Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March.

2014

AN INVESTIGATION OF THE PROCESSES OF IT MANAGEMENT

Dr. Ahmad Kardan1, Abolghasem Akbarnejad2

1
Assistant Professor, Department of IT Management, Faculty of Computer, Amir Kabir University,
Tehran, Iran
2
MSc of IT, Department of IT Management, Faculty of Computer, Amir Kabir University, Tehran, Iran

Abstract
There are some framework and standard to define and model IT management processes, these
are ISO/IEC 20000-1 and ITIL V3 (IT Infrastructure Library – version 3), COBIT (Control
Objectives for Information and Related Technology), MOF (Microsoft Operations Framework),
HP service management framework and also maturity framework (Logan J.C., 2008). In this
research the route map is all considered management processes in ISO/IEC 20000-1.The process
of IT management categorized to five process (service delivery processes, control processes,
release process, resolution processes and relationship processes) , each processes are involved
one or several service management activities, these services in ITIL V3 are known ITSM (IT
Services Management), we have tried to describe a related articles or journals in each section of
ITMS, of course in some cases we compare ISO/20000-1 with ITIL V3 .
Keywords: ISO/IEC 20000-1, ITILv3, Process, Service, ITMS.
Introduction
The requirements for a service provider or an organization in order to managed services with
acceptable quality to its customers are defined in ISO/IEC 20000-1, These requirements may be
used: (1) by businesses that are intending to sale for their services or (2) they need a consistence
approach by all service providers in supply chain, (3) service providers test their IT service
management,(4)as a principle for an independent evaluation ,(5) by an organization which
requires to show the power to provide services that do customer requirements and (6) helps to
recovery service with a good and effective application of processes to monitor and improve
service quality. The type of the business relationship between the service provider and business
will specify how the requirements in ISO/IEC 20000-1 are implemented in order to meet the
overall purpose. (Overall purpose by organizations or service providers is a good service with
acceptable quality for their customers). [r1, p1]

Terms and definitions:

Availability: Is defined a ratio of service utilization time by businesses regard to agreed
service hours.
Baseline: The image of a service or a distinctive configuration items at a point in time.

117
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Change record: The detail contains of configuration items under change effect.
Configuration item (CI): The part of an infrastructure under control of configuration
management.
Configuration management database (CMDB): The database have all related details of
each configuration items and have important relationship between them.
Document: Information and supporting instrument.
Incident: An event doesn’t depend of a standard operation of a service that it may be cause
an interrupt or decreasing quality of that service.
Problem: Unknown main cause of one or some incident.
Record: A result of activities performed is led to register in document.
Release:Set of new or changed configuration items which are examined and into the
live environment together.
Request for change: Form or screen used to record details of a request for a change to any
configuration item within a service or infrastructure.
Service desk: Customer facing support group who do a high proportion of the total support
work.
KPI: Key performance indicators are important metrics and measures used to report on the
performance of process, IT service or activity.
1. Service delivery processes:
Service Delivery defines the business of IT. Service Delivery processes assist staff in
tailoring services to meet the specific business needs at a price the business can afford.
1-1.Service level management:
Executing Service Level Management processes permits IT staff to more accurately and
cost effectively provision identified levels of service to the business. The processes
ensure business and IT understand their roles and responsibilities and empower the
business units. The process of IT Service Levels from planning to monitoring and
controlling phases is IT Service Level Management (SLM) and these phases are namely
classic Anthony’s cycle (Anthony, R.A., 1966).SLM support all steps of the IT system
diagram from analysis of user requirements to software developing and ultimate, to
operation. With the growth of activities, internal and external demands for IT services, IT
Service Level has a key and important role in corporations. IT Service Level calculate the
quality provided by IT services, e.g. the responsible time for a web testing system or at
least and at last volume of customers demand bandwidth in ISP (Internet Service
Provider) subscribers. IT Service Level is an element of Service Level Agreement
(SLA).SLA is expected service level that customers pay money for it. Companies used
SLA to specify contracts with outsources and also to define the quality of service levels
for IT department and their subscribers. [r2, p1]
The difficult and challenged subject in IT service Level is how to measure Long Running
Process (LRP).LRP measuring is first step in IT service level. Complicated processes
consist of several activities and different of stakeholders. For example the “freight train
combination” LRP contains Freight section and Track section and also Sales Offices and
End subscribers, who are like to order service level of the whole business process, thus in
the first step we shall develop a SLM framework called ESLAM-Extended Service Level
Analysis Model that expands some famous IT management framework as ITIL, COBIT,
MOF, HP Service Management Framework, maturity framework. ELSAM gives a wide
view of SLM, which contains (a) the service variables are calculated by SLM, (b) the

118
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

organizational framework of roles and functions to execute SLM and (c) the information
system (1) snapshot performance data (2) measure service performances and (3) report
information to managers. Service variables specify what SLM calculates. The extensive
measurement span, the more mature SLM. The term of measure metrics and measure
objects defined each level of IT services measurement span. The higher number of
metrics and objects led to more mature SLM, In short, within each service level m, the
service variables V are given by the intersection of the set of objects O at the level and
the set of applicable metrics M of each level, which is lower or equal to Cartesian
product (Equation 1-1-1). [r2, p2]

∑ : =( ∩ )≤( × )
Equation 1-1-1
Basis on ITIL classification, we have three levels, IT Technical Services, IT Business
Services and Business Processes.IT Technical Services is the lowest level in ITIL
framework because these are not understand by customers. Business Services are the
intermediate level, they order and support a specific application. Business Processes are
very complicated level and has an essential roles to the business impact. Reaction of
stakeholders is a baseline for business process performance .Figure 1-1-1 display the
stakeholder oriented grid of business process performances, so that in columns we have
list classes of performance (cost, quality, level of service) while in row we have list
classes of stakeholders (manager, customer, worker) and squares contain Key
Performance Indicators (KPI). [r2, p3]

Figure 1-1-1 the stakeholder oriented grid of business process performances

The building block that scatter whole system lifecycle are defined with Service Level
Information System. Figure 1-1-2 show a wider coverage of the reference architecture
model more mature the SLM.

119
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Figure 1-1-2 Building Blocks of the Service level Information System

Project Control (PC) supports the project cycle. The project activities are related PC, it is
a key point in large organization. Real Time Control (RTM) gathers status of each object
that contributes to technical and business services. Catalogue and SLA management
maintain the catalogue of services along their life cycle, from design to operation and
termination. Management Control (MC) is a business intelligence software that saves and
resolutions time sequence of performances, therefore supporting planning and
intermittent, control of the performances. [r2, p4]
1-2.Service reporting:
The Service Reporting reports on the results achieved both operationally and
strategically. It also reports on any developments related to Service Level Agreements
such as hitting various targets, like availability. Its purpose is to provide information to
both IT and the business in order for informed decisions to be made. IT and the business
should agree the format and style of reports to suit their relevant audiences. Many
problem would occur when we had implement IT security and service management
framework for customers especially when we have used a business process model for the
first time. The improvement process is a main areas of ambiguity, by checking problems
in implementing ITSM for customers, we made a reporting structure to reduce
ambiguities. Reports must be understandable for managers if we want have a successful
implementation. The goal of service reporting framework is an instrument for
organizations to specify their interior communications and streamline defining and
monitoring KPIs and metrics and finally Continual Service Improvement (CSI) process.
Reporting process aids to specify clearly whatever we expect in each activity. [r3, p1]
The service reporting have six type of reporting that we describe each of reporting. (1)
Reporting routine tasks is one of the type reporting that it used for operational level, is
about successes and failures to achieve of daily goals activities of operation and
monitoring type. These report is for section manager and process owner .low amount of
analytical process and frequently tasks activities, time intervals, inconsistencies and
extermums in observations are characteristics of these report. (2) Reporting assigned
tasks are tactical levels, is about the advance of project and allocated tasks. These reports
are proper for design, development, deployment and implementation activities. This type
of reporting are used by function managers or the change advisory board (CAB). They
contain some basic analysis on the development of the project/task, achievements, traps,

120
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

fagged works, estimations, lessons learned, etc. (1) and (2) were the process of measuring
activities in IT processes but two next reporting are used for IT service measurement. (3)
Reporting on events, these type of report is in operational level and have low level data of
events. The data are gained in operation, monitoring and supporting activities and has
abstract of various types of events in IT services, specifically in security events and the
details of type of events. Service managers are used this type of report. (4) Reporting on
services, this type of report is of a tactical level and is about service status data. Data in
service management activities and monitoring are used for forecasted service levels,
customer satisfaction measurement metrics for defining (Service Level Agree SLA, and
contracts. Service mangers use this type of report. (5) Reports on review meetings are of
a strategic or tactical level and are prepared after review meeting in various statuses of IT
service management. They always consist of digest of discussions, opinions of presented
by different sections, and particularities of intensions made, task assigned, further
activities/meetings scheduled. (6) Management reports is of strategy level is about all
high level perspective of ITSM framework. Top IT and business management officers,
the Continual Service Implements (CSI) managers are used this type of report. [r3, p2]

Table 1-2-1 types of report

A reporting framework policy needs to be documented and agreed with the various
business units as the finance department would want to see a different set of reports from
the marketing department. This would be incorporated at the Service Design (service
design Measurement and reporting is a key requirement of service improvement, which
in turn is required for value creation and success in a competitive market. The proposed
reporting framework helps organizations to define reports in a way that eases service
improvements.)Phase. [r3, p3]
Service reporting policies should be obviously specified, and related to all IT personnel.
Each report and report template should have a distinct recognizer. Reports should consist
of reference to their report template. Report template must specify goal, who are exploit
and using it and needed metrics and also data sources of reports. [r3, p3]

121
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Measurement and reporting is an index requirement of service enhancement which is

needed for value creation and victory in a competitive market. The service reporting
aids organizations to specify reports in a method that eases service enhancements. [r3,
p6]

1-3.Service continuity and availability management:

Availability Management helps determine the IT services offered by the organization to
its customers are critical or strategic in nature. The procedures in the recovery plans may
depend on the information offered by availability management regarding the reasonable
periods of interruption of each service and its impact on the business. [r4, p2]
This section based on the real needs of the distance education and ITIL standard
nominated a proper university distance education IT services, changing IT services,
change from passive to active service. Distance education ITSM model is categorized
into two parts – the IT service lifecycle design and IT service organizational structure
design. IT service lifecycle is a set of service strategy, service design, service
transformation and service operators are four service process to consist a closed – loop
system, by continuing to enhance service to improve the quality of IT services. [r4, p2]
Figure 1-3-1: ITSM model of distance education

Service strategy step is to ensure the enlargement of IT strategy and business

development includes distance education all over business goals and management
expectations. The purpose of service design is the design of new or changed services into
real application, to ensure that all perspective of the design have been taken into full care
the design of each service must be universal care of the related functions , management
and operational levels. [r4, p3]
Service Design phase consist of service availability management, continuity management
and information security management processes. Availability management is to analyze
the user’ availability needs, to optimize the availability of IT infrastructure to certify
availability at a rational cost to meet the increase of requests. Continuity management
purpose is to ensure that the IT infrastructure and IT services after a tragedy within
conditional time to meliorate to patronage the school core business continuity.
Information security management purpose is to make IT security and business security
composite to make a security risk control and reply mechanism to limit unauthorized
users from exploiting of IT services that is provided. [r4, p3]

122
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Service Transition purpose is to decrease famous errors and changes introduced to the
real application of the risk, to provide the valid information, therefor users can make
decisions at the correct time, for maintain an effective service management processes. In
distance education ITSM model transformation phase major design change management,
configuration management, release management knowledge management processes. A
collection of daily activities and appropriateness of the implementation of the process to
prepare users with management, to reach the established service level agreement (SLA)
service is the main goal of Service Operations. The service operational stage consist of
event management, incident management, problem management, application and
infrastructure monitoring and management of four processes. [r4, p3]

Figure 1-3-2: Model of application and infrastructure monitoring and

Management process
The monitoring and management of applications and infrastructure assigned to Distance
education ITSM model. With regard to the university network, education exercitation in
IT service pulls out in the current distance education, a typical network education college
centralize on service strategy model in the process of requirements analysis and needs
change management and remote education system maintenance management organization
structure design and service operators in the application management. [r4, p4]
1-4.Budgeting and accounting for IT services:
IT financial management prepares a method to estimate, control and scatter the expenses
of IT services which have been specified in the catalog of services. IT financial
management services specifies the equivalence between the expense and quality of
service and maintains the equivalence of supply and request between the service provider
and their subscribers.IT financial management includes three main activities, (1)
Budgeting this is the activity of forecasting and controlling the revenue and cost of a
money within the organization. Budgeting includes an intermittent discussion cycle to
budgets and the monthly monitoring of the current budgets. Effective IT budgeting
identifies all future IT expenses related to a particular service, operation, or customer for
a given period of time. Budgeting for IT expenses combines previous commitments, such

123
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

as recurring hardware or software maintenance, and new expenses, such as additional

staff to determine the resources for a given service or activity. [r5, p4]
(2) Accounting this activity enables IT organization to account totally for the way its
money to spend. IT accounting is the process of collecting financial information—both
costs and benefits—for IT services and organizations. IT accounting helps the
organization determine the financial cost, benefits, and risks of an IT service. It is
intermittent to specify the expense model to be used, the classifications to record costs
(expense type and expense elements), and the expense categories. [r5, p4]
(3) Charging is the activity needed to bill subscribers for the services supported to
them.it is intermittent to specify the charging policies (for example expense recovery,
recovery with and additional margin, notational charging), to decide the chargeable items,
to instate how much customers will be charged (pricing), and to yield and present a bill
for services to a subscriber(billing). The IT charging activity combines the service's rate
and the measure of consumption or utilization to create a bill or charge for the internal or
external customer. Together, the rate and measure of consumption help the organization
develop charges or assessments to recover total costs of providing a service or achieve
target profit goals.
[r5, p4]
1-5.Capacity management:
To ensure that organization has enough capacity to meet customer requirements and
future demands of them is the goal of capacity management. Capacity management must
prepare and maintain a capacity plan. Capacity management consist of (a) current and
forecasted capacity and performance needs, (b) specified time criterion, limens and
expenses for upgrading services, (c) Assessment of impacts of forecasted service
upgrades, demands for change, new technologies and methods on capacity, (d)
anticipated effect of outside changes (e) data and processes for prediction of analysis.
Methods should be specified to monitor service capacity. [r1, p10]

Capacity Management is one of five components in the ITIL Service Delivery area. The
work is proactive rather than reactive in nature and is responsible for ensuring that
business needs and service definitions are fulfilled using a minimum of computing
resources. Capacity management containing three sub process business capacity
management, service capacity management, and component capacity management.
[Wikipedia web site]

A failure in IT system have a solemn effects on IT Service Delivery and business

performance. Decreasing of the danger of failure can be reach proper aspect of IT
capacity and the planning of its utilization.IT managers must predict to prepare without
interruption sufficient IT resources to supply company operations, plans and predictions
to ensure that functioning continuity. The capacity management process prepares indexes
for IT managers, especially they shall monitor the equivalence between the business
requests plus IT service support needed and the essential IT expenses and resources
investment.as showed in figure 1-51, the main process consist of in four key activities: (I)
survey current activity and performance , (II) enhance current service and system
capacity. (III) Evaluate, agree and document new needs and capacity. (IV) Plan new
capacity. [r6, p5]

124
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

To support key activities (capacity and performance reports, forecasts, capacity plan) we
need three types of deliverables are expected (Capacity Management activities include
Monitoring, analyzing, tuning, and implementing necessary changes in resource
utilization, Managing demand for computing resources, which requires an understanding
of business priorities, Modeling to simulate infrastructure performance and understand
future resource needs, Application sizing to ensure required service levels can be met,
Storing capacity management data, Producing a capacity plan that documents current
utilization and forecasted requirements, as well as support costs for new applications or
releases, Building the annual infrastructure growth plan with input from other teams.).
Key activities are performed at three type of levels that are firmly connected. Service
quality is valued on the principle of SLA. The SLA are discussed at the business level.
For analyzing of several supporting activities, the IT managers need the related data
about system activity, ITIL proposes to install a Capacity Management Information
System (CMIS) to reach all historical data to manage capacity.
[r6, p6]

Figure 1-6-1: Overview of the information technology infrastructure library (ITIL)

Capacity management process. SLA, service-level agreements.

1-6.Information Security Management:

As the study of the big five there is very important information of security standards
which are ISO 27001, BS7799, PCIDSS, ITIL and COBIT. Information is organized on
business of Information Technology (IT) that is acceptable in the world.in the figure 1-6-
1 is shown the deter by business strategy which is basically set on the information of
ISMS, it is an important standards of big five. There are number of standards for IT
governance such as PRINCE2, OPM3, CMMI, P-CMM, PMMM, ISO27001, BS7799,
PCIDSS, COSO, SOA, ITIL and COBIT that can be added. [r7, p23]

125
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Figure 1-6-1: Activities of unidentified user as potential attack and threat to organization

BS7799 was a standard that published by British standard. (BSI) group in 1995.one
worldwide security standard specified for fraud detection for payment cards that is
PCIDSS (the Payment Card Industry Data Security Standard). [r7, p24]
COBIT is an IT framework that classified as following
 Strategic alignment: IT focus on business and IT plans.
 Value delivery: is the value of the IT delivery.
 Resource management: is an optimal investment of critical IT resources for
people and infrastructure.
 Risk Management: is a clear understanding for risk taking.
 Performance measurement: is a strategy of project that use the process of
performance.
[r7, p 25]
11 Essential Control for IT service security are defined by Alfantookh that is called by
11EC. These basic aspects of IT security must be implement by organizations depend on
which big five ISMS standard are used for their IT security model implementation. [r7, p
25]
These 11EC are:
1. Information security policy:
That is an organization strategy method to information security. [r7, p 25]
2. Communication and Operation Management:
In order to decreasing risk and ensuring of correct computing such as operational
functions, controls and well-defined responsibility, organizations need to have a
policy of security that is defined by them. [r7, p25 and p26]
3. Access control:
Determine and limit which of personnel’s of an organization can have access to a
specified area and resource of information in physical facility or computer based
information system.
[r7, p26]

126
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

4. Information system acquisition , Development and Maintenance:

The identifications of an integrated process are boundaries and technical
information systems that it start with acquisition, and next step development and
finally is maintenance of information systems.
[r7, p26]
5. Organization of Information Security:
Is a chart that it make’s by organization for implementing information security
such as management commitment to information security, information security
cooperation in two main directions internal organization and external parties. [r7,
p26]
6. Asset Management:
For exact protection of organization properties, it is important to identify,
classify, track and assign ownership company assets, this idea formed asset
management. [r7, p26]
7. Information Security Incident Management:
It is a program that provides for incidents, from a management futuristic, it
consist of identification of resources required for incident handling. Good
incident management prevent future incident. [r7, p26]
8. Business continuity management:
To ensure continuity of operation in abnormal conditions. Plans increase
readiness of companies for quick recovery in the face of adverse events or
conditions, prepare supplements to facilitate functioning. [r7, p26]
9. Human Resource Security:
All employees must be to know their duties, roles and responsibilities for their
job and that access is deleted once employment is terminated. [r7, p26]
10. Physical and environmental Security:
To protect physical facilities and information systems of an organization against
each elements of threat we have to cost proper protection to avoid damage and
unauthorized access to information and systems that these activities must be
quantize and value. [r7, p26]
11. Compliance
Divide to two area; the first area consists of compliance with a lot of laws and
regulations which are the section of the original of every company. The second
area is compliance with information security policies, standards and processes.
[r7, p26]
Table 1-6-1 is shown the big five ISMS standards that related to 11EC of Information
security.

127
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

Table 1-6-1. Features of Big Five of ISMS Standard

2. Control processes:
2-1.Configuration management:
Configuration management (CM) is a systems engineering process for establishing and
maintaining consistency of a product's performance, functional and physical attributes
with its requirements, design and operational information throughout its life. The CM
process is widely used by military engineering organizations to manage complex systems,
such as weapon systems, vehicles, and information systems. Outside the military, the CM
process is also used with IT service management as defined by ITIL, resp. ISO/IEC
20000, and with other domain models in the civil engineering and other industrial
engineering segments such as roads, bridges, canals, dams, and buildings. Another study
deal with supporting distributed collaboration in IT service management. As the fact
practice for IT service management (ITSM) Telecommunications agency (CCTA) with
the matching of UK government in the middle of 1980s is a set of service management in
the world. The next main point in collaboration for ITSM is the expanding the
management process and assessing better performance. The best of our knowledge can be
performed to study of existing processes in order to support distributed collaborative by
focusing on distribution of task, which is aim of this paper to show how management
process work. [r8, p243]
In this part we try to know four operation modes of ITSM:

128
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

1. Fully outsourcing mode :

The core of business focus on outsourced IT services.
2. Self-built mode:
IT service expanding with control over all of IT.
3. Multi-customer mode:
IT industry supplies the measurement services on behalf of multiple customers.
4. Mixed mode:
Deal with some control over part of IT services with its own IT.
[r8, p244]
An enterprise have two scenario options for handle its ITSM, one way is full outsourcing
scenario, in this method a company order all over of its IT services to some service
provider and another is partly outsourcing scenario, just only one or some part of IT
services order to service providers and base core of services in some places that have a
vital and governmental aspect handle by enterprise. As the principle of empowering IT
service, the external service provider must store the IT services as configuration items in
CMDB (configuration management database), and modification these items that can be
viewed by the service users. Configuration management saves configuration items (CIs)
which show such as software, hardware, document and even personnel in enterprise
infrastructure in CMDB. Relationships between CIs are stored in CMDB. For preparing
up-to-date information the CMDB is often nearly integrated with other processes. [r8,
p244]
In order to show the tool implementation there has been developed an IT service
management which called ETTSSP and is shown in the figure 2-1-1: [r8, p246]

Figure 2-1-1: Deployment model of EITSSP

2-2.Change management:
Change management is an IT service management discipline. The objective of change
management in this context is to ensure that standardized methods and procedures are
used for efficient and prompt handling of all changes to control IT infrastructure, in order
to minimize the number and impact of any related incidents upon service. In continue of
the research, we study the change management in construction and IT projects. The
question of how to change in construction projects are defined by many researchers. The
useful design of change models needs a reason for understanding why managing change.
Construction technology has been changed slowly over the years. Present investigation
has been tried to compare change management. There is also import to know reason for
change and change practices. Thus for matching the construction of projects and IT
support services we should match the software projects to our researching. [r9, p767]

129
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

The reason for project change are classified as:

1. Industry contexts:
Focusing of flexibility and has a systematic approach and studies the change which is
deal with IT projects and empirical studies in IT services. [r9, p768]
2. Reasons for changes:
Supporting system for management of construction and distinguish between plan
changes and goal changes. [r9, p768]
3. Dynamics of contractual relationships:
Dynamics of contractual in personal computer industry, study how contracts between
customized programming and hardware producer (for example evolved over a long
time per year period.)[r9, p769]
4. Complexity of the contract
Changing management in contractual relevant can be influenced by particular of
complexity of contract. [r9, p769]
5. Incentive elements:
Studies the influence of different types of contract of incentives. We can’t understand
this influence without an understanding why particular form of contract intensive was
selected. [r9, p770]
6. Capability from specification to negotiation:
It is recognized the background variable that has been taken in to study of changing.
[r9, p770]
Getting data from this researching were collected in 2008,2009 in Sweden with 32
face to face interviews and has been taken nine reason for change that reasons are :
1) Errors
2) Changes in clients core activities
3) Better understanding of client requirement
4) Provider technology
5) Change suggesting to client
6) For IT geotechnical condition
7) Weak communication between
8) Unexpected natural event
9) Unexpected social influences.[r9, p770]
3. Release process:
3-1.Release management process:
The main activities involved in Release Management may be summarized as:
 Establishing a planning policy for the implementation of new versions.
 Developing new versions or buying them from third parties.
 Testing new versions in an environment that simulates the live environment as
closely as possible.
 Validating the new versions.
 Implementing new versions in the live environment.
 Carrying out back-out plans to remove the new version if necessary.
 Updating the DSL (Definitive Software Library), the DHS (Definitive
Hardware Storage) and the CMDB.
 Informing and training customers and users about the functionality of the
newly released version.

130
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

In the part of information and management we study the designing an evaluation

framework for IT service management. The ITSM process in the Information Technology
described lately, so industry has responsibility to ITIL with different companies. The
significant of ITIL are alignment of IT services with current and probability future
business needs, so needed is a holistic and cause to study to work in order to provide the
methodology therefor the goal of paper is to expand practice and holistic evaluation
framework which is needed ITSM improvement efforts. ITSM refers to management
framework, the IBM systems management solution lifecycle and IT service management
reference model. [r10, p219]
The best practice for ITSM developed in 1989 by British government showed in figure 3-
1-1:

Figure 3-1-1: The ITIL framework. [r10, p220]

The research methodology and design research showed in figure 3-1-2 with research
process and outputs.

Figure 3-1-2: The design research process [r10, p222]

4. Resolution processes:
The resolution processes include the incident and problem management processes. These
are standalone processes even if they are closely interlinked. Incident management deals

131
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

with the restoration of the service for the service user. Problem management by contrast
deals with the identification and elimination of root causes in the case of major or repeat
disruptions and therefore ensures a permanent and stable service infrastructure.
4-1.Incident management:
The aim of incident management is to restore the agreed service for the business and
respond to service enquiries as quickly as possible. In order to fulfill the specification
requirements it is necessary to ensure that the incident management is designed as a
reactive and proactive process that responds to error messages. The process must focus
on the restoration of the IT service concerned and consciously not deal with the
identification of the root cause. The incident process (incidents and service requests)
comprises receiving calls, recording, prioritization, taking account of security provisions
as well as following up on the incident processing status. It should also govern the
agreement on fault processing with the customer as well as any escalation procedures. All
incidents must be recorded in such a way as to enable the relevant information to rectify
the error to be ascertained and analyzed.

Introducing a five step method to tune your ITSM processes is the next step of our ITSM
research studies. Recently founded close to 80% of IT service rejections are the process
of failures (about 70%) because the lack of employee skill (10%). Just 20 % of IT service
failures are because of technology such as weak performing of software. [r11, p156]
In this paper we define Dynamic Network Analysis (DNA) with an analytical modeling
technique for better match of employee we needed knowledge, then providing
background information. [r11, p156]
The background information technology service management deal with customers’
perspective of ICT’s contribution to the business rather than technology approach. It is
employed as implementation and management of quality of services that needs business.
[r11, p156]
ISO 20000, the international standard measure ITSM within an organization with
following standard:
1) All service management roles and relationships should be keeping together.
2) Staff competences and training should be reviewed.
3) Top management should be ensured that employees are aware about importance
and relevance of their activities.
[r11, p157]
Methods processing tuning aspect of ITSM is Business Process Modeling (BPM) which
is focus approach for designing document, analyses and tune processes. The aim of
Dynamic Network Analyses address social and organizational challenges and is used
Social Network Analysis (SNA) with goal of using graphs or matrices. SNA is very
powerful for individuals and organizations which focus on networking. [r11, p157]
There are five step method to tune your ITSM processes:
1) Define the process:
For reach the goals of this paper use the descriptive ITIL Incident Management
process. Managing the life cycle of all incidents is a duty of Incident
management process. Rapid returning of ITSM from out of service to ready of
service for subscribers is primary purpose of Incident Management. We have
three critical success factor for the process (1) maintaining IT service quality (2)

132
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

keeping customers satisfaction and (3) resolving incidents event within the
service establishment time. The incident management consist of Incident
identification, Incident logging, Incident categorization, Incident prioritization,
incident diagnosis, Incident escalation (functional escalation, hierarchic
escalation), Investigate and diagnosis, Resolution and recovery, and also
Incident closure. [r11, p (160, 161)]
2) Define the Incident Management Process Roles:
Most common roles for incident management process are: Incident
Management Process Owner, incident Manager, First Line Support
Second Line Support Manager, Second Line Support, Customers, Users and
also third Line Support. [r11, p161]
3) Build a DNA model of process:
It is output of step1 and step2.
4) Analyze the DNA Model:
The importance of this part is output measures from our DNA model which is
relationship between person and roles. So the knowledge role matrices develops
information to answer the question.
[r11, p (161,162)]
5) Suggest improvements to the process:
The results of DNA provide information for management activities to the ITSM
process. [r11, p165]
4-2.Problem management:
The aim of problem management is to minimize the disruption to and impact on the
business by proactively identifying and analyzing the root causes of service incidents and
by managing problems until these are rectified. Problem management must identify the
root causes of the incidents on a reactive basis and proactively prevent incidents
reoccurring. Problems are to be classified as known errors as soon as the root cause of the
incident is known and a solution method for avoiding such incidents has been found. For
incident management to receive an optimum supply of information, all known errors and
IT services affected must be documented and the associated configuration items
identified. Known errors should only be closed once a definitive, successful solution has
been found. Once the root cause has been identified and a decision reached on the
solution, this solution must be dealt with by the change management process. Information
on the progress, potential workarounds or permanent solutions must be sent to all parties
involved. Problem Management is not specified as a Systems Engineering (SE)
regularity. Definition of customer requirements and needed functionality early in
development cycle, documenting needs, and advancing of design synthesis and system
validation while intending the complete problem are focused in SE process. [r12, p275]
The purpose of this paper is to fill the gap in SE process to have a robust problem
management process is in place at the starting of a project’s life cycle. There are two
types of problems: anticipated problems and unplanned events. Anticipated problems are
com off risks which have a 100 % probability of occurring. Unplanned events (sometimes
called issues, non-conformances or anomalies) are unknown or unpredicted problems.
There is no standard to define an approach of problem management or problem
categorization, so in this paper we proposes a Problem Management System Engineering

133
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

based on International Council On System Engineering (INCOSE) risk management

process and NASA program and project management of problems hand book.
In this paper we centralizes on the importance of establishing a problem management
process at the starting of a project to ensure when problems are identified they are
addressed upfront and minimization of related complexities in during of project life cycle
and challenges later on in the SE life cycle .[r12, p276]
Potential problems identification by SE process is specified and also problem
identification led to develop solution using a sequential set of processes. The goal of the
Problem Management process is to specify, report, analyze, expand resolution maps,
evaluation of impacts, and monitor problems as they are specified. [r12, p277]
The incipient goal of the Problem Management process is the primary identification of
problems. To help in identification there are customized problem management processes
available for choose applications. In figure 4-2-1 is shown context diagram of problem
management process in format of INCOSE handbook version. [r12, p278]

Figure 4-2-1: Context diagram of problem management process

In the problem management process we have five type of problems that are:
 Technical problem :
Can happen anytime during the lifecycle of a project .Technical problem
happen when system design can’t to prepare a performance requirement to meet
operability, producibililty, testability, or integration. [r12, p281]
 Schedule problem:
Occur as a result of defeat to get design requirement within the allocated
timeframe, unpredicted safety/environmental issues, unexpected cost overruns,
or an unpredicted programmatic change which happens outside of the projects
control. It can occur anytime during the project’s life cycle. [r12, p282]
 Cost problem:
Occur when existing budget is less than what was budgeted. Cost can be gaged
in man-hours, dollars, euros, or whatever form of currency the project uses to
measure the actual amount of resources needed to run the project. Cost problem
may major reason for project cancellation. [r12, p282]
 Safety/environmental problem:
Safety and environmental problem are evaluated by the problem impact on
human life and impacts to the environment. Many times safety and
environmental problem are connived as a cost saving initiative in order to

134
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

achieve the project off the design board into the production and life cycle
phases. [r12, p282]
 Programmatic problem:
This type of problem by people that have project control and events are
intended and entered into the project risk management programing during the
concept development step of project life cycle. [r12, p282]
In figure 4-2-2, we have shown all steps of the problem management process that are:

Figure 4-2-2: Problem Management process

 Problem planning:
In this step we have tried to confirm and or specify tasks, budget, and needed
resources to establish a problem management process, Planning shall intent
problem management an important tool among the SE and program management
process. [r12, p283]
 Problem identification:
The activity that test each component of the project to specify problems is
problem identification. Their related root causes, start their documentation and
locate the step for successful problem resolution.
[r12, p283]
 Problem Analysis and Assessment:
Problem analysis and assessment have two process step. Problem analysis
consists analyzing the problem and distinguishing the cause and what proactive
phases are needed to correct the problem. Problem assessment obtains the analysis
and values the result and timeliness in a standard context with all of the other
problems the project is currently dealing with.
[r12, p283]
 Problem Handling:

135
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

After problem is identified and evaluated and also full understood, a project
management decision requires to be made on the way to resolve the problem
indeed we need a strategy and method for resolve the problem, this stage of
problem solving known problem handling. Problem handling evolved problem
acceptance, problem avoidance, and problem transference and problem resolution.
[r12, p284]
 Problem Monitoring:
This is an activity that examine continues process to systematically track and
value the performance of problem resolution actions.
 Problem closure:
Problem in below cases are closed:
 Target value is provide to resolution plan.
 It no longer exists.
 There is no longer cost impact to manage.
 The project accepts the problem with no solution
 The project is cancelled.
[r12, p285]
Problem knowledge management is a basically SE requirement. All project document and
records must be seized by project knowledge management process through all steps of
the project life cycle as section of the project information management process.
5. Relationship process:
The relationship processes describe the two aspects of business relationship management
and supplier management. This context focuses to the role of the service provider which
is logically positioned between customer and supplier.
5-1.Business relationship management:
The business relationship management help to understand customers by companies and
finally is led to good relationship between service provider and customer. [ITIL official
website]
Now are going to get the information from a journal about the critical success factors of
business process management.
There has been argued for 40 years about the issue of fitting between organization and
strategy, structure, process, technology for their construction and research. One of the
challenges is business process management (BPM). BPM is employed for the goal of the
paper to analyze and improve activities such as manufacturing, marketing,
communications and other factors of company’s operations. [r13, p125]
Although investment in the area majority of reports almost 60-80% of BPM primary
having been unsuccessful. Identifying CSFs for BPM case specific companies operating
in one country or one industry can be operating in other countries is rarely configured. So
IT investments are usually both the enable and facilitator of changes in BPM projects.
[r13, p126]
The theoretical background in this paper tried to develop a new theory in the existing
field of BPM indeed misunderstanding of BPM often causes social problem that often
cited reasons for BPM Failure. So BPM and its CSFs can be explained with three
theories:
1) Contingency theory.
2) Dynamic capabilities DCS theory.

136
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

3) Task-technology theory.
[r13, p (127,128)]
Protocol was prepared consisting of research questions, methods for data collection and
analysis guidelines. So all interviews, provided business process models and the results
were noted in a case study database. The process were performed between two groups on
the differences of business process and all models were analyzed in cooperation with
bank employee between middle and senior management by external consultant. [r13,
p128]
CSFs based on contingency theory:
1) Strategic alignment: for long term success and develop performance BPM should
be linked to organizational strategy.
2) Level of IT investment: it should be contingent on company’s strategy.
3) Performance measurement: it is for achieving sustainable improvement and new
process should be measured for time, cost, productivity, quality and capital.
4) Level of employee’s specialization: it is important for contingent variable which
is between specialist and generalist employees for joining the activities in each
process.
[r13, p129]
5-2.Supplier management:
Supplier management can be challenges and rewards for organizations. Evaluating a
supply base using a compound approach of discrete choice analysis (DCA) and total cost
of ownership (TCO) can support a company distinguish needful features needed to reduce
the pressure caused by doing business with weakness managed companies. During the
1980s and 1990s, companies understand that their utility would be raised if they have
managed relationship between companies’ information and material flow across
enterprise border. Continued rapid growth supply chain and global economic and also
more complexity supply chain management led to companies not only focused on price
paid for raw materials but they also had to focus on order placement, research and
qualification of suppliers, transportation, receiving, inspection, rejection, replacement,
rework, downtime caused by failure and disposal cost. The pinnacle of all these factors
has led many making companies to centralize their tries on making long-term, more
meaningful relationship with suppliers that profit their firms’ strategy. [r14, p127]
DCA can used to evaluate the relevant weights for price, quality, delivery, flexibility, as
well as many other value-added features though important by departmental management.
When the analysis is completed, we weighted important variable in relate of importance
and finally we totaled them up to 100 percent. [r14, p128]
Today’s fast stepped environment companies are trading with more and more suppliers
that are able to engage them the right product, at the right price, with the right quantity, at
the right place the right time. The top row of supplier taxonomy called Strategic
Suppliers. The second row of supplier taxonomy called preferred suppliers and the final
row of supplier classification called Approved Suppliers. [r14, p129]

By past the time most large making companies begin their lean travel they already may
be buying from thousands of suppliers (supplier a consolidation). Supplier consolidation
is a common rout to ensure the proper coordination and effective supplier management.
To capitalize on the profit of supplier consolidation by approximating and reducing the

137
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

risks, many firms are utilizing a strategy of dual sourcing because in single sourcing was
seen as too risky, so a dual sourcing technique was used. [r14, p129]

After consolidating, making companies must expand and training systems within their
sourcing and buying departments that tier themselves with the company’s purposes to
ensure future success. One such exercise is making a scorecard system for all current
suppliers. The name of this implication reflects a goal to hold score of a collection of
items that help to maintain a balance between short-term and long-term intents: between
financial and non-financial measures, between internal and external performance lagged
and leaded indexes perspectives. [r14, p130]

The main form of strategy has been shown in table 5-2-1 that make clear the action: [r14,
p131]

Table 5-2-1: Standard scorecard template

After performing the DCA and TCO analysis, we made a supplier scorecard (shown in
table 5-2-2) tiring all of perspectives that manufacturer though or believed important in
their suppliers. [r14, p135]

Table 5-2-2: Standard Supplier Scorecard

The supplier rating scale has shown in Table 5-2-3: [r14, p136]

Table 5-2-3: supplier rating scale

As supply chains have become more global, and affirmation has been put on becoming
thinner, companies have started to intend the TCO related with their products. Costs such

138
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

as administration, transportation, and product failure now be factored into the cost of
working in relation with the supplier.
[r14, p137]

Conclusion
In this literature review I have tried to express briefly the resultant and significant of
Information technology management process of strategy roles. Implementation of this
processes in Information Technology as a competitive advantage led to training and
glowering that cause satisfaction to employees and subscribers in an organization.
All frameworks that specified for IT management (as called Best Practice) they just
addressed the first step in IT as a process of an organization but in order to implicate
these frameworks it’s essential that IT managers to have capability to customize them.
Thus requirements of an organization are so beyond and complicated then what exist in a
frame which prepared previously. So to be professional in selection one of the framework
or mixed of them. It is also to customize frameworks for an organization prove the extend
of scale of personal ability of the management position IT department.

References

[1] ISO/IEC 20000-1 Information technology — Service management — Specification

[2] Motta, G., Barroero, T., Galvani, F., & Longo, A. (2011). “IT Service Level Management:
Practices in Large Organizations. Communications, 2011”
[3] Mohammad Kajbaf, Negar Madani, Ali Suzanger, Shirin Nasher, and Mehrdad Kalantarian
ICDS 2011: The Fifth International Conference on Digital Society - “An IT Service Reporting
Framework
[4] Shuguang Liu, Bo Dong, and Yan Sun - International Conference on Education Technology
and Information System (ICETIS 2013) – “An ITIL-Based IT Service Management Model for
Distance Education”.
[5] Magdalena Arcilla, Jose A. Calvo-Manzano, Tomas San Feliu - ScienceDirect Computer
Standards & Interfaces journal -2013– “Building an IT service catalog in a small company as the
main input for the IT Financial management”
[6] M. Lutz, X. Boucher & O. Roustant (2013) –“Methods and applications for IT capacity
decisions: Bringing management frameworks into practice”, Journal of Decision Systems
[7] Heru Susanto, Mohammad Nabil Almunawar and Yong Chee Tuan International Journal of
Electrical & Computer Sciences IJECS-IJENS Vol: 11 No: 05, 2012 “Information Security
Management System Standards: A Comparative Study of the Big Five”.
[8] Wei Yan, Beijun Shen, Delai Chen, 2010 Second International Workshop on Education
Technology and Computer Science. “Supporting Distributed Collaboration in IT Service
Management.”
[9] Jan Bröchner, Ulrika Badenfelt - Automation in Construction journal – 2011- “Changes
and Change management in construction and IT projects”.
[10] Blake McNaughton, Pradeep Ray, Lundy Lewis. 2010 – Information & Management
journal Science direct. “Designing an evaluation framework for IT service management”.

139
Kuwait Chapter of Arabian Journal of Business and Management Review Vol. 3, No.7; March. 2014

[11] Stuart D. Galup & Ronald Dattero (2010) a Five-Step Method to Tune Your ITSM
Processes, information Systems Management, 27:2, 156-167, OI: 10.1080/10580531003685220
[12] Bill A. Olson, Thomas A. Mazzuchi, Shahram Sarkani, and Kevin Forsberg - 2012 in
Wiley OnlineLibrary – “Problem Management Process, Filling the Gap in the Systems
Engineering Processes between the Risk and Opportunity Processes”
[13] Peter Trkman - International Journal of Information Management journal – science direct –
“The critical success factors of business process management”
[14] Sameer Kumar, Anthony C. Clemens and Ethan W. Keller - International Journal of
Productivity and Performance Management Vol. 63 No. 1, 2014pp. 127-138 r Emerald group
Publishing Limited 1741-0401 DOI 10.1108/IJPPM-12-2012-0137- “Supplier management in a
manufacturing environment A strategically focused performance scorecard”

140