2012.

BiSL focuses on how business organizations can improve control over their information systems: demand for business support, use of information systems and contracts and other arrangements with IT suppliers. BiSL offers guidance in business information management: support for the use of information systems in the business processes, operational IT control and information management.

The library consists of a framework, best practices, standard templates and a self-assessment. The BiSL framework gives a description of all the processes that enable the control of information systems from a business perspective.

Continued…

Posted in Qualifications.

Tagged with .


ASL in 3 Minutes

ASL Logo1. Current Version

ASL®2 (Application Services Library)

2. The basics

ASL (Application Services Library) is a framework and collection of best practices for application management.

3. Summary

ASL (Application Services Library) was developed by a Dutch IT service provider, PinkRoccade, in the 1990s and was made public in 2001. Since 2002 the framework and the accompanying best practices have been maintained by the ASL BiSL Foundation. The current version is ASL2, published in the Netherlands in 2009.

ASL is concerned with managing the support, maintenance, renewal and strategy of applications in an economically sound manner. The library consists of a framework, best practices, standard templates and a self-assessment. The ASL framework provides descriptions of all the processes that are needed for application management.

The framework distinguishes six process clusters, which are viewed at operational, managing and strategic levels see Figure.

The application support cluster at the operational level aims to ensure that the current applications are used in the most effective way to support the business processes, using a minimum of resources and leading to a minimum of operational disruptions.

The application maintenance and renewal cluster ensures that the applications are modified in line with changing requirements, usually as a result of changes in the business processes, keeping the applications up-to-date. The connecting processes form the bridge between the service organization cluster and the development and maintenance cluster.

The management processes ensure that the operational clusters are managed in an integrated way.

Finally, there are two clusters at the strategic level. The aim of the application strategy cluster is to address the long-term strategy for the application(s). The processes needed for the long-term strategy for the application management organization are described in the application management organization strategy cluster.

Continued…

Posted in Project Mgmt, Qualifications.

Tagged with , , .


ISO/IEC 20000 – Minimizing the Documentation

Hands with empty paper reaches out from big heap of crumpled papers

I wrote a previous blog about the mandatory documents required by ISO/IEC 20000-1. Following on from that, I have been asked how to minimize the number of documents.

The mandatory documents were listed in a previous blog. They add up to:

• 6 policies
• 8 plans
• 14 processes for clauses 5 – 9 plus other processes for sub-clauses of clause 4 e.g. documentation management, resource management, internal audit, continual improvement
• 19 procedures
• 5 definitions
• 12 other documents e.g. SLA, service catalogue.

Remember that documents do not need to be very long – in fact they are more likely to be used if they are kept short and succinct. Some documents can be embedded within a tool e.g. procedures. Documents should be written to be used and useful, not just because the standard requires it.

Continued…

Posted in ISO Schemes.

Tagged with .