Observe directly: an ITIL® Guiding Principle

Who are you and what do you do?

My name is Haitham Hamza. I am an Associate Professor of Computer Science and Information Technology at Cairo University. My core specialization is computer and communication networks. I have gained the ITIL® Practitioner, ITIL Expert, and COBIT® Foundation and Assessor Certificates. In addition to my academic work, I serve as the Information Network Unit Manager for Cairo University. I am responsible for planning, designing, deploying, and operating all IT infrastructures and services for the university.

Cairo University, founded on 21 December 1908, is the largest public school in Egypt and the Middle East. It has around:

• 250,000 students;
• 30,000 employees;
• and around 20,000 staff.

The university consists of 25 faculties spread over several campuses across the Giza governorate. Until August 2013, the university IT services were managed autonomously in each faculty with central management of two core services; namely, the internet and the email service. In late 2013 and early 2014, the university established the Centre of Knowledge and Electronic Services (CKES) to serve as the central office for planning and operating all IT services. To ensure scalability, IT services strategic planning and design are centralized and performed by CKES across the university, while operations are performed in a two-stage model, with the local IT team in each faculty serving as the first line support, and the CKES staff as the second line support.

CKES currently has around 70 employees divided among six units:

• Management information systems (MIS)
• Information networks (INFONET)
• Digital library
• CU portal
• E-Learning
• IT training for staff and faculty.

My team, under the information networks unit, consists of 11 engineers and technicians that are responsible for all servers, DNS, hosting services, and typical internet and communication services. The team is responsible for designing and transiting new services related to all the above services. They are also responsible for operating these services for the whole university, and serving as second-line support for any incidents related to the services that are reported by the local IT teams in the 25 faculties.

I started investigating the ITIL framework in 2007 when I first joined as a consultant in the Software Engineering Competence Centre (SECC), which is part of the Information Technology Industry Development Agency (ITIDA). ITIDA is a governmental entity that operates under the Ministry of Communication and Information Technology (MCIT) of Egypt. I was responsible for studying the framework and proposing an approach for promoting the framework in the IT industry in Egypt. In 2009, I started the certification journey by completing ITIL Foundation, ITIL Capability modules, and the MALC certificates. In 2010, I received the ITIL Expert certification. I also developed the ITIL Foundation training material that was accredited by APMG. As an accredited APMG Trainer for ITIL, I delivered the ITIL Foundation training for more than 300 individuals from companies and universities. I have also delivered consultation services for ITIL adoption in more than six large organizations in various IT sectors including education, health, and telecommunication.

Before assuming my position as the Information Network Unit Manager at Cairo University, there was no awareness or adoption of ITIL in the organization. The service lifecycle was ad hoc and no processes were written about or adopted by IT within the organization a whole.

When I assumed my position as INFONET Manager, I found there to be no monitoring for the overall network infrastructure. Moreover, none of the IT employees had an understanding of the core business or what it needed from them. Certainly, none knew or attempted to observe the pattern of business activities in order to understand how to better serve the customer.

We fielded a lot of complaints about the network speed, and it was a regular challenge to explain why it was slow, which was due to the sheer size of the university and its large and diverse customer base. The customers were not happy and university business operations were frequently interrupted. I understood that the problem had two sides; one related to customer expectation and the management of those expectations; the other related to the technical issues and problems which impacted the overall speed. I decided to address both sides and, given my understanding of ITIL, adopted the Best Practices of the ITIL framework to confront this business challenge.

The first set of ITIL processes that I defined and adopted at INFONET of Cairo University included the following:

• Business relationship management (BRM): I realized that the business clearly needed BRM at the university. The business needed IT to talk its language and understand its business objectives, needs and requirements. This process is not always easy to adopt when starting the ITIL journey; however, I capitalized on the fact that I am already part of the customer base as a faculty member. The main objective from this process at the beginning is simply to manage the expectations of our customers, understand their needs, give them the confidence that we, as IT, talk their language and understand their business.
• Service level management (SLM): I selected this process to manage the expectations of our customers and to train the IT staff to respect their customers by striving to deliver everything we promised. The process was adopted with simple definitions and agreement on service levels for all services delivered to customers, enforcing the IT staff to work within this service level agreement, (SLA). Whenever an SLA was violated, I requested the team responsible to analyze why and provide one well-justified recommendation: either to change the SLA or to fix the issue that prevented us from achieving our promised SLA. They now feel ownership for the services they are accountable for, and they strive to improve their performance.
• Service catalogue management: Our customers did not know what they could ask for and, conversely, what they couldn’t ask for. Clearly, knowing the services we provide and who can request them was a good move in managing the customer expectation and improving stratification. Internet connectivity and its related services are now better understood because we articulated them in detail in our catalogue.
• Incident management: The team used to resolve incidents and issues in an ad hoc manner, without any recording or tracing. Mishandling of the priorities of incoming incidents made the service and support inconsistent and confusing to the customer.
• Request fulfilment: To better manage the customer expectation, a formal request fulfilment process was established. It facilitated the way our customers requested their services and, at the same time, freed our IT staff from ambiguous requests from customers.
• Access management: The IT staff did not understand which customer was eligible to receive what service. They worked in a mode of ‘making all customers happy’ by delivering whatever services the customer asked for. I found no trace of a policy or set of rules that defined eligibility for accessing services.
• Event management: This was a fundamental process for confronting the key business challenge of the slowness of the internet. Without knowing where my bandwidth went, I would never be able to plan or manage it. With this simple and logical statement, I convinced the team to adopt a monitoring tool for the network in conjunction with the event management process. The main objective at this point was to understand the dynamics of our network and bandwidth usage and demand so we could better deliver our internet services.

It is worth pointing out that I attempted to adopt the service and asset configuration management (SACM) process in the first batch of processes; however, it did not work. The main reason was the overwhelming size of the infrastructure. This was compounded by the lack of knowledge of the SACM process concepts within the team. They needed to formally learn the process and develop the technical background required to deal with the SACM tools. I decided to postpone adoption until we overcame these challenges, which I’m pleased to say we are now in a position to take on.

These ITIL processes needed to be adapted to fit the scale and nature of Cairo University’s business. ITIL professionals should embrace the adopt and adapt concept to ensure the processes fit the business’s requirement. In our case, we adapted the BRM and the SLM processes to fit the nature of our customers, who are primarily academic staff with diverse backgrounds and preferences. All activities related to service level requirements, identifications and service reporting are adapted to be practical for implementation. In addition, event management was simplified to fit the scope and current capability of our unit. In particular, activities related to second level correlation, and interfaces with change and problem management, are removed in current adoption.

Naturally, resistance arises when new changes are introduced into the environment. The main resistance I faced during the adoption of ITIL was centred on the event management process, as the team considered the process to be too complicated, with little value on return. From the other side, at the beginning, customers resisted the concept of the service desk and the incident management procedures we put in place. They believed that it was much easier to contact the IT manager or their favoured IT staff member in person to get things done. It took a while for the customer to appreciate that the service desk could be more efficient in resolving their incidents than if they contacted specific individuals or top management.

The main challenge faced in the adoption of ITIL at Cairo University was organization change management. (ITIL Practitioner Guidance discusses organizational change management [OCM], which was not covered in previous ITIL publications). We did not do proper OCM when adopting ITIL. This made the adoption more difficult and slower. We are integrating this aspect now, taking our lead from the publicized AXELOS Guidance, along with other resources that provide more detailed Best Practice on OCM. We also adopted some processes from the CMMI-SVC model. In particular, we adopted processes relating to project management, project monitoring and control, and project planning. These process areas are useful for service design and transition stages as they are a collection of projects which require project management capability. The ITIL framework addresses management issues of projects but not at the depth needed to run intensive transition projects such as those adopted at the scale of Cairo University.

We are proud at INFONET in Cairo University that we set up a full service desk with the above processes and started our second phase of process adoption. I am most proud of being able to detect and proactively act on events that would have adverse impact on our services before they take place by adopting event management. We are happy to see our customers interact with our processes effectively…we made them speak ITIL!

INFONET is now involved in mega-scale IT projects that affect around half a million customers. The scale of these projects requires well-developed and implemented transition and operation processes. We are facing a challenge in adopting and scaling-up change management, release and deployment, service asset configuration management (SACM), and service desk processes. We are re-thinking the model we use to operate services and plan to adopt an integrated tool to run these processes, (change, SACM, and service desk operations).

I believe that ITIL training is fundamental to communicating the vision of ITIL to my team. I have just concluded six full days of training for all my staff, which explained in detail how to manage those processes with the software we use. The team was assigned the task of configuring and implementing those processes.

Several complaints were received from users in several faculties regarding the speed of the internet, emphasizing how low speed hindered their business activities (admin reporting, exams, etc.). The IT network team worked in firefighting mode in an attempt to speed up the internet as much as possible, in order to make their customer/users happy.

When I assumed office as IT manager, I too received such complaints. I asked the network team: “How do you know that the internet is really slow?” They said, “We observe the link speed with the typical monitoring tools.”

I asked them to visit any site that reported complaints and to observe what business activities they were performing. After several visits, we concluded that some sites were running an e-learning application, which meant they were encountering issues magnified by the number of students attending the course and the nature of the course material, (video, audio, high-resolution figures, etc.). Their courses were not sized or planned to run on the campus network.

One of the most important activities in running IT is to directly interact with the customer on the spot and make first-order observations that go beyond the typical IT measurements and analysis tools.

In addition, I found the following key principles very important for successful adoption of ITIL at Cairo University:

• Focus on value: It is crucial that the adoption of ITIL must return value to the customers, even if the value is indirect. This was the key principle I used to get buy-in from my team to adopt event management, SLAs, and the service catalogue. By clearly explaining and demonstrating the value to business, it was clear to them why we should go for the full adoption of these processes.
• Be transparent: At INFONET, we aim for full transparency, both internally with staff and externally with customers. The BRM and SLM processes taught my staff that facing the customer with the fact of what is going on in major incidents, outage, changes, new polices, etc. is the best way to gain support, confidence, and respect. We successfully made ‘be transparent’ one of our core values.
• Keep it simple: There is a misconception that ITIL is designed for large-scale IT organizations who can afford expensive tools and process consultations. We jump-started our ITIL adoption by, at times, simplifying ITIL Best Practice to suit our capacity, resources, and capability. By breaking the barrier to adopting complex processes and tools, the team is better prepared and more tolerant of added complexity as the process scales up and the business becomes more complicated.

Top five ITIL do’s

• Adopt and adapt ITIL utilizing the CSI approach.
• Understand the nine ITIL guiding principles and translate them into your own context in order to guide your ITIL adoption.
• Use the concept of functions to help structure your IT organization and adopt processes more efficiently.
• Adopt the RACI matrix. It has a magical effect.
• Embrace the lifecycle approach even if you will not adopt all the processes. The lifecycle is a mind- set, not only a way to structure and organize the 26 ITIL processes.

AXELOS is a joint venture company, created by the Cabinet Office on behalf of Her Majesty’s Government (HMG) in the United Kingdom and Capita plc to run the Global Best Practice portfolio. It boasts an already enviable track record and an unmatched portfolio of products, including ITIL®, PRINCE2® and RESILIA™. RESILIA is the new Cyber Resilience Best Practice portfolio.

Used in the private, public and voluntary sectors in more than 180 countries worldwide, the Global Best Practice products have long been associated with achievement, heightened standards and truly measurable improved quality.

AXELOS has an ambitious programme of investment for developing innovative solutions and stimulating the growth of a vibrant, open international ecosystem of training, consultancy and examination organizations. Developments to the portfolio also include the launch of PRINCE2 Agile®, the ITIL Practitioner qualification and a professional development programme for practitioners, fully aligned with AXELOS Global Best Practice.

AXELOS, the AXELOS logo, the AXELOS swirl logo, ITIL®, MoP®, M_o_R®, MoV®, MSP®, P3M3®, P3O®, PRINCE2® and PRINCE2 Agile® are registered trade marks of AXELOS Limited. RESILIA is a trade mark of AXELOS Limited.

© Copyright AXELOS Limited 2016.

Reuse of any content in this case study is permitted solely in accordance with the permission terms at https://www.axelos.com/policies/legal/permitted-use-of-white-papers-and-case-studies.

A copy of these terms can be provided on application to AXELOS at [email protected].

Our Case Study series should not be taken as constituting advice of any sort and no liability is accepted for any loss resulting from use of or reliance on its content. While every effort is made to ensure the accuracy and reliability of the information, AXELOS cannot accept responsibility for errors, omissions or inaccuracies. Content, diagrams, logos, and jackets are correct at time of going to press but may be subject to change without notice.

Sourced and published on www.AXELOS.com.