ICT Service Management ICA

Assignment Scenario

Your company sells second hand/used cars from a small showroom in a quiet rural location. There are three other branches varying from 20-300 miles away. You would like to make your branch (the largest and most central) the Head Office. Currently you use paper based forms to track sales and part exchanges of vehicles. You are rapidly running out of storage space for paperwork and find it difficult to stay in touch with customers or follow the work of your sales team. Your company intends to implement the following:

  • A networked solution to incorporate all the offices, which should be able to provide the following: o A booking system for customers to book appointments for servicing vehicles and viewing cars
    • A database for keeping/maintaining customer details
    • A system at Head Office for keeping/maintaining details of the 300 staff members; including performance related data (e.g. number of sales made per month, average sales prices, profits etc.)
    • A system to compare performance metrics between branches, sales staff and across the company as a whole
    • A system for staff to view car stock details with customers in the showrooms
  • Up to date security and backup systems, including CCTV
  • Staff training programme

Key Business Hours:

  • Monday-Friday: 8am – 7pm o Saturday: 10am – 5pm o Sunday: 10am – 4pm

As a result of these planned changes you have been asked to manage the process (as the only ITIL expert in your company). You need to provide:

Part 1 – Risk Assessment (30%)

  • Identify a range of risks based on these significant changes. Make use of a risk matrix and other categorisation methods you have learned.
  • A description of mitigation methods covering the identified risks, including any recommendations you would make to your company.
  • A brief reflection of how your previous experience of undertaking a risk assessment (walk) has enabled you to complete this task.

[Note that each individual team member must include a copy. Your fullparticipation will earn you 5% of the Part 1 marks.]

Part 2 – Service Level Agreement (35%)

A complete Service Level Agreement to be used between the Head Office IT department and outer branches to cover the new services. The SLA should aim to determine a standard minimum level of service delivery across all sites.

The SLA should include all aspects of delivery, and should include (in no particular order):

  • Service Desk Operation
  • Security
  • Disaster Recovery
  • Change Management
    • Software Installation/updates o Hardware installation/updates o Change requests
  • Operational hours
  • Performance Metrics
  • Staff responsibilities o Users
    • Reporting structure
  • Some reference to policies relevant to the company (titles and short paragraph descriptions only) Any other aspects which you feel are relevant

Part 3 – Security Management Poster (35%)

  • An A4 poster (in landscape orientation) demonstrating a flow diagram of how to report a security issue – aimed at all staff within the company. This could be used as part of in-house mandatory information security training but should be self-explanatory and serve as a useful reminder to everyone. It should also incorporate relevant current legislation.
  • For all tasks you are expected to include references where appropriate.
  • You will also need to include a list of assumptions where you have made any, bearing in mind the business strategy and requirements.

Marking Criteria

Part

Criteria

Marks

Part 1

Risk Assessment

70% +

60-69%

50-59%

40-49%

<40%

Excellent work to an extremely high professional standard which covers a large number of conceivable risks. Descriptions are highly detailed and include excellent appropriate mitigation. May exceed expectations at this level. Could be implemented in industry without change.

Very good work to a professional standard which covers a wide range of conceivable risks. Descriptions are detailed and include very good appropriate mitigation. Could be implemented in industry with minor changes.

Good work to a reasonable professional standard which covers a range of conceivable risks. Descriptions are reasonable and include appropriate mitigation. Could be implemented in industry with a few changes.

An attempt has been made to identify the risks but there are some missing and/or they are not appropriate. Descriptions are included but are not always appropriate or lack detail. Could be implemented in industry with more work.

A poor attempt which does not meet the module learning outcomes. It may have missing information or has missed the point.

30%

Part 2

Service Level Agreement

70% +

60-69%

50-59%

Excellent SLA to an extremely high professional standard. Includes excellent metrics and targets. It could be implemented in industry. May exceed expectations at this level.

Very good SLA to a professional standard. Includes good metrics and targets. Could be implemented in industry with some minor adjustments.

Good SLA to a reasonable professional standard. Includes reasonable metrics and targets. It could be implemented in industry with more work.

35%

4

40-49%

An attempt has been made to write an SLA. Metrics and targets have been included but are not clear or have no meaning in this context. The SLA is somewhat vague and needs quite a lot more work.

<40%

A poor attempt which does not meet the module learning outcomes. It may have missing information or has missed the point entirely.

Part 3

Security Management Poster

70% +

60-69%

50-59%

40-49%

<40%

An excellent informative poster which includes an excellent process flow diagram with references. Professional layout and could be published.

A very good poster which includes a very good process flow diagram and references. Layout is neat and it is good enough to publish with minor amendments.

A good poster with a reasonable process flow diagram (may have missing points) and references. There may be some minor errors present. Reasonable layout but needs more work to be publishable.

A poster has been submitted but it lacks detail and the process flow diagram may be too simple or incorrect, or missing. Referencing is present but could be improved. Layout could be improved and it needs more work.

A poor attempt which does not meet the module learning outcomes. It may have missing information or has missed the point entirely.

35%