มาตรฐานไอทิลกับการดำเนินงานในห้องสมุดดิจิทัล

มาตรฐานไอทิลกับการดำเนินงานในห้องสมุดดิจิทัลกนิฐา แสงกระจ่าง ................................ ................................ ................................ ................................ .................... 3

Towards the Control and Prevention of Waste in IT Service Operation Using Fuzzy Logic: Focus in Incident Management Process

All production lines are continuously confronted with the phenomenon of waste, especially in IT operations. A waste is assessed in terms of the required resources and the cost employed to solve the problem behind it. Eliminating the waste in daily operations is essential to improve IT service management. This article aims to provide an estimation of the level of potential waste, where waste generation trends are provoked by the activities of IT service management processes. We are going to focus particularly on the possibility of applying a Lean improvement process to IT services processes when using fuzzy logic method. We specifically demonstrate our contribution through the application of fuzzy analysis to the incident management process. This approach also aims at developing a theoretical and pragmatic model and promoting the knowledge of IT experts. In order to make our framework as generic as possible, concepts of IT operations, including the incident management, are inspired by the Information Technology Infrastructure Library (ITIL), the most prominent framework for IT service governance according to the current literature

ITIL v3 Framework Application to Design Information Technology Incident Management Governance

Information technology (IT) is one of the strategic investments for Banks. IT can increase the efficiency and effectiveness of operational activities and strengthen their competitive position. Given that IT is an expensive investment, while its implementation contains various risks, Banks need to implement Information Technology Governance. Banks are required to implement some standards for IT governance in multiple aspects, one of which is the IT incident management aspect. IT services at the Bank are crucial because they must work optimally with zero downtime. They must ensure the management and prevention of any problems that may arise to support the sustainability of the company’s business processes. One of the frameworks that can be used for good IT service incident management is Information Technology Infrastructure Library version 3 (ITIL v3). ITIL’s incident management aims to restore disrupted IT services to their normal state and reduce the business impact. To measure the extent to which the Bank has implemented IT Incident Management Governance, the maturity level is calculated by comparing the current state (as is) and the desired shape (to be) to obtain the maturity level gap. The process of maturity level assessment is carried out using interviews and questionnaires addressed to all stakeholders involved in the entire IT incident management process. The research results show that 15 of the 42 IT incident management processes have not reached the desired state. Based on these gaps, an IT incident management governance document was designed based on the ITIL v3 framework, which is expected when implemented in the Bank’s daily operations. It will increase the availability of IT services

Evaluación de riesgos en activos de tecnologías de información en una MIPYME

This research goal was evaluating the risk in the information technology assets in a MiPyme using an evaluation model based on good practices. The research is descriptive, and the proposed model was validated using the expert judgement method with the Kendall's concordance coefficient W and the Chi-square test. As a result, we proposed an information technology asset risk evaluation model using components of the methodologies MAGERIT and OCTAVE-S, and the international standards ISO 27005 and ISO 31000. The model was validated and successfully applied to an urban transportation MiPyme of Trujillo province, there were identified 19 critical assets which allowed to identify 248 potential asset risks of which 06 are not acceptable, for which 02 risk treatment plans were proposed.Esta investigación tuvo como objetivo evaluar los riesgos en activos de tecnologías de información en una MiPyme empleando un modelo de evaluación basado en buenas prácticas. El tipo de investigación es descriptiva, y para validar el modelo se empleó el método de juicio de expertos junto coeficiente de concordancia W de Kendall y la prueba Chi-cuadrado. Como resultado, se obtuvo un modelo de evaluación de riesgos que emplea elementos de las metodologías MAGERIT y OCTAVE-S, así como de los estándares internacionales ISO 27005 e ISO 3100. El modelo fue validado y aplicado exitosamente en una MiPyme de transporte urbano de la provincia de Trujillo, donde se identificaron 19 activos críticos; los cuales permitieron identificar 248 riesgos en activos de tecnologías de información, siendo 06 de ellos no aceptables para los cuales se elaboraron 02 planes de tratamiento de riesgos

MaPO: modelo de gestão de continuidade de negócios baseado em boas práticas de governança de TI

À medida que as Tecnologias da Informação se tornam acessíveis e são disseminadas, as organizações buscam na interconectividade destas novas formas de prover serviços de qualidade e confiança uma vez que a Tecnologia da Informação (TI) está cada vez mais integrada aos processos de negócio. A ocorrência de um incidente é um acontecimento que afeta um serviço ou sistema de TI, e a restauração do seu nível de desempenho original exige considerável esforço de recursos, físicos, humanos e administrativos. Restaurar um serviço após um incidente depende de um planejamento de recuperação estruturado. A recuperação operacional de incidentes é a capacidade de reagir a uma interrupção nos serviços e restaurar as funções críticas dos negócios da organização. Existem boas práticas que auxiliam na Gestão de Continuidade de Negócios (GCN), porém a falta de estruturação na aplicação destas, de forma alinhada e integrada, pelas organizações, impacta negativamente na estratégia de elaboração de um plano de continuidade de negócios eficiente e eficaz. O objetivo deste artigo é propor um modelo de GCN, baseado em boas práticas de Governança de TI, de forma estruturada e alinhada. Este artigo apresenta o Management Process Organization (MaPO), o qual é um modelo que define o monitoramento de recursos ativos do serviço, aplicando processos de gestão de TI, baseados na Information Technology Infrastrcture Library (ITIL), assim como Balanced Score Card (BSC), Business Impact Analysis (BIA) e gestão de riscos, baseados no Control Objectives for Information and Related Technology (COBIT), no alinhamento estratégico e organizacional, bem como implementações necessárias a atender os requisitos de negócio. O modelo MaPO partiu do princípio de estudo de serviços disponíveis de TI de uso comum, partindo desde a gestão estratégica, até a gestão operacional, sendo uma opção de ferramenta para direcionar a integração das boas práticas de mercado e aplicá-las de forma eficiente e eficaz

Metodología de Implantación de Modelo de Gestión del Conocimiento Estratégico

Las Pequeñas y Medianas Empresas (PYMEs) presentan un conjunto de problemas asociados a TI, como la falta de gestión, de capacitación, la poca inversión, una operación deficiente, entre otras; así mismo se encuentran las que no logran aplicar de manera efectiva los marcos y estándares. Por ello, se ha efectuado una profunda revisión sistemática de la literatura (SLR) sobre el problema en el que se encuentran las Pequeñas y Medianas Empresas (PYMEs) en relación con la cuestión de cómo abordar el cumplimiento de las normas de la Librería de Infraestructuras de Tecnologías de la Información (ITIL). Los resultados encontrados llevaron a establecer el objetivo final de esta tesis, la construcción de un Mapa de Navegación de ITIL v3 con una interfaz amigable y fácil de entender, implementándolo a través del gestor documental de Alfresco Community. Con el fin de evitar recurrir a los exhaustivos manuales de ITIL v3 para llevar a cabo su completo estudio. La implementación ayuda a realizar la consulta y facilita el rastreo del Ciclo de Vida ITIL indicándole al usuario que procesos son los que necesita, cuáles tiene y cuáles faltarían para que su implementación de ITIL sea completa. Es conveniente destacar que el desarrollo del Mapa de Navegación de ITIL v3 y su inclusión en Alfresco Community fue pensando concretamente para las empresas PYMEs, siendo estas las que cuentan con mayores problemas al tratar de gestionar sus servicios. Pretendiendo que estos mecanismos realizados sean de gran ayuda en un futuro a las PYMEs, contando con un proceso que se adapte sus necesidades y que al mismo tiempo este apegado a las buenas prácticas de TI pudiendo gestionar sus servicios, pero sobre todo maximizando su valor y minimizando el riesgo