Presentation is loading. Please wait.

Presentation is loading. Please wait.

Roles and Responsibilities

Published byDorcas Sims Modified over 9 years ago

Similar presentations

Presentation on theme: "Roles and Responsibilities"— Presentation transcript:

1 Roles and Responsibilities
Examples

2 Introduction Standards and Frameworks: Functional Divisions Examples
ISO/IEC 20000 COBIT 5 ITIL® MOF 4 Functional Divisions Examples Defining specific roles and responsibilities can be difficult because organizations are not designed the same. Even when two organizations are using the same framework for service management, their maturity may create additional roles not specifically mentioned by the framework. Additionally, major frameworks may be similar but not consistent because they are focused on different aspects of service management: for instance, COBIT 5 will delve more into governance-based roles than operational-based roles like MOF4. Despite this difficulty, this presentation is created to present several commonly implemented roles and responsibilities from several major standards and frameworks in IT service management; namely ISO/IEC 20000, COBIT5, ITIL, and Microsoft Operational Framework 4 (MOF4). The roles identified by these frameworks will be divided into functional categories and several roles will be examined to identify key responsibilities. Before moving forward, some words on each of the framework: ISO/IEC is the only available standard for IT service management; therefore, the role requirements for ISO/IEC will always be mentioned. COBIT 5 is an enterprise framework for governance and management of IT; therefore, its roles are primarily concerns with the upper levels of the organizational structure and provides greater insight into the business and technical aspects of IT management. ITIL is a framework for best practices in IT service management and focuses on the stages of the service lifecycle and the relevant service management processes. ITIL has some overlap with all other frameworks. MOF4 is a framework specifically designed for managing Microsoft products and services, but the roles can be easily applied to other platforms. The focus of MOF4 roles are operational in nature and are identified in terms of accountability to the service. Copyright: The Art of Service 2008

3 ISO/IEC 20000 Top Management Management Representative
Business Relationship Manager Supplier Manager Incident Manager Auditor While ISO/IEC is a standard for IT service management, it does not attempt to define too many “must have” roles for a service provider. There are six roles which can be identified within the standard: three are defined in greater detail, while the other three are not (in fact, they are not even given a label by the standard). Copyright: The Art of Service 2008

4 COBIT 5 (Governance Roles)
Board Chief Executive Officer Chief Financial Officer Chief Operating Officer Business Executives Business Process Owners Strategy Executive Committee Steering Committee Project Management Office Value Management Office Chief Risk Officer Chief Information Security Officer Architecture Board Enterprise Risk Committee Head Human Resources Compliance Audit COBIT5, or version 5 of the Control Objectives for Information and Related Technologies, is a business framework designed to allow managers to align and manage control requirements to address technical issues and business risks. The framework identifies 31 processes essential to the governance and management of enterprise IT. For each process, COBIT5 identifies the areas of accountability and authority of several roles within the business and technical spectrum of IT service management. For our purposes, we will relate to the business aspect of IT as governance and very little exploration of these roles will be conducted at this time. This direction does not minimize the importance of the governance; it only recognizes the unique perspective of the COBIT framework. Copyright: The Art of Service 2008

5 COBIT 5 (Management Roles)
Chief Information Officer Head Architect Head Development Head IT Operations Head IT Administration Service Manager Information Security Manager Business Continuity Manager Privacy Officer The technical aspect of COBIT still focuses on the management hierarchy of IT: thus identifying key roles of accountability at the top level. In practice, an IT environment is composed of several architectures, platforms, and technologies with management roles required to manage each according to their specialized requirements; therefore, many of the management roles identified by COBIT are either generic or are intended to be hihg level to drive consistency across the environment. Copyright: The Art of Service 2008

6 ITIL Generic Roles Specific Roles (Strategy) Service Owner
Process Owner Process Manager Process Practitioner Business Strategy Manager IT Steering Group IT Director Business Relationship Manager The Information Technology Infrastructure Library (ITIL) is a set of IT best practices designed in terms of commonly found service management processes. It relies heavily on the implementation of the service lifecycle: a means of relating to a service based on its development from strategy to practical operational state. Many of the roles identified by ITIL are related to specific processes which support the different stages of the service lifecycle. ITIL introduces some key roles which are generic in construct but fulfill specific responsibilities when applied to individual processes. These roles include: Service Owner Process Owner Process Manager Process Practitioner Each of these generic roles will be covered in more detail in later slides. Over the next few slides, different roles called out by ITIL will be identified. It is important to realize that ITIL also identified specific responsibilities to process owner and process manager as the generic role is applied to each of the 26 service management processes supported in ITIL. Copyright: The Art of Service 2008

7 ITIL (cont.) Specific Roles (Design) Specific Roles (Transition)
IT Planner Architect (IT designer) Service Transition Manager Change Initiator Change Authority Configuration Analyst Configuration Librarian Build and Test Environment Manager

8 ITIL (cont.) Specific Roles (Operations) Specific Roles (CSI)
First-line Analyst Second-line Analyst Third-line Analyst Problem Analyst Request Fulfillment Analyst Functional Roles Applicable Reporting Analyst The ITIL operations roles are reliant on the functions of the organization, which are expanded upon by MOF4. In a few slides, we will look at roles from a functional perspective. Copyright: The Art of Service 2008

9 MOF 4 Support Accountability Operations Accountability
Customer Service Representative Incident Resolver Incident Coordinator Problem Analyst Problem Manager Customer Service Manager Operator Administrator Technology Area Manager Monitoring Manager Scheduling Manager Operations Manager Microsoft Operational Framework 4 looks at the development, implementation, management, and improvement of Microsoft products and services from the perspective of different accountabilities. While the responsibilities are platform-based, the roles themselves can be easier aligned with the other frameworks. Often, the MOF4 roles simply show the level of detail required at lower levels of the organizational chart. The next few slides focus on the different roles in 7 accountabilities. MOF4 does not take a process perspective in categorizing roles. Copyright: The Art of Service 2008

10 MOF 4 (cont.) Service Accountability Compliance Accountability
Supplier Manager Portfolio Manager Account Manager Service Level Manager IT Executive Officer IT Manager Risk and Compliance Assurance and Reporting Internal Control Manager Legal IT Policy Manager

11 MOF 4 (cont.) Architecture Accountability Solutions Accountability
Architecture Manager Reliability Manager Architect Solution Manager Program Manager Developer Tester Product Manager User Experience Release Management Operations Experience Test Manager

12 MOF 4 (cont.) Management Accountability IT Executive Officer
IT Manager IT Policy Manager IT Risk and Compliance Manager Assurance and Reporting Change Manager Configuration Administrator

13 Functional Division of Roles
Executive Management IT Management Service Desk IT Operations Management When combining the conceptual divisions of each of the frameworks, a functional model for roles can be established. At the top level is Executive Management, or the business aspect of the company. For ISO/IEC 20000, this is simply referred to as top management. The roles within this general role are expanded further by COBIT. ITIL has a couple of roles assigned in this area, the most prevalent being the IT Steering Committee. MOF4 roles focus more on other functions. IT Management is comprised of a large number of roles related to managing the service management system, service management processes, and the services themselves, but not the operational, non-management staff in the service environment. Many of the roles categorized here have strategic and tactical functions, deal with policy making and compliance, support the design, development, and transition of a service, and produces reports, reviews, and opportunities for improvement. The operational aspect of IT service management can be divided into the remaining functions. The model presented here is used in ITIL to demonstrate the level of complexity in the organization. Essentially, there are two major functions: Service Desk and IT Operations Management. But IT Operations can be further divided into shared functions for all technologies and the individual support areas of each technology or application. More on this separation later. Technical Management Application Management IT Operations Control Facilities Management Copyright: The Art of Service 2008

14 Examples of Roles

15 Slide Format Function Label Other Names Related Processes
Responsibilities Individual roles will be presented based on the most natural functional area they can be found in. The role will be labeled based on one of the frameworks presented in this presentation. If multiple framework have similar roles but use different names, the other labels will be mentioned. Some roles can be directly attributed to a specific process and such associations will be made using the ISO/IEC service management processes. Then the major responsibilities for each role will be provided starting with those responsibilities consistent with more than one framework. Not all roles will be highlighted in the slides: the focus of these examples are to provide the organization with a good foundation for establishing roles and responsibilities within the service environment. Copyright: The Art of Service 2008

16 Top Management (ISO/IEC 20000) Governance Roles (COBIT 5)
Executive Management Top Management (ISO/IEC 20000) Governance Roles (COBIT 5) IT Steering Committee (COBIT 5 and ITIL) The roles of Executive Management will be top management and general governance responsibilities. Copyright: The Art of Service 2008

17 Top Management Responsibilities
Must show evidence of: Commitment to IT service management Establishing scope, policy and objectives for service management Creation, implementation, and maintenance of a service management plan Communicating importance and roles of fulfilling requirements Provisioning resources Conducting management reviews Assessing and managing risks Top Management is a generic encapsulation of the business aspects of the IT service management. When IT is provided internally for a company, top management is relatively far removed from the service environment. With external service providers, the technical knowledge of the executives may allow a greater connection with IT service management issues and solutions. The fundamental responsibilities of top management is to be committed to the best possible IT capabilities and improvements, which includes the creation of a plan and system for managing IT services to support the customer. Many of the activities of top management is the result of strategic planning, or reviewing the state of the service environment against agreed decisions for supporting the business. Copyright: The Art of Service 2008

18 Governance Responsibilities
Must show evidence of compliance by service personnel , suppliers, and end-users to: Standards Regulations Policies Processes Architectures Technologies COBIT5 makes a clear distinction between governance and management; recognizing the need for different activities, structures, and purposes to be defined and maintained. COGIT5 perceives governance as the means of ensuring “stakeholder needs, conditions, and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction though prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives.” Management, on the other hand, will plan, build, run, and monitor “activities in alignment with the direction set by the governance body to achieve the enterprise objectives.” In a simple analogy, management will drive the service to its destination, while governance is the GPS for service management. In practice, executive management and governance bodies, like IT steering committees, will make decisions which need to be assimilated into the service environment. These decisions can be related to choosing standards or technologies to used, establishing policies, determining how to address regulatory requirements, defining the architectures to standardize, or suggesting improvements to services and processes. The extent of their responsibilities is to ensure their decisions are accepted and action taken in the service environment to honor these decisions. To ensure they are effective, evidence must be gathered by the service environment to demonstrate compliance to the various decisions made. Anyone within the service environment may need to show compliance, including the customer and end-user. Copyright: The Art of Service 2008

19 Management Representative (ISO/IEC 20000)
IT Management Management Representative (ISO/IEC 20000) Business Relationship Manager (ISO/IEC 20000) Supplier Manager (ISO/IEC 20000) Management Roles (COBIT 5) Generic Roles (ITIL) Strategy Roles (ITIL) Design Roles (ITIL) CSI Roles (ITIL) Service Accountability (MOF4) Compliance Accountability (MOF4) Architecture Accountability (MOF 5) Management Accountability (MOF4) IT management is an extensive category of activities which range over the majority of the service lifecycle and across multiple accountabilities. Copyright: The Art of Service 2008

20 Process Practitioner Responsibilities include:
Performing one or more activities within a process. Understanding how their role contributes to the deliver of a service and the value to the business and/or customer. Working with stakeholders to ensure contributions are effective Ensuring the inputs, outputs and interfaces for their activities are correct Creating or updating records to show activities The role of process practitioner is sufficiently generic and critical to focus on. Every process has practitioners and every role is a practitioner of a specific process. Though not defined explicitly, top management and governing bodies will create processes which will define, support, and communicate their responsibilities as they interact with the rest of the service organization. Some people may fulfill several roles, mostly because they are participating in multiple processes. Because of this, each person should clear understand their contribution as a practitioner of a process and strive to ensure they understand and fulfill their responsibilities in all situations. According to the ITIL defined responsibilities of a process practitioner, the following should be answered for each role: What activities are performed? What is the contribution for performing these activities? Who are the stakeholders, or who must be satisfied with the contribution? What are the inputs, outputs, and interfaces for each activity? How will a person demonstrate completion of activity? Copyright: The Art of Service 2008

21 Management Representative
Other Names Chief Information Officer IT Executive Officer IT Director Responsibilities include: Ensure requirements are identified, documented, and fulfilled Assigning authorities and responsibilities for service and process lifecycle requirements Ensuring processes are integrated with service management system Ensuring assets are managed according to requirements Reporting performance and compliance to top management The management representative is appointed by top management. This person will already have a position within the service environment and as a result of the appointment, have the authority and responsibilities for the activities listed. While the management representative is a generic term provided by ISO/IEC 20000, other frameworks have similar roles called Chief Information Officer (CIO), IT Executive Officer, or IT Director. The Management Representative is the top level manager of the IT Management function. Their core responsibility is ensuring the decisions made in executive management are assimilated into the service environment and to report to top management on the performance and compliance of the environment in the context of these decisions. Based on the size and complexity of the organization, the responsibilities may be delegated to other managers, but accountability will always fall on the management representative: for instance, a company which has multiple regional offices may have a IT Director for each region responsible for ensuring the compliance of the regional environment, but they must answer to a senior manager who is accountable to the compliance of the entire enterprise. Copyright: The Art of Service 2008

22 Service Owner Responsibilities include:
Ensures services meet customer requirements Establishes communication structures to address service issues and questions Supports the creation of service models and assists in assessing impact of service changes Identifies opportunities for improvement in services Work with process owners during service lifecycle Ensures proper controls, measurements and reporting is in place for service Participate in incident, problem, and change management processes for service. A service owner is accountable to the service being delivered to the customer(s). A service owner is assigned to each service and works closely with the Business Relationship Manager, Service Level Manager, Supplier Manager, and Process Owners to ensure the service is delivered effectively and efficiently to the customer. While the service owner may not directly engage the customer, they are available to answer inquiries and issues related to the service. T service owner also performs this function for questions and issues coming from the service environment. The service owner is a practitioner and stakeholder of every service management process as it applies to the service they represent. Copyright: The Art of Service 2008

23 Process Owner Responsibilities include:
Sponsoring the process and tis performance metrics Defining strategy for the process Assisting with process design Defining and documenting policies and standards. Performing process audits Providing resources to support process activities Ensuring process practitioners have appropriate level of competence Identifying opportunities for improvement The process owner is responsible for the strategy and effectiveness of the specific process they are assigned. While the may not be involved in the execution of the process, they are accountable to the process’ operational success: which may require them to participate in service design, training, resource management, and continual improvement. The process owner role is generic in scope and should be expanded as it is applied to each service management process. Copyright: The Art of Service 2008

24 Process Manager Other names: Responsibilities include: IT Manager
Plan and coordinate all process activities Ensure process activities are performed as required Assign people to process roles Monitoring and reporting on process performance Identifying opportunities for improvement Manages risk and IT value The process manager is an extension of the process owner role and focuses on the operational aspects of the process. Typically, a service provider will have multiple customers and, in this situation, a process owner is responsible for a process as it applies to every customer and the process manager is responsible for how the process applies to an individual customer. Often, the process manager role may be called a different name based on the process. For example: Change Management – Change Manager Availability Management – Availability Manager Incident Management – Incident Manager Business Relationship Management – Business Relationship Manager Supplier Management – Supplier Manager Essentially, the process manager role can be applied to IT manager positions; though not every IT manager will be a process manager, some will focus on managing a technology or service within the service environment. Copyright: The Art of Service 2008

25 Architect Responsibilities include:
Propose solutions based on decisions and standards Design future state of service environment Create a holistic solution for services including: Service solutions for new or changed services Management information systems and tools Technology architectures Service management processes Measurement methods and metrics The Architect is the primary role for aligning technical solutions with business decisions. Typically, each technology or architecture may have an architect who specialized in this area with lead architects who are responsible for bring diverse technologies together. The architect is accountable for designing reliability, dependability, and trust into a given solution. Copyright: The Art of Service 2008

26 Business Relationship Manager
Other names Account Manager Process – Business Relationship Management Responsibilities include: Managing the customer relationship and customer satisfaction Identifies customer requirements on services Works with Service Level Manager to ensure services are delivering on requirements Is primary business contact for customer The Business Relationship Manager role is accountable for ensuring the customer and service managers are working together to deliver services effectively to the customer and to ensure the satisfaction of the customer in these services. They may perform a number of activities outside of the business management process as it relates to handling questions, issues, and complaints in services. Copyright: The Art of Service 2008

27 Supplier Manager Process – Supplier Management
Responsibilities include: Managing the relationship, contract, and performance of a supplier Monitors and reviews supplier performance with supplier Understands and supports the relationships between suppliers Suppliers are external parties who provide some or all of a service on behalf of the service provider. Suppliers must adhere to the service targets set with the customer. The supplier manager works with the service level manager and the supplier to understand and ensure the service requirements on the supplier are understood and fulfilled. Copyright: The Art of Service 2008

28 Service Level Manager Process – Service Level Management
Responsibilities include: Accountable for managing the alignment between the business and IT. Develops and obtain agreement from SLAs, OLAs, and UCs (with supplier manager) Maintains a service catalog Represents the interests of service provider in accordance to customer requirements Works with Business Relationship Manager and Supplier Manager The role of Service Level Manager can be a very complex and powerful one. Essentially, they are responsible for creating an agreement between the customer and the service provider about the function and reliability of the services provided. Given this basic accountability, they can easily touch every aspect of the service environment. An effective service level manager will utilize the knowledge and skills of service owners, process owners, IT managers, business relationship managers and supplier manager; and in doing so, will naturally limit their own power. Copyright: The Art of Service 2008

29 Assurance and Reporting
Other names Reporting Analyst Auditor Process – Service Reporting Responsibilities include: Validates the effective of IT solutions, processes, and controls Reports on performance and compliance of the service environment Recommends improvements Assurance and Reporting represents any role responsible for reporting the current state of the environment against pre-defined standards and targets, thus including any monitoring, auditing, or reporting function with the service provider. Copyright: The Art of Service 2008

30 IT Operations Management
Service Desk Operations Roles (ITIL) Support Accountability (MOF4) IT Operations Management Transition Roles (ITIL) Operations Accountability (MOF4) Solutions Accountability (MOF4)

31 First-Line Analyst Other Names
Customer Service Representative Incident Resolver Incident Coordinator Request Fulfillment Analyst Process - Incident and Service Request Management Responsibilities include: Handles first contact with end-user Records calls (incident or service request) Diagnoses, investigates, and resolves incidents Fulfill service requests The First-Line Analyst refers to the staff of the Service Desk, which is often the single point of contact for the end-user. Typically, a service desk will handle incidents and service requests to the service provider. A First Call Resolution measurement will define how much knowledge and competence the Service Desk must have to resolve incidents and fulfill requests. Anything that the Service Desk cannot handle they will escalate to a second-line analyst. Copyright: The Art of Service 2008

32 Incident Manager Process – Incident and Service Request Management
Responsibilities include: Ensures “major incidents” are managed appropriately and all interested parties are involved in decision-making related to resolving the incident or minimizing the impact of the incident. The Incident Manager is a special role which normally exists when a major incident is occurring. The definition of a major incident must be determined between the customer and the service provider. Since a major incident is commonly associated with a significant level of impact and risk to the business and customer, several considerations must be addressed above the normal incident management process, including notifying the customer or engaging multiple technical areas to collaborate in the solution. The Incident Manager finishes their responsibility after a review of the major incident has been conducted and recommendations for improvement have been made. Copyright: The Art of Service 2008

33 Second Line Analyst Other Names Process – Problem Management
Incident Resolver Problem Analyst Operator Administrator Process – Problem Management Requirements include: Resolving escalated incidents and service requests Diagnosing, investigating, and resolving problems Performing operational maintenance duties The Second Line Analyst incorporates every technical person in the service environment who is not assigned to the Service Desk. They perform any task which the Service Desk does not, including proactive activities required to maintain an effective service environment. They are generally identified and groups into different technical areas, including: Mainframe Server Network Storage Database Directory Services Desktop Middleware Internet Applications Facilities Copyright: The Art of Service 2008

34 Moving Forward The example roles were made available to provide a means of starting the development of roles within the organization. Use these examples appropriately as they apply to the processes and technologies adopted by your organization. Copyright: The Art of Service 2008

Download ppt "Roles and Responsibilities"

Similar presentations

Program Management Office (PMO) Design

Program Management Office (PMO) Design
Service Delivery – your ticket to play

Service Delivery – your ticket to play
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
Dr. Julian Lo Consulting Director ITIL v3 Expert

Dr. Julian Lo Consulting Director ITIL v3 Expert
Improving IT Governance Through Formal Change Management

Improving IT Governance Through Formal Change Management
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Managing the Information Technology Resource Jerry N. Luftman

Managing the Information Technology Resource Jerry N. Luftman
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
ECM Project Roles and Responsibilities

ECM Project Roles and Responsibilities
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
Defining Services for Your IT Service Catalog

Defining Services for Your IT Service Catalog
Integrated Process Model - v2

Integrated Process Model - v2
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
QUALITY MANAGEMENT SYSTEM ACCORDING TO ISO

QUALITY MANAGEMENT SYSTEM ACCORDING TO ISO

Similar presentations

Ads by Google