Search Posts

Category: Lifecycle

Continual Service Improvement (ITIL)

Parent Process Reference Framework:  ITIL

Continual Service Improvement

The purpose of the CSI stage of the lifecycle with changing business needs by identifying and implementing improvements to IT services that support business processes. 

The objectives of CSI are to: 

  • Review, analyse, prioritise and make recommendations on improvement opportunities across the entire ITSM lifecycle phases – strategy, design, transition and operations 
  • Review and analyse service level achievement 
  • Identify and implement specific activities to IT service quality and improve the efficiency and effectiveness of the enabling processes 
  • Improve cost effectiveness of delivering IT services 
  • Ensure applicable quality management methods are used to support continual improvement activities 
  • Ensure that processes have clearly defined objectives and measurements that lead to actionable improvements 
  • Understand what to measure, why it is being measured and what the successful outcome should be 

CSI is based on the Plan-Do-Check-Act approach. 

  • What is the vision?  
  • Where are we now?  
  • Where do we want to be?  
  • How do we get there?  
  • Did we get there?  
  • How do we keep up the momentum?  

CSI uses a 7-step process for improvement 

  • Define the objectives. 
  • Determine what to measure. 
  • Collect the data. 
  • Process the data. 
  • Analyze the data. 
  • Present and use the information. 
  • Implement improvement 

Related Frameworks

The intent of CSI can be achieved through any improvement framework like Lean, Six Sigma,  Total Quality Management. 

Continual Service Improvement’s 7-step improvement approach closely aligned with Lean Six Sigma’s  DMAIC process approach. 


SFIA’s  Business Process Improvement skill addresses the requirements of CSI.


ITIL specialist and Masters level certification can be one path way to develop the skills in Continual Service Improvement. In addition, Lean Six Sigma certification can be considered to specialise in CSI.

ITIL Training and Certification

Supplier Management

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

Supplier Management

The supplier management process ensures that suppliers and the services they provide are managed to support IT service targets and business expectations.  

It is essential that supplier management processes and planning are involved in all stages of the service lifecycle. 

The main objectives of the supplier management process are to: 

  • Obtain value for money from suppliers and contracts 
  • Ensure that contracts with suppliers are aligned to business needs 
  • Manage relationship with suppliers 
  • Manage supplier performance 
  • Negotiate and agree contracts with suppliers and manage them though their lifecycle 
  • Maintain a supplier policy and supporting supplier and contract management information system (SCIMS) 


Certification and Training

ITIL Training and Certification

Information Security Management

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

Information Security Management

The purpose of the information security management process is to align IT security with business security and ensure that the confidentiality, integrity and availability of the organisation’s assets, information, data and IT services always matches the agreed needs of the business. 

The objectives of Information Security Management are to ensure that:  

  •  Information is observed by or disclosed to only those who have a right to know (confidentiality) 
  •  Information is complete, accurate, and protected against unauthorized modification (integrity) 
  • Information is available and usable when required, and the systems that provide it can appropriately resist attacks and recover from or prevent failures (availability) 
  •  Business transactions, as well as information exchanges between enterprises or with partners, can be trusted (authenticity and non-repudiation 


SFIA Information Security skill:

Certification and Training 

Information Security is a specialised area with different specialisations.

IT Service Continuity Management

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

IT Service Continuity Management

The purpose of the IT service continuity management process is to support the overall Business Continuity Management (BCM) process by ensuring that the IT service provider can always provide minimum agreed business continuity related service levels. To achieve this outcome, business and IT identify and manage the risks. 

The objectives of ITSCM are to: 

  • Produce and maintain a set of IT service continuity plans that support the overall business continuity plans 
  • Ensure that the continuity plans are maintained in line with the changing business impacts and requirements 
  • Conduct regular risk assessment and management exercises 
  • Provide guidance to other areas of business regarding IT service continuity 
  • Ensure that appropriate continuity mechanisms are put in place 
  • Ensure the IT changes are assessed on their impact of service continuity 
  • Negotiate and agree contracts with suppliers for the provision of the necessary recovery capacity 


SFIA Continuity Management addresses the skills requirement for IT Service Continuity Management.


ITIL Training and Certification

Capacity Management

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

Capacity Management

The purpose of Capacity Management process is to ensure that the capacity of IT services and IT infrastructure meet the agreed capacity and performance related requirements. Capacity management should consider both current and future needs of the business and address the capacity needs in a cost effective and timely manner. 

The objectives of capacity management are to: 

  • Produce and maintain an appropriate and up-to-date capacity plan, which reflects the current and future needs of the business 
  • Provide advice and guidance to other areas of the business on capacity and performance related issues 
  • Ensure that service performance achievements meet targets 
  • Assist with the diagnosis and resolution of performance and capacity related incident and problems 
  • Assess the impact of all changes on the capacity plan 
  • Ensure that proactive measures to improve the performance of services are implemented in a cost-effective manner 


SFIA Capacity Management addresses the skills required.


ITIL Training and Certification

Availability Management 

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

Availability Management

The purpose of the availability management process is to ensure that the level of availability delivered in all IT services meets the agreed availability needs and service level targets. Availability management is concerned with meeting both the current and future availability needs of the business. 

The objectives of availability management are to: 

  • Produce and maintain an appropriate and up-to-date availability plan that reflects the current and future needs of the business 
  • Provide advice and guidance to all other areas of the business and IT on all availability related issues 
  • Ensure that service availability achievements meet all their agreed targets by managing services and resources related availability performance 
  • Assist with the diagnosis and resolution of all availability related incidents and problems 
  • Assess the impact of all changes on the availability plan and the availability of all services and resources 
  • Ensure that proactive measures to improve the availability of services implemented 


SFIA skill  Availability Management addresses the skills required.


ITIL Training and Certification

Service Level Management

Parent Process Reference Framework:  ITIL

Parent Lifecycle:  Service Design

Service Level Management (SLM)

The goal of ITIL Service Level Management is to ensure that agreed levels of current IT services are provided, and future services can be delivered within agreed targets. The objectives of Service Level Management are to: 

  • Define, document, agree, monitor, measure, report and review the level of IT services provided 
  • Investigate corrective actions when necessary 
  • maintain good relationships with both business and customers 
  • Ensure that specific and measurable targets are developed for all IT services 
  • Ensure clear and unambiguous expectations of the delivered service levels 
  • Implement proactive measures for service level improvement whenever costs can be justified. 


SFIA skill Service Level Management addresses the skills for SLM. SFIA considers the skill as a senior leadership skill (level 7).


ITIL Training and Certification

Deliver, Service and Support (COBIT)

Parent Process Reference Framework (PRF):  COBIT

01 Manage operations. 
02 Manage service requests and incidents. 
03 Manage problems. 
04 Manage continuity. 
05 Manage security services. 
06 Manage business process controls. 

Manage operations

Co-ordinate and execute the activities and operational procedures required to deliver internal and outsourced IT services, including the execution of pre-defined standard operating procedures and the required monitoring activities.

Deliver IT operational service outcomes as planned.

Manage service requests and incidents

Provide timely and effective response to user requests and resolution of all types of incidents. Restore normal service; record and fulfil user requests; and record, investigate, diagnose, escalate and resolve incidents.

Achieve increased productivity and minimise disruptions through quick resolution of user queries and incidents.

Manage problems

Identify and classify problems and their root causes and provide timely resolution to prevent recurring incidents. Provide recommendations for improvements.

Increase availability, improve service levels, reduce costs, and improve customer convenience and satisfaction by reducing the number of operational problems.

Manage continuity

Establish and maintain a plan to enable the business and IT to respond to incidents and disruptions in order to continue operation of critical business processes and required IT services and maintain availability of information at a level acceptable to the enterprise.

Continue critical business operations and maintain availability of information at a level acceptable to the enterprise in the event of a significant disruption.

Manage security services

Protect enterprise information to maintain the level of information security risk acceptable to the enterprise in accordance with the security policy. Establish and maintain information security roles and access privileges and perform security monitoring.

Minimise the business impact of operational information security vulnerabilities and incidents.

Manage business process controls

Define and maintain appropriate business process controls to ensure that information related to and processed by in-house or outsourced business processes satisfies all relevant information control requirements. Identify the relevant information control requirements and manage and operate adequate controls to ensure that information and information processing satisfy these requirements

Maintain information integrity and the security of information assets handled within business processes in the enterprise or outsourced.

Build, Acquire and Implement (COBIT)

Parent Process Reference Framework (PRF):   COBIT

01 Manage programmes and projects. 
02 Manage requirements definition. 
03 Manage solutions identification and build. 
04 Manage availability and capacity. 
05 Manage organisational change enablement. 
06 Manage changes. 
07 Manage change acceptance and transitioning. 
08 Manage knowledge. 
09 Manage assets. 
10 Manage configuration. 

Manage Programmes and projects

Manage all programmes and projects from the investment portfolio in alignment with enterprise strategy and in a co-ordinated way. Initiate, plan, control, and execute programmes and projects, and close with a post-implementation review.

Realise business benefits and reduce the risk of unexpected delays, costs and value erosion by improving communications to and involvement of business and end users, ensuring the value and quality of project deliverables and maximising their contribution to the investment and services portfolio.

Manage requirements definition

Identify solutions and analyse requirements before acquisition or creation to ensure that they are in line with enterprise strategic requirements covering business processes, applications, information/data, infrastructure and services. Co-ordinate with affected stakeholders the review of feasible options including relative costs and benefits, risk analysis, and approval of requirements and proposed solutions.

Create feasible optimal solutions that meet enterprise needs while minimising risk.

Manage solutions identification and build

Establish and maintain identified solutions in line with enterprise requirements covering design, development, procurement/sourcing and partnering with suppliers/vendors. Manage configuration, test preparation, testing, requirements management and maintenance of business processes, applications, information/data, infrastructure and services.

Establish timely and cost-effective solutions capable of supporting enterprise strategic and operational objectives.

Manage availability and capacity

Balance current and future needs for availability, performance and capacity with cost-effective service provision. Include assessment of current capabilities, forecasting of future needs based on business requirements, analysis of business impacts, and assessment of risk to plan and implement actions to meet the identified requirements.

Maintain service availability, efficient management of resources, and optimisation of system performance through prediction of future performance and capacity requirements.

Manage Organisational Change Management

Maximise the likelihood of successfully implementing sustainable enterprise wide organisational change quickly and with reduced risk, covering the complete life cycle of the change and all affected stakeholders in the business and IT.

Prepare and commit stakeholders for business change and reduce the risk of failure.

Manage Changes

Manage all changes in a controlled manner, including standard changes and emergency maintenance relating to business processes, applications and infrastructure. This includes change standards and procedures, impact assessment, prioritisation and authorisation, emergency changes, tracking, reporting, closure and documentation.

Enable fast and reliable delivery of change to the business and mitigation of the risk of negatively impacting the stability or integrity of the changed environment.

Manage Change acceptance and transitioning

Formally accept and make operational new solutions, including implementation planning, system and data conversion, acceptance testing, communication, release preparation, promotion to production of new or changed business processes and IT services, early production support, and a post-implementation review.

Implement solutions safely and in line with the agreed-on expectations and outcomes.

Manage knowledge

Maintain the availability of relevant, current, validated and reliable knowledge to support all process activities and to facilitate decision making. Plan for the identification, gathering, organising, maintaining, use and retirement of knowledge.

Provide the knowledge required to support all staff in their work activities and for informed decision making and enhanced productivity.

Manage assets

Manage IT assets through their life cycle to make sure that their use delivers value at optimal cost, they remain operational (fit for purpose), they are accounted for and physically protected, and those assets that are critical to support service capability are reliable and available. Manage software licences to ensure that the optimal number are acquired, retained and deployed in relation to required business usage, and the software installed is in compliance with licence agreements.

Account for all IT assets and optimise the value provided by these assets.

Manage configuration

Define and maintain descriptions and relationships between key resources and capabilities required to deliver IT-enabled services, including collecting configuration information, establishing baselines, verifying and auditing configuration information, and updating the configuration repository.

Provide sufficient information about service assets to enable the service to be effectively managed, assess the impact of changes and deal with service incidents.

Align, Plan and Organise (COBIT)

Parent Process Reference Framework (PRF):  COBIT

Align, Plan and Organise domain of COBIT contains the following processes:

01   Manage the IT management framework. 
02 Manage strategy. 
03 Manage enterprise architecture. 
04 Manage innovation. 
05 Manage portfolio. 
06 Manage budget and costs. 
07 Manage human resources. 
08 Manage relationships. 
09 Manage service agreements. 
10 Manage suppliers. 
11 Manage quality. 
12 Manage risk. 
13 Manage security. 

Manage the IT Management framework

Clarify and maintain the governance of enterprise IT mission and vision. Implement and maintain mechanisms and authorities to manage information and the use of IT in the enterprise in support of governance objectives in line with guiding principles and policies.

Provide a consistent management approach to enable the enterprise governance requirements to be met, covering management processes, organisational structures, roles and responsibilities, reliable and repeatable activities, and skills and competencies.

Related processes:

ISO/IEC 20000 – Context Leadership Planning Support

Manage strategy

Provide a holistic view of the current business and IT environment, the future direction, and the initiatives required to migrate to the desired future environment. Leverage enterprise architecture building blocks and components, including externally provided services and related capabilities to enable nimble, reliable and efficient response to strategic objectives.

Align strategic IT plans with business objectives. Clearly communicate the objectives and associated accountabilities so they are understood by all, with the IT strategic options identified, structured and integrated with the business plans.

Related processes:

Processes under ITIL Service Strategy

Manage Enterprise Architecture

Establish a common architecture consisting of business process, information, data, application and technology architecture layers for effectively and efficiently realising enterprise and IT strategies by creating key models and practices that describe the baseline and target architectures. Define requirements for taxonomy, standards, guidelines, procedures, templates and tools, and provide a linkage for these components. Improve alignment, increase agility, improve quality of information and generate potential cost savings through initiatives such as re-use of building block components.

Represent the different building blocks that make up the enterprise and their inter-relationships as well as the principles guiding their design and evolution over time, enabling a standard, responsive and efficient delivery of operational and strategic objectives.

Related processes/frameworks

ITIL Service Design


Manage Innovation

Maintain an awareness of information technology and related service trends, identify innovation opportunities, and plan how to benefit from innovation in relation to business needs. Analyse what opportunities for business innovation or improvement can be created by emerging technologies, services or IT-enabled business innovation, as well as through existing established technologies and by business and IT process innovation. Influence strategic planning and enterprise architecture decisions.

Achieve competitive advantage, business innovation, and improved operational effectiveness and efficiency by exploiting information technology developments.

Manage portfolio

Execute the strategic direction set for investments in line with the enterprise architecture vision and the desired characteristics of the investment and related services portfolios, and consider the different categories of investments and the resources and funding constraints. Evaluate, prioritise and balance programmes and services, managing demand within resource and funding constraints, based on their alignment with strategic objectives, enterprise worth and risk. Move selected programmes into the active services portfolio for execution. Monitor the performance of the overall portfolio of services and programmes, proposing adjustments as necessary in response to programme and service performance or changing enterprise priorities.

Optimise the performance of the overall portfolio of programmes in response to programme and service performance and changing enterprise priorities and demands.

Related processes:

ITIL Service Portfolio Management

ISO/IEC 20000 – Service Portfolio

Manage budget and costs

Manage the IT-related financial activities in both the business and IT functions, covering budget, cost and benefit management, and prioritisation of spending through the use of formal budgeting practices and a fair and equitable system of allocating costs to the enterprise. Consult stakeholders to identify and control the total costs and benefits within the context of the IT strategic and tactical plans, and initiate corrective action where needed.

Foster partnership between IT and enterprise stakeholders to enable the effective and efficient use of IT-related resources and provide transparency and accountability of the cost and business value of solutions and services. Enable the enterprise to make informed decisions regarding the use of IT solutions and services.

Related processes

ITIL Financial Management

ISO/IEC 20000: Budgeting and Accounting for Services

Manage Human resources

Provide a structured approach to ensure optimal structuring, placement, decision rights and skills of human resources. This includes communicating the defined roles and responsibilities, learning and growth plans, and performance expectations, supported with competent and motivated people.

Optimise human resources capabilities to meet enterprise objectives.

Related processes

ISO/IEC 20000:  Management Context, Leadership, Planning and Support

Manage relationships

Manage the relationship between the business and IT in a formalised and transparent way that ensures a focus on achieving a common and shared goal of successful enterprise outcomes in support of strategic goals and within the constraint of budgets and risk tolerance. Base the relationship on mutual trust, using open and understandable terms and common language and a willingness to take ownership and accountability for key decisions.

Create improved outcomes, increased confidence, trust in IT and effective use of resources.

Related processes:

ITIL Business Relationship Management

Manage Service Agreements

Align IT-enabled services and service levels with enterprise needs and expectations, including identification, specification, design, publishing, agreement, and monitoring of IT services, service levels and performance indicators.

Ensure that IT services and service levels meet current and future enterprise needs.

Related processes

ITIL Service Level Management

ISO/IEC 20000: Service Level Management

Manage Suppliers

Manage IT-related services provided by all types of suppliers to meet enterprise requirements, including the selection of suppliers, management of relationships, management of contracts, and reviewing and monitoring of supplier performance for effectiveness and compliance.

Minimise the risk associated with non-performing suppliers and ensure competitive pricing.

Related processes

ISO/IEC 20000: Supplier Management

ITIL Supplier Management

Manage quality

Define and communicate quality requirements in all processes, procedures and the related enterprise outcomes, including controls, ongoing monitoring, and the use of proven practices and standards in continuous improvement and efficiency efforts.

Ensure consistent delivery of solutions and services to meet the quality requirements of the enterprise and satisfy stakeholder needs.

Related processes

ISO/IEC 20000

Manage Risk

Continually identify, assess and reduce IT-related risk within levels of tolerance set by enterprise executive management.

Integrate the management of IT-related enterprise risk with overall  Enterprise Risk Management (ERM), and balance the costs and benefits of managing IT-related enterprise risk.

Manage Security

Define, operate and monitor a system for information security management.

Keep the impact and occurrence of information security incidents within the enterprise’s risk appetite levels.

Related Processes:

ISO/IEC 20000: Information Security Management

Next Page »