COSO, Cobit, ITIL
COSO
- US - COSO.org - Committee of Sponsoring Organisations to the Treadway Commission (established 1985)
- US - COSO2 - ERM.COSO.org
ISACA/Cobit and related
ITIL
In 2010 the original ITIL source was the UK OGC. For commercial deployment it was
here. However, P2P networks carry a good deal of content.
ITIL's scope is essentially IT operations (i.e. it is not focused on development). ISO embraced ITIL v2 as ISO 20000.
ITIL V4
TIL 4 defines four dimensions that should be considered to ensure a holistic approach to service management
- Organizations and people ('people')
- Information and technology ('technology')
- Partners and suppliers ('others')
- Value streams and processes ('processes')
The Service Value System (SVS) represents "how all the components and activities of an organization work together to facilitate value creation". It includes:
- Guiding principles
- Governance
- Service value chain
- Continual improvement
- Practices (34 management practices as "sets of organizational resources designed for performing work or accomplishing an objective")
These 34 ITIL 4 practices are grouped into three categories:
- General management practices (strategy, portfolio, architecture, risk, information security, ...)
- Service management practices (business analysis, service design, service catalog, ...)
- Technical management practices (deployment, infrastructure, software development)
The fact that 'software development' is the last of the 34 services may be interpreted as a sign that ITIL V4 does not position this as its first priority.
The ITIL V3 service lifecycle has been dropped in ITIL 4 and the processes replaced with practices. Many of the ITIL 4 practices clearly correspond to the previous ITIL V3 processes.
ITIL V3
ITIL V3 contains detailed descriptions of 26 ITIL processes, arranged along the service lifecycle.
The ITIL v3 universe is divided into (synthetic view):
- Service Strategy
- SPM - Service Portfolio Management (pipeline, catalogue, retired)
- Demand Management
- Financial Management
- Quality
- Marketing
- BCM
- Service Design
- Service Level Management / Service Catalogue Management / Supplier Management
- Capacity
- Availability & IT Service Continuity
- Information Security Management (tactical aspects)
- Service Transition
- Release & Deployment
- SACM - Service Asset & Configuration Management
- Change Management
- Knowledge Management
- Service Operation
- Problem Management
- Access Management (operational security allocations)
- Request Fulfillment
- Incident Management
- Event Management
- Continuous Service Improvement
The ITIL v2 universe was divided into:
- Service Delivery
- Service Level Management, as spoc for contracting, SLA, SLR, OLA, UC, Service Catalogue
- Availability Management
- Capacity Management
- Financial Management
- IT Service Continuity Management
- Service Support (1 function and 5 processes, its foundation is the CMDB)
- the Service Desk (spoc function) and Incident Management
- Problem Management (from Problem Control to Error Control)
- Change Management ('Request For Change', Change Advisory Board, Forward Schedule of Change)
- Release Management
- Configuration Management
Publications
Software