Top

previous chapter The Hard Part

next chapter The Edifice

Hint

Swipe to navigate through the chapters of this book

2015 | OriginalPaper | Chapter

6. The Foundation

ITIL and Service Management

Author: Marvin Waschke

Publisher: Apress

Published in: How Clouds Hold IT Together

» Get access to the full version

Abstract

Cloud deployments combine management innovation and technical innovation. They require network bandwidth and connectivity, software that will support flexible and scalable remote operation, and hardware designed for cloud datacenters. Cloud success depends on both technology and management to achieve its goals of technical efficiency and capacity as well as opening new potential for IT-based business. From the view of service management, cloud deployments and even private clouds are form of outsourcings. Clouds must be managed like outsourced services. ITIL guidance on outsourcing applies to clouds. Cloud deployments also require increased cooperation between technical and business specialists in several areas. Cloud deployments, especially SaaS deployments, have generated requirements for rapid incremental releases and have driven evolving software development methodologies that fit well with ITIL continual service improvement.

Please log in to get access to this content

To get access to this content you need the following product:

Computer Science Explorer

Purchase now

I will use the term CIOs to represent all high-level IT decision makers, even though they may have a range of titles and shared responsibilities.

This situation is changing for gamers. At least two systems, Nvidia Grid and Sony PlayStation Now, offer streaming games. Both have some hardware requirements, but they have reduced the requirements for computing and storage capacity on the local device.

In many cases, especially for offshore outsourcing, the remedied inefficiency is cost. This has smudged the reputation of outsourcing, especially when quality is compromised.

For more information on responsibility assignment, see the following: Michael Smith, James Erwin. “Role & Responsibility Charting (RACI).” https://pmicie.org/images/downloads/raci_r_web3_1.pdf . Accessed September, 2015.

Technical and scientific enterprises are the exception. They may use cloud resources for business, but they also use cloud resources on technical projects.

A service contract is a contract to deliver services and sets up the rules both parties will follow such as fees, billing schedules, and hours of operation, and it describes the service to be supplied. A service level agreement specifies thresholds for penalties and incentives for levels of service. The documents overlap, and sometimes a service contract will contain service level agreements, or vice versa. The combined documents should cover all significant aspects of the service. Terms of service are similar to the combined service contract and service-level agreement documents and are commonly used in click-through consumer web sites rather than service contracts and service level agreements, which are typically individually negotiated.

For more information on ISO27001 and its companion standard, ISO2717, see my book Cloud Standards (also from Apress).

SAS-70, Statement on Auditing Standards No. 70: Service Organizations, is an older service organization standard similar to SOC 1. For more detail on SAS 70, see my book Cloud Standards (also from Apress).

AICPA. “Illustrative Type 2 SOC 2 Report with the Criteria in the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM).” April 2014. Accessed May 2014. https://www.aicpa.org/InterestAreas/FRC/AssuranceAdvisoryServices/DownloadableDocuments/SOC2_CSA_CCM_Report.pdf . This is a useful example of what an SOC 2 report could contain.

U.S Department of Health and Human Services. “What You Should Know About OCR HIPAA Privacy Rule Guidance Materials.” Web site. Accessed May 2015. www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/misleadingmarketing.html .

Security best practice separates identity authentication from authorization. Users are authenticated when they supply proof of identity such as a correct password or personal characteristic such as a fingerprint or retinal scan. After authentication, users receive the authorizations they are assigned by the system. Some older systems do not separate authentication from authorization, and users must be given a separate login for each set of privileges they are given.

Federated systems exchange information but remain distinct. SAML is a protocol for sharing access and authorization data between AIM systems.

Craig Larman, Victor R. Basili. “Iterative and Incremental Development: A Brief History.” IEEE Computer Society, Computer 36 (6). pp 47–56. www.craiglarman.com/wiki/downloads/misc/history-of-iterative-larman-and-basili-ieee-computer.pdf . Accessed May 2014. Iterative and incremental development may actually predate waterfall, but waterfall development was held up as the ideal through the end of the 20th century.

The putative beginning for Agile was the Agile Manifesto formulated in 2001. See “The Agile Manifesto.” Agile Alliance, 2001. www.agilealliance.org/the-alliance/the-agile-manifesto/ . Accessed May 2014. Also see “The Twelve Principles of Agile Software.” Agile Alliance, 2001. www.agilealliance.org/the-alliance/the-agile-manifesto/the-twelve-principles-of-agile-software/ . Accessed May 2014. The Twelve Principles reveal more of the details of Agile methodology. However, Agile is based on many principles that were evident in the development community long before 2001.

Programmers sometimes call this practice “tossing the dead rat over the fence.”

Unit tests evaluate individual modules. System tests evaluate groups of modules working together.

I have no knowledge of the healthcare rollout other than what I read in the media. I am only an external observer.

Under-estimating traffic volumes is endemic in the software industry. During every Super Bowl, a few web sites crash from the traffic generated by the ads. You can argue that these are dunderhead mistakes, but perhaps it is misguided modesty in estimating the popularity of a site.

This is an example of the time-honored principle that developers should “eat their own dog food.” In other words, developers should have to use the software that they create. DevOps takes this a step further by suggesting that operations people should also experience the frustrations of developers.

www.ca.com/us/devcenter.aspx

Title

The Foundation

Book

How Clouds Hold IT Together

Print ISBN: 978-1-4302-6166-7

Electronic ISBN: 978-1-4302-6167-4

https://doi.org/10.1007/978-1-4302-6167-4

DOI

https://doi.org/10.1007/978-1-4302-6167-4_6

Author:

Marvin Waschke

Publisher

Apress

Sequence number

Chapter number

Chapter 6

Macmillian Higher Education