Information Technology Service Management Processes for Small and Medium Enterprises A Proposal for an Implementation Sequence

DOI : 10.17577/IJERTV6IS060338

Download Full-Text PDF Cite this Publication

  • Open Access
  • Total Downloads : 200
  • Authors : Renato F. Machado, Jose M. A. P. Cestari, Eduardo De F. R. Loures, Eduardo A. P. Santos
  • Paper ID : IJERTV6IS060338
  • Volume & Issue : Volume 06, Issue 06 (June 2017)
  • DOI : http://dx.doi.org/10.17577/IJERTV6IS060338
  • Published (First Online): 21-06-2017
  • ISSN (Online) : 2278-0181
  • Publisher Name : IJERT
  • License: Creative Commons License This work is licensed under a Creative Commons Attribution 4.0 International License

Text Only Version

Information Technology Service Management Processes for Small and Medium Enterprises A Proposal for an Implementation Sequence

Renato F. Machado1,

1 Industrial and Systems Engineering Graduate Program, Pontifical Catholic University of Parana,

Curitiba, Brazil

Eduardo De F. R. Loures1,3,

3 Federal University of Technology Paraná (UTFPR), Curitiba, Brazil.

José M. A. P. Cestari1,2,

2 Undergrad Department, OPET College, Curitiba, Brazil

Eduardo A. P. Santos1,4

4 Business & Administration School, Federal University of Paraná (UFPR), Curitiba, Brazil.

Abstract A survey with CIOs of 167 IT companies revealed that 90% of these organizations have one or more ITSM (IT Service Management) processes implemented. Discussions about the importance of ITSM processes are constantly on the agenda but, although the models, libraries, and references such as ISO 20000 and ITIL are worldly adopted, it is important to remind that they usually contain information of what to do rather than how to do or how to organize an implementation sequence. The challenge is to merge the best practices of these references in an implementable sequence which could be carried out in a shorter period. This paper presents a sequence, derived from a field study and survey of six Brazilian IT service providers, suggesting an order for the implementation of the practices. The proposal sequence presented was chosen as a basis for the service-oriented model of the Brazilian Program for Software Process Improvement (MPS.BR).

Keywords Information Technology Service Management; implementation sequence; process prioritization component.

  1. INTRODUCTION

    Because of the increased reliance on support services and the multiples universes of available technology, service providers struggle to maintain high levels of customer service. Usually, the service providers do not spend adequate time in planning, training, critically analyzing, investigating and working with their customers. According to [1], the result is the failure in using pro-active and structured working practices. The transformation of an IT department focused on technology into an IT service provider focused on the customer (with an internal process structure and defined methodology) can only be assured by service-oriented IT management, as presented in [2]. According to [3], most of this transformation occurred because of the IT service management rules and models found in the market, pointing out that the implementation of international standards, such as ITIL (Information Technology Infrastructure Library), bring benefits to the internal IT organization as well for the external service providers.

    Publications such as ITIL and CobiT (Control Objectives for Information and related Technology) are increasingly in focus and, according to [4], European companies are already widely using ITSM practices. A survey of CIOs of 167 IT

    companies revealed that 90% of these organizations have one or more ITSM processes implemented [4]. The release of CMMI (Capability Maturity Model Integration) for services [5] and ISO/IEC 20000-1 standards [1] reinforced this trend and concerns over the issue.

    The challenge, according to [6], is to merge the best practices of these publications, models, and standards in an implementable sequence, which could be carried out in a shorter period. It is important to remind that the models and other references usually contain information of what to do rather than how to do or which process sequence adopt. In this context, there is an opportunity to purpose and organize a sequence of implementation of ITSM, tailored to small and medium enterprises (SMEs). According to [6], there are important aspects that must be considered regarding Brazilian companies: (i) the Brazilian market for IT services consists primarily of small and medium software and IT service companies; (ii) sequence of process implementation allow the adoption of staggered process, according to the availability of the organization and (iii) the use of a wide group of best practices by SMEs is very difficult.

    This paper presents a sequence, derived from a field study and survey of six Brazilian IT service providers, suggesting an order for the implementation of practices that can guide IT service improvement programs especially for SMEs.

    The section 2 of this paper presents a background regarding some existent models followed by section 3 with the related works. Section 4 exposes the methodology followed by the general results (section 5). Section 6 and 7 exposes, respectively, the consolidated results and the conclusion.

  2. BACKGROUND

    1. ITIL

      ITIL is a framework with best practices related to IT service management. The standards contemplate practices of service management for the various aspects of IT within organizations [7], focusing on dimensions such as strategy, design, transition, operation and continual improvement. The strategy dimension provides a guideline that defines how to project, develop, and implement the management of services in the perspective of

      organizational capacity and strategic assets. The design dimension offers a guideline for the design, development, and improvement of the capacities for the transition to new services or alterations of services already in operation. The transition dimension presents a guide for the development and improvement of the capacities for the transition of new services or the alterations of services already in operation. The operation dimension attempts to incorporate management practices in service operations. Finally, the dimension of continual improvement deals with the inclusion of instrumental guidelines to create and maintain value for clients through improved process and adaptations regarding the business changes.

    2. ISO/IEC 20000

      ISO/IEC 20000 standard consists of five parts under a general title: Information Technology – Service Management. The ISO/IEC 20000-1 specifies for the service provider, the requirements to plan, establish, implement, operate, monitor, revise, maintain, and improve the ITSM. The requisites include the projection, transition, delivery, and improvement of services to meet the requisites previously agreed. The ISO/IEC 20000-2 represents a consensus within the sector concerning quality standards in processes of ITSM and describes the best practices for these processes [1]. The ISO/IEC TR 20000-3 provides orientation, explanations, and recommendations for the definition of scope, applicability, and demonstration of the conformity to ISO/IEC TR 20000-1 using practical examples. The ISO/IEC TR 20000-4 [8] has as its objective the facilitation of the development of a model for the evaluation of the process according to the standard ISO/IEC 15504 [9]. The model of reference of this process, foreseen in this standard, is a logical representation of the elements of the processes for the management of services that can be executed on a basic level. Each process is described in terms of a proposal and its results. The ISO/IEC TR 20000-5 presents an example of a plan of implementation where guidelines are supplied to service providers for them to meet the requirements of ISO/IEC TR 20000-1. It also includes orientations to initiate the project and a list of principal activities to be able to attend each phase in the implementation of ISO/IEC TR 20000-1 [1].

    3. CMMI Services

      The CMMI for Services [5], launched in 2009 and updated in the 1.3 version in November of 2010 is the most recent model of the SEI series. This model concerns the application of pactices for the improvement of processes for companies that provide IT services. The model is a guide for the application of the best CMMI practices in companies that are service providers. The objective of CMMI-SVC, according to [5], is essentially enabling the IT service companies to reach their capacities on their delivery of IT services; and to provide direction to the IT service providers and the necessary steps for its capacity.

      The CMMI-SVC contains 24 process areas. Seven areas of processes are specified for services and focus on management of capacity and availability; continuation of services; service delivery; prevention and resolving of incidents; service transition; development of service systems; processing management strategy for services. Its levels of maturity follow the same structure as CMMI for Software, that is, five levels of maturity: from 1 to 5 (higher maturity).

    4. MPS.BR Services

      The CMMI for Services [5], launched in 2009 and updated in the 1.3 version in November of 2010 is the most recent model of the SEI series. This model concerns the application of practices for the imp

      MPS.BR stands, in Portuguese, for Melhoria de Processo de Software Brasileiro, which can be freely translated to Brazilian Software Process Improvement. MPS.BR is a program created in 2003 by Softex (freely translated from Portuguese to Association for the Promotion of excellence in Brazilian software) [10] to increase the software development capacity in Brazil and as an alternative for the CMMI.

      The first model created by Softex was a reference model called MPS.BR-SW [11], which adopts concepts of international models, standards and worldly adopt best practices for software development and engineering.

      As the Brazilian market is made of a strong industry of IT services providers, quality is a critical success factor for this sector. To have a competitive industry, it is essential that service providers search efficiency and effectiveness of their processes, aiming to supply services according to international quality standards. Because of this scenario, Softex created a service-oriented reference model, called MPS.BR-SV [12]. The model has seven maturity levels (from A to G, being A the highest) and it is based on international standards such as ISO/IEC 20000, ITIL and CMMI-Services.

      According to [10], there are more than 500 assessed (certified) unities in Brazil regarding the software model (MPS.BR-SW) and around four assessments regarding the services maturity model (MPS.BR-SV).

  3. RELATED WORKS

    In [13], there is a definition of maturity model as the implementation of practices of ITIL specifically to define a scale of implementation. The model proposed by the authors provides five levels of maturity, an example of CMMI-SVC, in both the staged and continuous versions.

    Some Brazilian initiatives in the development of models, specifically for ITSM, are restricted to an academic scope. An example is a doctoral thesis [14] where a method was proposed for the creation of the model of IT service management based on existing models. Another research paper related to ITSM can be seen at [15], where the author makes a study of a framework for the optimum practices to the management of services, ITIL and their alignment with the business. The work explores the Enhanced Telecom Operation Map (eTOM), which is a framework of the best practices of service management, specifically for telecommunications. The creation of a framework divided into layers, based on ITIL, which leads to a process to assist in ITSM, is the proposal of a masters dissertation of [16]. The dissertation organizes and defines a framework to conduct the implementation of programs for the improvement of IT services. The proposed framework is based on three layers: (i) Planning and Control; (ii) Service Management and (iii) IT Infrastructure. In [17], a masters dissertation makes an analysis of the implications of the eSourcing Capability Model (eSCM) [18] for its suitability in the context of Brazilian institutions. The eSCM was developed by Information Technology Services Qualification Center (ITSQC), a unit of Carnegie Mellon University, and is related

    to the governance of IT services supply. The paper presents an analysis of the application of the best practices of eSCM in the scope of Brazilian companies.

    The concepts of ISO/15504 were used in a project named Assessment and Improvement Integrated Approach for IT Process (AIDA), afterward altered to Tudors ITSM Process Assessment (TIPA) [19] of the Henri Tudor Public Research Centre in Luxembourg EU. Two models were developed for the evaluation of ITSM processes, the first is a reference model of the processes based on the practices of ITIL, named Process Reference Model (PRM) and the other is a model for the processes of evaluation based on ISO/IEC 15504, named Process Assessment Model (PAM). The TIPA uses an approach from ISO/IEC 15504 to evaluate the execution of ITIL practices. This evaluates the capacity of the process to reach its goals, in the same application molds of ISO/IEC 15504 for software processes, where these are substituted for the practices of ITIL [19].

  4. RESEARCH METHODOLOGY

    The development of this research combines qualitative and quantitative procedures for its implementation, according to the following steps: (i) Understanding of ITSM scenario, specifically regarding to existing publications, models and standards, through literature review; (ii) Selection of the ITSM applicable processes; (iii) Field research to identify the implementation sequence used in the majority of the companies with ITSM processes; (iv) Design of the proposed sequence, including the classification of the proposed processes in each levels, and (v) Submission of the sequence for an evaluation of ITSM experts.

    The semi-structured interview was divided into two parts. The first investigates data about the interview and general information from the company. The second investigates how ITSM process improvement was implemented in the company and the sequence in which the processes were adopted. At the end of the interviews, the interviewees were asked to set up a desirable sequence for the implementation of IT processes suggested by ISO-IEC 20000-1 [1]. Table I shows examples of questions used in the field research.

    TABLE I. EXAMPLES OF QUESTIONS USED IN THE INTERVIEWS.

    Point of Analysis (PAN) Questions

      1. Focus on the implementation of ITSM process improvement programs.

      2. The existence of ITSM processes already implemented in the company.

        What were the primaries focuses for implementation of ITSM improvements? Which processes were implemented?

      3. The sequence of implementation of ITSM processes. What is the sequence of implementation of these processes?

        What was the criterion used to implement this sequence? If it were re-start the implementation, where should begin?

      4. Suggested sequence for implementation of ITSM processes according to ISO 20000.

    Among the processes of ISO/IEC 20000, which would be the sequence that the company thinks most appropriate for implementation?

    1. Theoretical references

      To evaluate and consolidate an acceptable sequence for the processes implementation, it was considered the research of ITIL process implementation from [20], [21], [22] and [7].

      As shown in Table II, Incident and Problem processes would be implemented by first, flowed by Change and SLA

      Table IV shows the implementation sequence of ITIL practices for U.S. and Australian companies [22].

      TABLE IV. IMPLEMENTATION SEQUENCE BASED ON [22]

      # Companies / Processes A B C D E

      (Service Level Agreement) processes on the second and thirty

      positions respectively.

      1 Incident Problem

      Change

      Change SLA Change

      Config.

      Change Incident

      TABLE II. IMPLEMENTATION SEQUENCE BASED ON [20]

      Sequence Processes

      SLA Config. Continuity/

      Incident Problem Config.

      Incident Problem

      Release Incident Problem

      Problem Change

      1. Incident

        Problem

      2. Change

      3 SLA

      Table III shows the implementation sequence of ITIL practices for four Australian companies [21].

      TABLE III. IMPLEMENTATION SEQUENCE BASED ON [21]

      Availability

      Table V shows the sequence based on [13], proposing a maturity model with ITIL practices distributed in three maturity levels.

      TABLE V. IMPLEMENTATION SEQUENCE BASED IN [13]

      Sequence Processes

      1 Incident

      Seq.

      A

      Companies / Proc

      B C

      esses

      D

      2

      SLA

      Problem

      1

      Incident

      Change

      Change

      Incident

      Change

      1. Problem Config. Config. Change / Problem

        Budget

        Continuity & Availability

      2. Config. Problem Incident

        Problem Incident

        Capacity Release

        3 Report

        Information Security

        As a consolidation of the literature review, Table VI shows the distribution of authors preferences regarding the process implementation sequence, generating a sort of ranking sum to define the implementation sequence of these processes.

        TABLE VI. LITERATURE REVIEW VOTES

        Process Number of votes

        by position

        1st

        2nd

        3rd

        Incident Management

        6

        3

        2

        Problem Management

        2

        7

        2

        Service Level Agreement Management

        2

        1

        1

        Change Management

        6

        4

        Budget and Accounting for IT Services

        1

        Continuity and Availability Management

        2

        Capacity Management

        1

        Information Security Management

        1

        Release Management

        2

        Services Reporting

        1

        Configuration Management 1 4 1

        The CMMI-SVC [5] was also used to define the implementation sequence, mainly because it is a maturity model focused on services and brings in its structure a definition of processes in each of the maturity levels. Some CMMI-SVC processes have different names of the ISO/IEC 20000-1 ones, so it was necessary to align the processes before generating a sequence. Table VII shows the process tabulation sequence, defining the CMMI-SVC maturity level 2 as the first sequence, maturity level 3 and 4 as the second and third sequence, respectively.

        TABLE VII. IMPLEMENTATION SEQUENCE BASED ON CMMI-SVC

        Sequence CMMI-SVC Processes

        1. SLA

          Budget Inf.Security Configuration

        2. Incident

      Change

      Continuity & Availability Capacity

      Release Report

      3 Problem

    2. Research field

      For the definition of ITSM implementation sequence, a field study was applied through semi-structured interviews with six SMEs, as shown in Table VIII.

      TABLE VIII. EMPLOYEES PROFILE OF THE COMPANIES

      the Brazilian market; and (v) have implemented, even partially, a process linked to ITSM. All the companies are private with national capital.

    3. Expert opinion

      The expert opinion, according to [24], can be defined as a series of scientific approaches that are employed to interpret data, predict the behavior of a system and assess uncertainties, considering that "current research in software engineering has constantly made use of expert opinion." To evaluate the proposed sequence of implementation, a survey was done with ITSM experts from institutions with broad experience in implementation, training or evaluation of ITIL, ISO/IEC 20000 and CMMI-SVC. Thirteen questionnaires were sent (by e-mail) to evaluate the processes ant its sequences, six of them returned fulfilled.

    4. Conception of the proposed sequence

      The processes, related to ITSM, followed the procedures already defined in the ISO/IEC/20000-1 standard [1]. The purposes and outcomes of these processes were based on ISO/IEC TR 20000-4 [8]. To define the ITSM processes, it was considered the following factors: the procedures and results of processes should be adherents to processes and practices of ISO/IEC TR 20000-4 standard [8], and the procedures and results of processes should be adherents to processes and specific practices of CMMI-SVC [5]. After defining the processes, an implementation sequence was proposed considering the following factors:

      • Results of field study with Brazilian companies;

      • Research results of [20], [21], [22] and [25];

      • The investigation of [13], as an initiative to develop maturity model with the specific practices of ITIL and to present a series of staggered implementation maturity levels; and

      • The distribution of process in the maturity levels of CMMI-SVC [5].

  5. GENERAL RESULTS

    The Points of Analysis (PAN) concept was used for the field study as also adopted in [26]. The PANs were adopted to assess how the data from the field study can help to define the implementation sequence of the processes. The PANs selected were:

      • PAN 1 – The implementation sequence of the companies processes and where it would be initiated if it were necessary to implement again; and

    Company Number of

    Marketplace

    • PAN 2 – Suggested sequence, considering the ITSM

    employees

    A

    10 to 49

    National and international

    B

    10 to 49

    National

    C

    50 to 249

    National and international

    D

    50 to 249

    National and international

    E

    50 to 249

    National

    F 10 to 49 National and international

    The selection was made according to the following criteria:

    1. whether it is micro, small or medium IT company [23]; (ii) provide some type of IT service; (iii) the percentage share of services is over 50% of total company sales; (iv) operations in

      process of ISO/IEC/20000-1 [1].

      To better represent the process, it was necessary to adopt some abbreviations and acronyms. For example:

      • Budget for Budget and Accounting for IT Services

      • Report for Services Reporting

      • Information Security for Information Security Management.

        Some process had their name simplified, such as Incident for Incident Management and other intuitive simplifications. Table IX shows the order of process implementation that each company would adopt in case they would have to start all over

        again. Company A, for example, would begin by the SLA process, followed by the processes of Incident, Problem, Change, Budget and Continuity & Availability, at the sixth position. Table X shows the tabulation considering PAN 2.

        TABLE IX. IMPLEMENTATION SEQUENCE BASED ON COMPANIES ANSWERS FOR PAN 1

        Sequence

        Companies

        A

        B

        C D

        E

        p>F

        Processes

        1

        SLA

        SLA

        Incident Configuration

        SLA

        SLA

        Budget

        Budget

        2

        Incident

        Incident

        Problem Problem

        Capacity

        Incident

        Problem

        Problem

        3

        Problem

        Change Incident

        Incident

        4

        Change

        Configuration SLA

        Problem

        5

        Budget

        SLA

        6

        Continuity &

        Availability

        TABLE X. IMPLEMENTATION SEQUENCE BASED ON SURVEYED COMPANIES FOR PAN 2

        Sequence

        A

        B

        Companies /

        C

        Processes

        D

        E

        F

        1

        Capacity

        SLA

        Incident

        Capacity

        SLA

        Capacity

        Incident

        Problem Configuration

        Continuity & Availability

        SLA

        2

        Release

        Problem

        Report

        Incident

        Capacity

        Problem Incident

        3

        Continuity &

        Budget

        Release

        Problem

        Incident

        Change

        Availability Incident

        Problem

        4

        Change SLA

        Continuity & Availability

        Budget

        Budget

        Problem

        SLA

        5

        Budget Report

        Capacity

        Capacity

        SLA

        Inf.Security

        Inf. Security

        Continuity &

        6

        Inf.Security

        Release

        Avalilability Inf.Security

        Continuity &

        Continuity &

        Report

        Avalilability

        Avalilability

        7

        Change

        Change

        Budget

        Budget

        8

        Report

        Release

        Release

        Release

        9

        Inf.Security

        Report

        Report

        10

        Inf.Security

        TABLE XI. THE SUM OF THE VOTES CONSIDERING PAN 1 AND PAN 2

        Processes Number of votes by position

        1st 2nd 3rd 4th 5th 6th 7th 8th 9th 10th

        Incident Management 3 5 4 – – – – – – –

        Problem Management 1 6 3 2 – – – – – – Service Level Agreement Management 6 – – 3 2 – – – – – Change Management – – 2 2 – – 2 – – – Budget and Accounting for IT Services 2 – 1 3 1 – 2 – – –

        Continuity and Availability Management 1 – 1 1 1 3 – – – – Capacity Management 3 2 – – 2 – – – – – Information Security Management – – – – 2 2 – – 1 1

        Release Management – 1 1 – – 1 – 3 – –

        Services Reporting – 1 – – 1 1 – 1 2 –

        A consolidated data tabulation of the responses of all companies, for PAN 1 and PAN 2, was generated considering each process and its possible implementation sequence. For each case was assigned a sequential number, with 1 being the first process to be implemented, 2 for second and so on, as

        shown in Table XI. Each response was considered as a vote for the position that the process should be introduced. All amounts reported in these two PANs set a consolidated sum that helps the definition sequence of implementation for the processes.

  6. CONSOLIDATED RESULTS AND DISCUSSION For the definition of the implementation sequence, the three

    presented aspects were considered (field study, research from

    other authors and CMMI-SVC). With this consolidated tabulation, it was possible to generate Table XII, which shows the sum of the three aspects, emphasizing the most voted processes in each position.

    TABLE XII. MOST VOTED PROCESS IN EACH POSITION IN THE CONSOLIDATED SUM OF THREE FACTORS

    3rd

    Numbe

    4th

    r of vo

    5th

    tes by p

    6th

    osition

    7th

    8th

    9th

    10th

    7

    6

    2

    1

    3

    2

    2

    2

    2

    1

    3

    1

    2

    Process

    1st 2nd

    Incident Management 9 9

    Problem Management 3 13 Service Level Agreement Management 9 1 Change Management 6 5

    Budget and Accounting for IT Services 3 1

    Continuity and Avalilability Management 1 3 1 1 1 3 – – – – Capacity Management 3 4 – – 2 – – – – – Information Security Management 1 – 1 – 2 2 – – 1 1

    Release Management – 4 1 – – 1

    Service Report – 2 1 – 1 1

    Configuration Management 2 4 1 – – –

    3 – –

    1 2 –

    – –

    The processes of Incident Management and Service Level Agreement Management (SLA) were the most voted for the first position. The Problem Management process had the highest vote for the second position. The process of Change Management was the most voted in the third position, and the Budget and Accounting for IT Services process was the most voted in the fourth position. In fifth place are Capacity Management and Information Security Management processes. In sixth place is the process of Continuity and Availability Management and in seventh place are processes of Release Management, Services Reporting, and Configuration Management.

    Considering the values exposed in Table XII, it is possible to derive the final ranking of processes in each position, as shown in Table XIII.

    TABLE XIII. MOST VOTED PROCESS IN EACH POSITION IN THE CONSOLIDATED SUM OF THREE FACTORS

    Position Process 1st Incident Management

    Service Level Agreement Management 2nd Problem Management

    3rd Change Management

    4th Budget and Accounting for IT Services 5th Information Security Management

    Capacity Management

    6th Continuity and Availability Management 7th Release Management

    Services Reporting

    Configuration Management

    As shown in Table XIII, it seems reasonable that the sequence generated is implementable, given that the processes order follows a logic where the basic processes are implemented first, following by the other processes that are dependent on previous ones. The result presented in Table 13 shows a possible sequence of implementation of ITSM processes more complete than presented in [21] and [22] because this paper considered more ITSM processes involved.

    In [1] and [13] is possible to find processes sequence, but in a small number, which could be difficult to represent the need of the IT service providers. The CMMI-SVC model shows the maturity levels and its set of processes, but there is a limitation: almost all processes appear concentrated in the third level,

    which can be an impediment to staggered implementations. The effort for the implementation of all processes of the third level could be quite large.

    The ITSM practices of ITIL publications and ISO/IEC 20000 standards do not present a sequence of implementation, which makes its implementation more difficult, especially for SMEs since a staggered implementation can provide results in a shorter space of time.

    In this context, the suggested sequence presented in this paper provides to IT service providers a possibility to implement process improvements in their ITSM environment. A set of processes defined (and its sequence) could contribute to a staggered implementation of achieved goals for each step taken.

    1. Expert evaluation

      Adopting the same approach to gather the opinion regarding the preliminary process sequence (as exposed in section 4.3), another survey was done with ITSM experts with large experience in implementation, training or evaluation of ITIL, ISO/IEC 20000 and CMMI-SVC. New questionnaires were sent (by e-mail) to evaluate the processes ant its sequences, six of them returned fulfilled.

      The main objective was to evaluate the implementation sequence of ITSM processes as proposed in this paper. To accomplish this goal, the Likert scale was adopted to measure the agreement or disagreement level for each statement as the following:

      • "Strongly Agree" (2)

      • "Agree" (1)

      • "Either Agree or Disagree" (0)

      • "Disagree" (-1)

      • "Strongly Disagree" (-2).

        For each option, the scale has been set to a value that varies from 2 to -2. These weights have been used to calculate the weighted average on the replying total for each question answered by the experts.

        Fig. 1 shows an example of question sent to the experts. In each question, there are the processes with their proposal, the options for agreement and a justification of choice. The weights of each question were used to calculate the weighted average of total responses for each of the questions answered by experts.

        To measure the degree of acceptance of the proposed sequence, questions were presented to the experts to verify their acceptance in relation to the processes at each position of implementation.

        Fig 1. An example of question sent to the ITSM experts, based on [6].

        Table XIV shows an example for the tabulation of the answers.

        TABLE XIV. EXAMPLE OF MEASURE DEGREE

        Question 1 : Sequence analysis of implementation 1

        Opinion Score Strongly agree 1

        Agree 5

        Neither agree nor disagree –

        Disagree –

        Strongly disagree –

        Medium impact 1,17

        General opinion Agree

        The overall result has generated the average impact of 1.07, as shown in Table XV, considering that the weights are closer to 1.0. Therefore, the general opinion has been "Agree" with the suggested sequence of implementation of the processes.

        TABLE XV. GENERAL RESULT OF THE SURVEY WITH EXPERTS

        Result of all questions

        Opinion Score

        Strongly agree 9

        Agree 16

        Neither agree nor disagree 3

        Disagree 2

        Strongly disagree –

        Medium impact 1,07

        General opinion Agree

        The experts opinions were important to evaluate the suggested process implementation sequence proposed in this paper.

  7. CONCLUSION

This paper proposes an implementation sequence of ITSM process that is part of the research presented in [6], which can become a facilitator for the implementation of improving programs in the ITSM area, especially for SMEs. It also contributes to exposes the need to establish mechanisms to facilitate the implementation of improving programs in SMEs businesses providing IT services.

This research has four basic limitations:

    • The universe of companies, which is a small sample of a lot of companies providing IT services established in Brazil. A larger number of companies could generate some sort of change in the proposed sequence, not necessarily change its basic structure, but it could change the implementation sequence.

    • The amount of ITIL implementation experiences, since few reports of these experiences have been found, they may not be sufficient to represent the universe required for making decisions regarding the order of implementing the processes.

    • Although anchored in an international standard which covers all key aspects of ITSM, another limitation to be emphasized is the use of ISO/IEC 20000-1 [1] and ISO/IEC TR 20000-4 [8] as a basis for defining the ITSM processes suggested. As a number of ITSM practices are so wide, there is a possibility that these rules do not cover all aspects necessary to meet the reality of the companies that provide IT services.

    • Finally, another limiting aspect is the debate about other processes not directly linked to ITSM (e.g. requirement management, project management) that were not discussed in this paper but are important in the IT service context.

Despite the limitations, an undeniable contribution was achieved with this research: the proposal sequence presented in this paper was adopted as a basis for the official creation of the maturity model service-oriented of Brazilian Program for Software Process Improvement (MPS.BR) [10], [12].

For future works, to enhance and improve this research, there is an expectation of a practical application of the proposed sequence as a pilot in SME to evaluate their appropriateness and applicability, and evaluate the benefits of process maturity in ITSM (similar as exposed in [27]. If it is needed, possible distortions could be corrected regarding the order of implementation and the adequacy of the processes and their deliverables. Other future aspects include (i) an analysis of the average effort required to implement the proposed sequence;

  1. increasing the number of sequences to fit the reality of small businesses; (iii) implementation of the proposed sequence of different types of IT services and businesses and (iv) larger number of service providing companies to verify possible inconsistencies.

REFERENCES

  1. ABNT. (2008). Associação Brasileira de Normas Técnicas. NBR ISO/IEC 20000-1: Information Technology Service Management. Rio de Janeiro. 34 p.

  2. Hochstein, A., Tamm, G., & Brenner, W. (2005). Service-Oriented IT Management: Benefit, Cost and Success Factors. In 15th European Conference on Information Systems, Regensburg, Germany, 26-28 May.

  3. Kumbakara, N. (2008). Managed IT Services: the role of IT standards. Emerald Information Management & Computer Society, v.16, n.4, p.336-359.

  4. Winneford, M. (2008). Confusion in the Ranks: IT Service Management Practice and Terminology. Information Systems Management, n.26 p.153-163, Mar.

  5. SEI. (2010). Software Engineering Institute. CMMI for Services (CMU/SEI-2010-TR-034), Version 1.3. Pittsburg: Software Engineering Institute. 520 p.

  6. Machado, R. F. (2011). MM-GSTI: A proposal for a Maturity Model for IT Service Management with a focus on small and medium companies. Dissertation. Department of Informatics, Pontifical Catholic University of Paraná PUC-PR, Curitiba, 257p.

  7. ITIL. (201). Official Web Site. http://www.itil-officialsite.com/

  8. ISO. (2010). International Standard Organization. ISO/IEC TR 20000- 4: Information Technology Service Management Part 4: Process reference model. Switzerland, 30 p.

  9. ABNT. (2008). Associação Brasileira de Normas Técnicas. NBR ISO/IEC 15504-1: Information Technology Processs Assessment Part 1: Concepts and vocabulary. Rio de Janeiro. 19 p.

  10. Softex. (2014). Sociedade para Promoção da Excelência do Software Brasileiro. http://www.softex.br

  11. Softex. (2014). Sociedade para Promoção da Excelência do Software Brasileiro. MR-MPS.BR-SW, Version of August 2012.

  12. Softex. (2014). Sociedade para Promoção da Excelência do Software Brasileiro. MR-MPS.BR-SV, Version of August 2012.

  13. Pereira, R.F.S. & Silva, M. M. (2010). A Maturity Model for Implementing ITIL v3. IEEE Computer Society. Proceedings of 6th World Congress on Services, p399-406, July.

  14. Clementi, S. (2007). The GSS-COBITIL model for managing support services of information technology. Doctoral Thesis. Polytechnic University of São Paulo, São Paulo.

  15. Silva, R. F. (2007). A convergent approach to the mapping of ITIL processes similar to the eTOM model. Dissertation. Department of Electrical Engineering at the University of Brasilia, Distrito Federal, Brazil.

  16. Martins, M.M. (2006). IT Service Management: A Proposal for Integration of Process Improvement and Management Services. Dissertation. Department of Electrical Engineering at the University of Brasilia, Distrito Federal.

  17. Soares, H. F. (2008). Importation of managerial technology for managing IT service delivery: a study on the applicability of the model to the eSourcing Capability Model Brazilian institutional context. Dissertation. Department of Management College of Economics, Administration and Accounting from the University of São Paulo, São Paulo.

  18. ITSQC. (2006). Information Technology Service Qualification Center. The eSourcing Capability Model for Services Providers (CMU/ITSQC- 06-006), Version 2.1. Pittsburg: Carnegie Mellon University.104 p.

  19. TIPA. (2010). Tudors ITSM Process Assessment. An ITIL Assessment. http://www.tipaonline.org/

  20. Magalhães, I. L. & Brito, W. (2007). It service management in practice: an approach based on ITIL. Includes ISO/IEC 20000 and IT flex: Novatec Ed., São Paulo.

  21. Cater-Steel, A. & Pollard, C. (2008). Justifications, Strategies, and Critical Success Factors in Successful ITIL Implementations in U.S and Australian Companies: An Exploratory Study. Information Systems Management, n.26 p.164-175, Mar.

  22. Cater-Steel, A., Toleman, M., & Tan, W. G. (2006). Transforming IT service Management the ITIL Impact. In 17th Australasian Conference on Information Systems 6-8 Dec, Adelaide, Australia.

  23. IBGE. (2010). Instituto Brasileiro de Geografia e Estatística. Business Demography 2006. Available at http://www.ibge.gov.br/home/estatistica/economia/demografiaempresa/ 2006/demoempresa2006.pdf

  24. Garcia, V. C. (2010). RiSE reference model for software reuse adoption in Brazilian companies. Doctoral Thesis Federal University of Pernambuco.

  25. Machado, R., Reinehr, S., & Malucelli, A. (2012). Towards a Maturity Model for IT Service Management applied to Small and Medium Enterprises. In: 19th European System & Software Process Improvement and Innovation, 2012, Viena. Proceedings of 19th European System, Software & Service Process Improvement & Innovation. Berlin: Springer-Verlag, 2012. p. 157-168.

  26. Reinehr, S. S. (2008). Systematic software reuse and software product lines in the financial sector: case studies in Brazil. Doctoral Thesis. Department of Production Engineering of the Polytechnic University of São Paulo.

  27. Cestari, J. M. A. P., Valle, A. M. do, Lima, E. P., & Santos, E. A. P. (2013). Achieving maturity (and measuring performance) through model-based process improvement. Journal of Information Systems and Technology Management, v. 10, n. 2, p. 339-356, May/Aug 2013.

Leave a Reply