Nowadays, there is an increasing dependence on information and on the systems that provide such information. So, for many organizations, the information and technology that supports them represent the most valuable assets of the company. Research on Information Technology (IT) management practices in many organizations around the world has revealed that most of them are not optimizing their investment on IT. The differentiating factor between those who succeed and those who failed is the participation of management in key IT decisions that must be aligned with the strategic and operational business plans and a proper corporate governance of IT. Corporate governance evaluates and directs the use of IT to support the organization, monitoring its use to achieve plans, and provides guidance to advising, informing or assisting directors, and assuring the compliance with laws and regulations. Some frameworks and models have been developed related to the governance and service management of IT. ITIL® (Information Technology Infrastructure Library) is the most used and extended model related to IT service management. The purpose of this chapter is to describe briefly the main phases and processes related to the ITIL® service lifecycle, detailed information related to the information security management process, and the qualifying system for IT Service Management with ITIL®.
TopIntroduction
ICT (Information and Communications Technologies) are present in any organization. There’s no need to be in contact with technological environments to see how in these days we all use technology. If we go to a hospital we can see many electronic devices, or systems that improve our lives or that help us in our work. And the same occurs for public administrations or private organizations.
This means that there are organizations that, without a technological base, have a lot of technology available and, in many cases, they are not able to take full advantage of it, or they simply need people or more powerful tools to help them in their day to day with the technologies they use regularly.
In the past, it was a common practice to consider the role of IT (Information Technology) in an organization as a mere supporting one. Currently, most investment in infrastructure and new IT applications are related to business lines and functions of the organization. Therefore, the CEOs (Chief Executive Officer) and CIOs (Chief Information Officer) are increasingly feeling the need to enhance the relationship between IT and business. But how can be addressed this strategic challenge? The key issues are:
- •
Is there a framework to help business and technology leaders in their effort to change the role of IT and reduce the gap between IT and the business that it must sustain and support?
- •
What are the responsibilities at the managerial and management levels?
A key element for the success and survival of any organization is the effective management of its information and related IT. In this global society (where information travels through the “cyberspace” without the constraints of time, distance and speed) this criticality arises from:
- •
The increasing dependence on information and on the systems that provide such information.
- •
The increasing vulnerability due to a wide spectrum of threats, such as the “cyber” and information warfare.
- •
The cost of current and future investments on information and IT.
- •
The potential of technologies to dramatically change organizations and business practices, creating new opportunities and reducing costs.
For many organizations, the information and technology that supports them represent the most valuable assets of the company. Moreover, in our current competitive and rapidly changing environment, the government has increased its expectations regarding the delivery of IT services. Therefore, the government requires services which help to increase the quality, functionality and ease of use of services, as well as a continuous improvement and a reduction in delivery time, while demanding that this be done at a lower cost.
It is necessary a change in the role of IT to obtain the most efficiency from an IT investment and to use technology as a competitive weapon. Thus, IT attitude related to business changes from being merely reactive to proactive, anticipating the needs of the organization.
Research on IT management practices in hundreds of companies around the world has revealed that most organizations are not optimizing their investment on IT. The differentiating factor between those who succeed and those who failed is the participation of management in key IT decisions. Proper management participation in these decisions provides real value to IT investments while serving to prevent IT-related disasters. It must be distinguished between strategic and operational decisions and these decisions must be aligned with the strategic and operational plans of the business.
If IT is to be managed like a business within the business, the concept of government (a process that helps management to achieve their goals) also applies to IT management. In many organizations, IT is critical to maintain and make grow the business. As a result, management needs to understand the strategic importance of IT and should have in their agenda the IT governance. The main objective of IT governance is to understand the issues and the strategic importance of IT to enable the organization to maintain its operations and implement the necessary strategies to manage its projects and future activities in an appropriate way.