itsm - service operations standard v1 · pdf fileitsm service operations standard 3 1. context...
TRANSCRIPT
![Page 1: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/1.jpg)
NSW Government
IT Service Management – Service
Operations Standard
V1.0
July 2016
ICT & Digital Government Division
Department of Finance, Services & Innovation
Level 23, McKell Building
2-24 Rawson Place
SYDNEY NSW 2000
![Page 2: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/2.jpg)
ITSM Service Operations Standard
2
CONTENTS
1. CONTEXT 3
1.1. Background 3
1.2. Purpose 3
1.3. Scope and application 3
1.4. Policy context 3
1.5. The ICT Services Catalogue 4
2. KEY PRINCIPLES 4
3. REQUIREMENTS 5
3.1. ITSM Service Operations 5
3.2. Service level and complexity 5
3.3. Requirements tables 5
3.3.1 ITSM Service Operations – Use Cases / Scenarios 6
3.4. Elements of this standard 7
3.4.1 ITSM Service Operations requirements 7
3.4.2 Service Management requirements 11
DOCUMENT CONTROL 13
APPENDIX A – ABBREVIATIONS AND DEFINITIONS 14
APPENDIX B – REFERENCES 15
APPENDIX C – STANDARDS 16
Developing technical standards 16
Management and implementation 16
APPENDIX D – Sample Key Performance Indicators 17
![Page 3: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/3.jpg)
ITSM Service Operations Standard
3
1. CONTEXT
1.1. Background
This is a technical standard developed through the NSW ICT Procurement and Technical
Standards Working Group. The standard contains technical and functional requirements that
agencies should consider when procuring IT Service Management (ITSM) Service Operations
solutions.
By defining the necessary and common elements across agencies the standard provides an
opportunity to leverage the buying power of Government as a whole, improve procurement
efficiency and increase interoperability.
1.2. Purpose
The purpose of this standard is to assist NSW Government agencies to develop, procure and
implement ITSM Service Operations solutions and tools, as well as take full advantage of their
benefits. This standard also helps agencies procure in a strategic manner that reflects the NSW
Government’s priorities as outlined in the NSW Government ICT Strategy.
This standard details the issues that need to be considered so each agency can identify the
available options that best suit their business requirements, helping agencies achieve value for
money through cost savings and improved flexibility of service offerings.
1.3. Scope and application
This standard applies to all NSW Government departments, statutory bodies and shared service
providers. It does not apply to state owned corporations, but is recommended for their
adoption.
For the purposes of this standard, ITSM Service Operations is defined as:
To execute activities and processes for effective delivery and support of services at
agreed levels to business users and customers, whilst managing the technology that
supports the services.
This standard sets out service definitions as minimum requirements that vendors must meet to
be able to offer their services through the NSW ICT Services Catalogue. Agencies should
consider any specific operational or regulatory factors that impact their requirements, and
specific requirements they have in addition to those detailed in this standard.
1.4. Policy context
The NSW Government ICT Strategy and Digital + 2016 Final Update set out the Government’s
plan to: build capability across the NSW public sector to deliver better, more customer-focused
services that are available anywhere, anytime; and to derive increased value from the
Government’s annual investment in ICT.
Developing whole of NSW Government ICT technical standards is a key initiative of the NSW
Government ICT Strategy, driven by the ICT Procurement and Technical Standards Working
Group. These standards leverage principles defined in the NSW Government ICT Strategy and
the NSW Government Cloud Policy, and they support the NSW ICT Services Catalogue.
The standards set out service definitions as minimum requirements that vendors must meet to
be able to offer their services through the NSW Services Catalogue. This helps achieve
![Page 4: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/4.jpg)
ITSM Service Operations Standard
4
consistency across service offerings, emphasising a move to as-a-service sourcing strategies in
line with the NSW Government ICT Strategy, and it signals government procurement priorities
to industry.
Solutions should also assist agencies in their alignment with the NSW Government Enterprise
Architecture (NSW GEA), which encompasses all aspects of enterprise architecture activity at
the business, information, application and technology infrastructure layers. The NSW GEA is
about providing direction and practical guidance to accelerate the development of agency EA
capability and enabling a common, intra and inter agency approach to the design of digital
government.
This standard should be applied along with existing NSW Government policies and guidance,
including the NSW Digital Information Security Policy. More information on the process for the
development of standards that populate the ICT Services Catalogue is at Appendix C –
Standards.
1.5. The ICT Services Catalogue
This catalogue provides suppliers with a showcase for their products and services, and an
opportunity to outline how their offerings meet or exceed standard government requirements.
The standards, together with supplier service offerings, help to reduce red tape and duplication
of effort by allowing suppliers to submit service details only once against the standards. The
offerings are then available to all potential buyers, simplifying procurement processes for
government agencies.
Implementing this category management approach will embed common approaches,
technologies and systems to maintain currency, improve interoperability and provide better
value ICT investment across NSW Government.
2. KEY PRINCIPLES
This standard is informed by the following principles:
• End-to-end digital: Service Operations solutions should enable end-to-end digital business
processes and management.
• Control technical diversity: Service Operations solutions should help control technical diversity to
minimise costs associated with maintaining expertise in and connectivity between multiple
processing environments.
• Data security: Meet any applicable requirements of the NSW Digital Information Security Policy
and ISO 27001.
• Technology currency: Solutions should be designed to maintain technology currency for key
systems, and to maintain a pace that aligns with business context and risk profile.
• Facilitating as a service: Service Operations solutions should facilitate the agency transition to as a
service, and ensure agency alignment with broader NSW ICT Strategy.
• Interoperability: Service Operations solutions should meet applicable recognised open standards
across the elements of compute, storage, network, and pre-production and testing.
• Business continuity: Service Operations solutions should meet business continuity requirements,
particularly with transition in and out (see the NSW Digital Information Security Policy and ISO
27031-2011 for more guidance).
![Page 5: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/5.jpg)
ITSM Service Operations Standard
5
3. REQUIREMENTS
3.1. ITSM Service Operations
When considering any aspect of ITSM Service Operations (as defined in this standard) an agency must
consider the Service Management aspects of the service(s) on offer.
The following ITSM Frameworks can be considered when assessing requirements for ITSM Service
Operations:
• ITIL
• IT4IT
• ISO/IEC 20000
• Business Process Framework (eTOM)
• COBIT
• FitSM
• Dev Ops
• Microsoft Operations Framework (MOF)
3.2. Service level and complexity
The following requirements use case tables are separated into three service levels – silver, gold and
platinum, reflecting the complexity of the ITSM Service Operations solution required:
Silver: Offerings that conform to a minimum number of processes of an identified ITSM methodology.
Gold: Offerings that conform to an identified ITSM framework and updated by the solution provider to
reflect changes to the nominated ITSM methodology.
Platinum: Offerings that conform with the NSW Government Standard Business Processes. Solutions to
this level must be able to adapt and change at no extra cost to agencies to the evolving requirements
defined.
3.3. Requirements tables
The following tables set out the recommended business and technical requirements for NSW
Government. They provide a consistent approach for all NSW Government agencies regardless of their
size.
Key to table requirements:
� Required
� Optional, but beneficial
Explanations for each element of the following use cases are provided at section 3.4.
![Page 6: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/6.jpg)
ITSM Service Operations Standard
6
3.3.1 ITSM Service Operations – Use Cases / Scenarios
‘Use cases’ for ITSM Service Operations that are anticipated in agencies are included in the table below. The corresponding requirement sections of this standard are ticked
in the columns.
Use Case / Scenario
ITSM Service Operations
ITSM Service Operations Service Management
Inci
de
nt
Ma
na
ge
me
nt
Pro
ble
m M
an
ag
em
en
t
Re
qu
est
Fu
lfil
me
nt
Acc
ess
Ma
na
ge
me
nt
Fa
cili
tie
s M
an
ag
em
en
t
Ev
en
t M
an
ag
em
en
t
IT O
pe
rati
on
s C
on
tro
l
Ap
pli
cati
on
Ma
na
ge
me
nt
Te
chn
ica
l M
an
ag
em
en
t
Co
mp
lia
nce
wit
h N
SW
Go
ve
rnm
en
t S
tan
da
rd
Bu
sin
ess
pro
cess
es
Se
lf-s
erv
ice
a
dm
inis
tra
tio
n
Fu
ll-s
erv
ice
ad
min
istr
ati
on
Clo
ud
co
mp
lia
nt
ho
stin
g
faci
lity
NS
W G
ov
ern
me
nt
Da
ta C
en
tre
On
sho
re/o
ffsh
ore
ma
na
ge
me
nt
Se
rvic
e l
ev
el
ma
na
ge
me
nt
Mu
lti-
serv
ice
bro
ke
r p
rov
isio
n
Silver � � � � � � � � � - � � � � � � �
Gold � � � � � � � � � - � � � � � � �
Platinum � � � � � � � � � � � � � � � � �
![Page 7: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/7.jpg)
ITSM Service Operations Standard
7
3.4. Elements of this standard
3.4.1 ITSM Service Operations requirements
Generic considerations for ITSM Service operations may include the provision of the following
components. Solutions that should address the overarching Service Operations element are
included in the service requirements below:
Generic Service Operations Requirements Silver Gold Platinum
Dashboard technology (for Gold and Platinum) - � �
Remote control - � �
Workflow or process engine � � � Integration to Configuration Management System
(CMS), incl IT assets (for Gold and Platinum) - � �
Reporting capabilities � � �
(a) Event Management
Event Management monitors all events that occur throughout the ICT environment monitoring
normal events and detecting and escalating exceptions. Solutions that should address the Event
Management element are included in the service requirements below:
Event Management Requirements Silver Gold Platinum
Consolidated view of multi-environments
Support for design/test stages of event configuration - � �
Centralised routing of events - � � Configurable and programmable functionality to
correlate similar/identical events � � �
Integration to Incident management system - � � Open interfaces to accept standard event input and
generation of multiple alerting - � �
Capability to supress or flag events during periods of
scheduled outages - � �
Event escalation/notifications � � �
Event reporting � � �
(b) Incident Management
Incident Management is concerned with the restoration of unexpected degraded/disrupted
services to customers as quickly as possible to minimise business impacts. Solutions that should
address the Incident Management element are included in the service requirements below:
Incident Management Requirements Silver Gold Platinum
Incident creation/re-open, date/time stamp � � �
![Page 8: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/8.jpg)
ITSM Service Operations Standard
8
Incident categorisation, prioritisation, tracking, and
resolution � � �
Automated incident population/escalation/notification � � �
Incident and Service Request fragmentation � � �
Predefined Incident workflow � � �
Incident/Problem linking - � �
Incident parent/child relationship (for major incidents) � � �
Open interfacing to event management tools - � �
Integration to Known Error Database (KEDB) - � �
Incident reporting � � �
(c) Problem Management
Problem Management is concerned with root-cause analysis to determine and then resolve the
cause of incidents, proactive activities to detect and prevent future problems/incidents and have a
known error sub-process to allow improved diagnosis and resolution if further incidents occur.
Solutions that should address the Problem Management element are included in the service
requirements below:
Problem Management Requirements Silver Gold Platinum
Problem
categorisation/prioritisation/tracking/resolution
- � �
Automated Problem escalation/notification - � �
Predefined Problem workflow - � � Problem conversion and integration to Request for
Changes (RFCs)
- � �
Multiple incident matching against problem records - � � Effective Known error database (KEDB) easy storage
and retrieval of data
- � �
Integration of KEDB to incidents and RFC - � �
Problem reporting - � �
(d) Request Fulfilment
Request fulfilment deals with service requests (for smaller/low-risk changes) in a similar but
different process to Incident/Problem issues. Solutions that should address the Request Fulfilment
element are included in the service requirements below:
Request Fulfilment Requirements Silver Gold Platinum
Service Request creation, date/time stamp � � � Service Request categorisation, prioritisation, tracking,
resolution � � �
Automated Service Request population, escalation,
notification � � �
Predefined Service Request workflow � � �
![Page 9: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/9.jpg)
ITSM Service Operations Standard
9
Self Help Service Request configuration including access
control - � �
Service Request billing - � �
Service Request reporting � � �
(e) Access Management
Access (Identity or Rights) management deals with granting authorised users the right to use a
service while preventing non-authorised users from gaining access. Solutions that should address
the Access Management element are included in the service requirements below:
Access Management Requirements Silver Gold Platinum
Directory services technology - � �
Access profiles/service group creation and notifications � � � Access management features in various systems e.g.
operating systems, applications etc � � �
Access audit log � � � Integration to Request Fulfilment and change
management (RFCs) - � �
Access management reporting � � �
(f) Facilities Management
Facilities management is concerned with the physical ICT environment, such as data centres and
similar environments. Solutions that should address the Facilities Management element are
included in the service requirements below:
Facilities Management Requirements Silver Gold Platinum
Building Management (e.g. upkeep, cleaning, waste
disposal, access control) - � �
Equipment hosting � � �
Power management - � � Building management systems (monitoring systems –
smoke/fire detection, water, heating/cooling) � � �
Safety requirements – compliance/policies � � � Physical access control – detect and manage
unauthorised access � � �
Shipping and receiving of goods in and out of building - � �
(g) IT Operations Control
IT operations control deals with the provision of centralised monitoring and control activities to
ensure routine operational tasks are performed efficiently. Solutions that should address the IT
Operations Control element are included in the service requirements below:
IT Operations Control Requirements Silver Gold Platinum
Desktop and Mobile device support - � �
![Page 10: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/10.jpg)
ITSM Service Operations Standard
10
Application Operation � � �
Backup and restore � � �
Storage and archive � � �
Directory Services management - � �
Internet/Web management - � �
Print and output management - � �
Database management - � �
Network management � � �
Middleware management - � �
Server/mainframe management - � � Integration with Service Design/Service Transition/
Continual Service Improvement - � �
(h) Application Management
Application management is responsible for management of applications throughout their lifecycle.
Solutions that should address the Application Management element are included in the service
requirements below:
Application Management Requirements Silver Gold Platinum
Application requirements (functional, manageability,
usability, architectural, interface and service level
requirements)
� � �
Application design/build/testing � � �
Application deployment � � �
Application optimization - � � Integration with other ITSM modules (Service
Strategy/Design/Transition/Operation and Continual
Service Improvement
- � �
(i) Technical Management
Technical management deals with the detailed technical skills and resources required to support
the ongoing operations of the ICT environment. Solutions that should address the Technical
Management element are included in the service requirements below:
Technical Management Requirements Silver Gold Platinum
IT Resource management � � �
Technical documentation � � �
Design and delivery of training � � �
Infrastructure maintenance (patch management) � � �
Compliance management - � �
IT Vendor management - � �
![Page 11: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/11.jpg)
ITSM Service Operations Standard
11
3.4.2 Service Management requirements
(j) Compliance with NSW Government Standard Business Process
Solutions that wish to comply with this element (for Platinum services) must accept full and
ongoing compliance with the current version(s) of the NSW Government Standard Business
Processes. To be endorsed against this element, suppliers must meet the following requirements:
Compliance with NSW Government Standard Business Processes Silver Gold Platinum
The supplier’s solution meet all requirements in the appropriate
standard(s), related materials and process artefacts as defined
within the NSW Government Standard Government Processes - - �
Sign a legal contract under the ProcureIT framework related to the
appropriate standard(s) - - �
Pay for cost of on-going (annual) certification against the relevant
standard(s) - - �
(k) Self-service administration
The ability to automatically provision and de-provision for all agency resources within the system,
together with other appropriate administration and management tasks that can be delegated
from the service provider that do not impinge on the solution being provided to other customers.
(l) Full-service administration
All provisioning, de-provisioning, together with all other administration and management tasks
required to operate the environment, are provided as part of the service offering. The only
exception will be service management of the provider which remains the sole responsibility of the
initiating agency.
(m) Cloud compliant hosting facility
All relevant cloud services for the solution may be provisioned from a compliant hosting facility. A
compliant hosting is defined as having the following attributes and/or capabilities:
• The location of the hosting facility must be identified either by name and/or location (city
and country) in any response.
• The hosting location cannot be changed without first informing the agency concerned.
• The service provider undertakes, maintains and provides access to SSAE 16 Service
Organization Control (SOC) Type II reports (or equivalent) for the services and facilities in
scope for the engagement.
• The hosting facility must comply with minimum Tier 3, as defined by the Uptime Institute,
ANSI TIA-942, or an equivalent industry standard.
• The hosting facility must be certified against ISO 27001; compliance with the following
international standards is desirable:
o ISO 9001
o ISO 27002
o ISO 20000-1:2011
o ISO 14001
Other desirable certifications may include, but are not limited to:
![Page 12: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/12.jpg)
ITSM Service Operations Standard
12
o PCI-DSS v3.0 or later
o Australian Signals Directorate
o ASIO-T4
o Uptime Institute
o CSA
Also consider contractual obligations relating to the service provider allowing security assessments
and treatment of outcomes as agreed with the client.
If the hosting facilities changes to a location that is deemed unacceptable either to NSW
Government or to the agency and/or loses attributes and/or capabilities identified above, the
agency may need to consider termination of services.
(n) NSW Government Data Centre
All relevant services for the solution may be provisioned from one or both NSW Government Data
Centre(s) (GovDC). Depending on the service offering and agency requirements, it may be possible
to ‘burst’ some elements of services to other location(s), subject to agreement with the
commissioning agency.
Burst data centres must be deemed ‘compliant’. If the ‘burst’ data centre facilities change to a
location that is deemed unacceptable either to NSW Government or to the agency, the agency may
need to re-examine the ‘burst’ service or the full service.
(o) Onshore/offshore management
All solution providers must be able to articulate where their services will be provided from,
including any remote support services.
For example, with a ‘follow the sun’ support model:
• the locations of each of their support sites around the globe need to be identified
• any changes to these need to be communicated to the customer agency promptly
• if this causes issues, the agency has the right to cancel the service with appropriate notification.
(p) Service level management
Agencies will retain ultimate responsibility for service level management in any solutions
engagement which would ordinarily be covered by a Service Level Agreement (SLA). Agencies,
service-brokers and solution providers need to agree all SLA reporting and other related activities
as part of any transition-in process.
(q) Multi-service broker provision
Any solution provider must work within the confines of a multi-service provider environment
where either the agency or nominated provider will perform broker service provision. This will be
defined as one provider being made accountable for the provision of all associated services,
whether these are provided by the provider itself, or other third-party providers.
![Page 13: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/13.jpg)
ITSM Service Operations Standard
13
DOCUMENT CONTROL
Document history
Status: Released
Version: 1.0
Approved by: Executive Director, ICT Policy & Innovation
Approved on: 28 July 2016
Issued by: IDG Policy and Innovation, ICT & Digital Government Division, Department of Finance, Services &
Innovation (DFSI)
Contact: IDG Policy and Innovation, ICT & Digital Government Division, Department of Finance, Services &
Innovation (DFSI)
Email: [email protected]
Telephone: (02) 9372 7445
Review
This standard will be reviewed as required.
![Page 14: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/14.jpg)
ITSM Service Operations Standard
14
APPENDIX A – ABBREVIATIONS AND DEFINITIONS
AIIA Australian Information Industry Association
ASD Australian Security Directorate
ASIO Australian Secret Intelligence Organisation
CSA Canadian Standards Association
GovDC Government Data Centre
ICT Information & Communication Technology
ISO/TC International Organization for Standardization / Technical Committee
IT Information Technology
MAM Mobile Application Management
MDM Mobile Device Management
OS Operating System
PCI-DSS Payment Card Industry – Data Security Standard
PTS Procurement & Technical Standards
RTCE Real Time Collaborative Editing
SLA Service Level Agreement
Term Definition
![Page 15: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/15.jpg)
ITSM Service Operations Standard
15
APPENDIX B – REFERENCES Agencies should have regard to the following statutes, NSW Government policies and standards:
• AS/NZS ISO 31000 Risk management – Principles and guidelines
• Electronic Transactions Act 2000
• Government Information (Public Access) Act 2009
• Health Records and Information Privacy Act 2002
• ISO 27031-2011 Information technology – Security techniques – Guidelines for information and
communication technology readiness for business continuity
• ISO 27001 Information technology – Security techniques – Information security management systems
– Requirements
• NIST Definition of Cloud Computing SP800-145
• NSW Government Digital Information Security Policy
• NSW Government Open Data Policy
• NSW Government Cloud Policy
• NSW Government Standard for Data Quality Reporting
• NSW Government ICT Strategy
• NSW Government Digital + 2015 Final Update
• NSW Government Information Classification, Labelling and Handling Guidelines
• NSW Procurement: Small and Medium Enterprises Policy Framework
• Privacy and Personal Information Protection Act 1998
• Public Finance and Audit Act 1983
• Public Interest Disclosures Act 1994
• State Records Act 1998
• TPP 09-05 - Internal Audit and Risk Management Policy for the NSW Public Sector
![Page 16: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/16.jpg)
ITSM Service Operations Standard
16
APPENDIX C – STANDARDS
Developing technical standards
Development of a standard begins with identifying the need for a new standard, which is followed by the
development of the standard in consultation with the industry and experts groups, including the Australian
Information Industry Association (AIIA).
The following diagram outlines the process.
The ICT Procurement and Technical Standards Working Group (PTS Working Group) is chaired by the
Department of Finance, Services & Innovation and includes senior representation from across NSW
Government.
Agencies engage with the PTS Working Group concerning services for inclusion in the ICT Services
Catalogue. This drives the development of technical standards, where none exist. The PTS Working Group
has the leading role in reviewing and endorsing the technical standards developed in response to agencies’
requirements.
The PTS Working Group is supported by two sub-groups responsible for the areas of Telecommunications
and Services and Solutions. The sub-groups are responsible for initial development and review of standards
relating to their areas of responsibility.
Management and implementation
There is scope to modify standards through the NSW Government ICT governance arrangements as
necessary. Standards are designed to add value, augment and be complementary to, other guidance, and
they are continually improved and updated.
This standard does not affect or override the responsibilities of an agency or any employee regarding the
management and disposal of information, data, and assets. Standards in ICT procurement must also
address business requirements for service delivery.
NSW Procurement facilitates the implementation of the standards by applying them to the goods and
services made available through the ICT Services Catalogue.
Need for new or amended standard
identified
Standard developed (Industry/agencies
consulted)
Standard approved and released by PTS
Working Group
Market engagement for services which meet the standard
Services added to Catalogue
Business requirements change
![Page 17: ITSM - Service Operations Standard v1 · PDF fileITSM Service Operations Standard 3 1. CONTEXT 1.1. Background This is a technical standard developed through the NSW ICT Procurement](https://reader034.vdocuments.us/reader034/viewer/2022051723/5ab86e357f8b9aa6018ca641/html5/thumbnails/17.jpg)
ITSM Service Operations Standard
17
APPENDIX D – Sample Key Performance Indicators
Key Performance Indicator
(KPI) Definition
Incident Management
# repeated incidents # repeated Incidents, with known resolution methods.
Incidents resolved remotely # incidents resolved remotely by service desk.
# escalations # escalations for incidents not resolved against agreed resolution time.
# incidents # incidents registered by the service desk grouped into categories.
Average initial response time Average time taken between time user reports incident and time service
desk responds to incident.
Incident resolution time Average time for resolving incident grouped into categories.
First time resolution rate % of incidents resolved by service desk during first call
by categories.
Resolution within SLA Rate of incidents resolved during solution time agreed in SLA grouped by
categories.
Incident resolution effort Average work effort for resolving incidents grouped by categories.
Problem Management
# problems # problems registered by problem management grouped by categories.
Problem resolution time Average time for resolving problems grouped by categories.
# unresolved problem # problems where underlying root cause not known at a particular time.
# incidents per known
problem # reported incidents linked to the same problem after identification.
Time until problem
identification
Average time between first instance of incident and identification of
underlying root cause.
Problem resolution effort Average work effort for resolving problems grouped into categories.