Before getting anywhere close to discussing the concept of service level agreements (SLAs) in IT service management (ITSM), there is one time-worn debate to straighten out.
Some might consider the debate was settled long ago, but it’s still worth reiterating that IT and ITSM are an integral part of a business. They are not disconnected from the enterprise, somehow looking on from the side lines with their own isolated purpose.
Once that symbiotic relationship between IT and “the business” is recognised and understood, the necessity of SLAs – to define and agree measureable service targets for what ITSM provides to its customers – makes complete sense.
Effective SLAs are founded on a clear comprehension of the outcomes the business wants from ITSM.
Identifying these relies on service managers discussing outcomes with their various customers and tailoring the associated services to fit around them. But no SLA can be set up without the tacit understanding, commitment and agreement of the business.
Some of the areas where service levels need to be stipulated might involve looking at capacity and demand management, when the critical/peak and off-peak times are in the business cycle and creating an ITSM process for what’s needed in those situations.
For example, if a company’s payroll system runs on the final Friday of every month, that is a critically important point when IT service levels can’t afford to be less than superlative.
But if ITSM is providing an essential service to meet business outcomes, shouldn’t the expectations of the business always be satisfied?
If 100 per cent availability of an IT system is needed, that can be guaranteed if you can afford to have countless ITSM professionals poised, waiting for something to go wrong.
Clearly, it’s up to the organisation to decide what it needs and therefore has to provide the resources needed in order to achieve that. It becomes a balancing act between the available resource and the desired outcomes, which needs agreement on the key services and levels required.
Once agreement is reached, it’s necessary to specify the measurement criteria and focus on continuous improvement through detailed discussions with customers about what’s gone right and wrong at any point.
The dynamic of SLAs and managing the expectations of ITSM customers is an ongoing negotiation, part of which is about service managers qualifying the value of the services provided.
Only this way can the wider organisation have a clear understanding of the impact of crucial IT systems malfunctioning. This leads to better decisions on what service levels are needed across the organisation and where they’re needed most.
Understanding the business drives to set SLAs
The most effective ITSM – and best practice framework that supports it, such as ITIL – is not just a series of processes and policies: it feeds into the culture and driving factors of a business or organisation.
It seeks to appreciate, for example, the “pinch points” of the enterprise and why it’s a problem if, for example, the email service goes down.
For CIOs, understanding the business drivers begins at the point when business strategy is set and – consequently – how the IT function is going to support that.
Once a service is live – covering any number of functions from accounts to wages – SLAs need to be in place in order that the ITSM support can prioritise its activities.
If a dozen different requests hit the service desk at one time, SLAs should make it clear what’s a business priority and what’s not.
If an SLA is in danger of being missed there are two approaches: either it’s unacceptable and needs addressing to prevent it happening again or there are valid reasons for it and the service manager enters the world of managing expectations.
The business will accept breaches in SLAs if there are valid reasons, as long as proactive, clear and timely communication is undertaken and the customer is aware of the reasons for the breach and where the shift in priority lies at that moment.
But gaining this acceptance is possible only through ITSM professionals building relationships and trust with other business units, which are essential to manage the fall-out from SLAs that breach.
Setting the SLAs and their metrics
Service management should tread carefully when it comes to measurement of SLAs. It’s not advisable to dictate to the business what the metrics are; rather, the business should be allowed to specify what it wants to see.
What the organisation might want to view is how many incidents have happened, how long were the services down and how many were fixed within or outside the terms of the SLA.
Whatever makes sense and is relevant to the business is what service management should be measuring. It’s no good producing endless, impenetrable pie charts and statistics if nobody understands them, however interesting they might be to the ITSM department.
Allocating the right resources
Clearly, it’s vital to fit resources around what’s important to the business or organisation. In its simplest terms if having systems uninterrupted in the afternoons is more important than mornings for a particular department, then there should be more people available on the service desk during that time period.
The problem arises when everyone says afternoons are most critical and need a severity 1 category of response. Enter the service level manager and a discussion about whether it’s possible and the availability of resources that will be affected.
Ultimately, ITSM becomes a truly value-added service when it supports the most essential services in the business value chain; then, and only then, is it perceived to be more than just a cost.
Are ‘flexible SLAs’ a contradiction in terms?
Stuff happens and sometimes the SLA has to bend as a consequence: when a major system goes down or the CIO provides the service desk with an unexpected priority, then it’s unavoidable. Naturally, the service provider has to be conscious that an SLA is being breached.
And when SLAs go “out of the window”, communication is vital to ensure the people affected by this understand why it’s happening. Once again, it’s about managing expectation and, when the dust settles, reviewing what went wrong with the business users affected.
SLAs and best practice frameworks
The processes and procedures enshrined in ITIL are certainly there for a reason, but they are not meaningful in isolation. They need to support the necessities of the business.
A best practice framework underpins the agreed processes but needs to be accompanied by a cultural sensitivity for what will work within the organisation – in essence, the principle of adopt and adapt.
Having a clear and defined process tells you what you need to make a decision on SLAs – you can’t have one without the other. And when combined with the cultural appreciation of the wider enterprise and its priorities, it also gives you the understanding of how to implement them.
Phil Hearsum is ITSM portfolio manager at AXELOS.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.