Vol. 39 (# 10) Year 2018. Page 19
Jorge Luis VENGOECHEA Orozco 1; Carlos Ramón VIDAL Tovar 2
Received: 17/110/2017 • Approved: 30/11/2017
ABSTRACT: The article below proposes an incident management model based on the Information Technology Infrastructure Library (ITIL) for university education institutions, having as a spatial delimitation the city of Barranquilla and its metropolitan area in Colombia. It has intended to generate a construct designed to identify and measure the complex systemic relationships existing on the management of incidents of information technology services in the context of institutions of university education. The research is Holistic type of comprehensive level and with a holotype projective whose aim is to try to propose solutions to the problem posed since the contextualization of the general theory of systems, also contemplates a cosmological approach with a contemporary transectional design. For the data analysis, triangulation was used, the participants were strategically selected for their ability to provide from their expertise and reflection the necessary knowledge through an instrument made up of 10 items. For the validation of the same, it was resorted to the judgment of experts. The results provide a systemic model based on best practices, which provides benefits for incident management in universities. |
RESUMEN: El artículo a continuación propone un modelo de gestión de incidentes con base en la biblioteca de infraestructura de Tecnologías de la Información (ITIL) para las instituciones de educación universitaria, teniendo como delimitación espacial la ciudad de Barranquilla y su área metropolitana en Colombia. Se pretende generar un constructo diseñado para identificar y mensurar las relaciones sistémicas complejas existentes sobre la gestión de incidentes de servicios de tecnologías de la información en el contexto de las instituciones de educación universitaria. La investigación es de tipo Holística de nivel comprensivo y con un holotipo proyectivo cuyo fin es intentar proponer soluciones al problema planteado desde la contextualización de la teoría general de sistemas, además contempla un abordaje cosmológico con un diseño transeccional contemporáneo. Para el análisis de los datos se utilizó la triangulación, los participantes fueron estratégicamente seleccionados por su capacidad para proporcionar desde su experticia y reflexión el conocimiento necesario a través de un instrumento conformado por 10 ítems. Para la validación del mismo se recurrió al juicio de expertos. Desde los resultados se ofrece un modelo sistémico basado en las mejores prácticas, que proporciona beneficios para la gestión de incidentes en las universidades. |
The institutions of higher education are the entities called to analyze, disseminate, to propose, and manage the development, positioning the knowledge of the techno-sciences before society and the state. At present, all the institutions have a strong relationship with Information Technology (IT), which implement in their processes, so that most of them are entirely dependent on it, in fact, the service-oriented thinking is one of the paradigms of more rapid growth (Demirkan et al., 2008, p. 3). In this way, a service can be described as the activity in which certain functionality is provided to a customer for a service provider (Brenner, Hegering Rodosek, Hanemann, & Koenig, 2007). In that order, the focus on the service is forcing organizations not only to cope with the challenges of managing their information technology infrastructures, features and capabilities, to meet the needs of their clients, but also to cope with the challenge of providing services that create value to the organization (Spohrer, Maglio, Bailey, & Gruh, 2007).
The transformation of a technology oriented toward the provision of customer-oriented services, requires that the processes of the organization be designed in a way that is systematic and methodical support, (Hochstein, Tamm, & Brenner, 2005). At a more practical level, the management of services can be defined as the management of all the processes that cooperate to ensure the quality of the services up and running, in accordance with the agreed service levels with the customer. According to the (Office of Government Commerce, 2007) at the organizational level or strategic IT services should be managed, dedicated to the service of the business needs of the organization.
In this sense, the universities have resources in all its academic and administrative processes, these instruments are essential in the teaching, research and social projection, which influences of quantitative and qualitative way in the processes of educational institutions (Gutiérrez, Palacios & Torrego, 2010). So that if resources are managed properly, it leads to affect the fundamental processes of the institution, resulting in distrust in users to the services provided by the IT area, which in turn is reflected in a breach of the image of it later in the loss and dissatisfaction of users.
On the other hand, the IT Infrastructure Library in its 2011 version describes more than 20 processes and hundreds of best practices, but many organizations do not have the resources or do not know how to implement them. So first, receive a basic set of practices for a small subset of processes, then extending the use of the framework with the time (Knapp, 2010). In accordance with the above, and considering that this is a basic need for academic institutions, is a model for the management of incidents based on the ITIL for institutions of higher education.
Per the (International Electrotechnical Commission IEC, 2008) IT management is defined as: "the system of controls and processes required to achieve the strategic objectives established by the direction of the Organization, subject to the guidance and monitoring established by the corporate governance". The management of services of the information technologies is a concept used to align the services you provided, with the needs of the company, as well as manage the technology of information within an organization-focused emphasis on the benefits expected by the customer.
Organizations today are dependent on their services, which contribute to the achievement of the objectives of the Organization, the services cannot be assessed before being offered, but only once rendered. In accordance with the (International Organization for Standardization, 2005) quality is the "degree in which a set of inherent characteristics meet the requirements". For (Játiva & Gallo, 2006) quality services must include the offer of information relevant and appropriate to the needs of the user, as well as the tools necessary to ensure access to it.
ITIL was born at the end of the 1980s, as response of the Central Computing and Telecommunications Agency (CCTA) of the British Government to resolve the crisis caused by the poor quality of the IT services of their public bodies, (Kaplan & Norton, 1996) are considered intangible assets as the main source of competitive advantage for an organization customer satisfaction is part of such assets. Since its inception ITIL maintains several important modifications in their publications, passing through versions 1, 2, 3, up to the current version of 2011 published in the same year under the control of the British Government Cabinet Office.
ITIL is a framework that describes best practices in the management of information technology services, providing a framework for the Government, management and control of it services (Cartlidge et al., 2012, p.6). This framework focuses on continuous measurement and improvement of the quality of the delivered service, from the point of view both business and integrating the perspective of the client. Similarly, (Hanna, 2011, p. 110) argues that more specifically ITIL stipulates that a service aim to generate value to the customer, facilitating outcomes they expect without the need to assume costs or risks.
To (Marulanda Echeverry et al., 2009) “the primary objective of incident management is to restore service as soon as possible to avoid the client is affected, this is done to minimize the effects of the operation” (p. 186). Ensures the process of incident management is to restore normal service operation as soon as possible. For (Bauset Carbonell, 2012) practice indicates that the level of service quality, is not obtained exclusively with aggressive investments in technology or human talent, qualified but is the product of good management and planning at the enterprise level.
Information technology infrastructure for the proper management of incidents. They were the first to describe it, the infrastructure (McKay & Brockway, 1989) who defined it infrastructure as the foundation that allows sharing capabilities of information technology that depends on the company. The IT infrastructure is composed of equipment’s, systems, software and services used in common in the entire organization, regardless of the mission, program or project.
All of the above has a predominant role within the institutions of university education. In reason of which the registry in addition to the analysis of every situation occurred that, disrupt productive operation (incidents) of the Organization. Is very important to achieve excellence, what effect has the use of the it is vital to meet and exceed the mission and vision in all kinds of organizations public or private, with or without profit (Mosquera Fernández & Gonzales Nuñez, 2012).
The type of research corresponds to research holistic comprehensive level and with a projective holotype, which aims to try to propose solutions to the problem, (Hurtado de Barrera, 2010, p. 248) says that investigations related to computer issues that require previous research for the design of programs, models or proposals fall into this category. The design of this research according to (Hurtado de Barrera, 2010), is considered a mixed source design, also includes a design contemporary transactional, that (Hernández Sampieri et al., 1991) defines as research which focuses on studying the events at a unique time in time in this case present.
The population was composed of participants strategically selected for their ability to provide information and knowledge that needed. Five persons participated in this research of recognized universities in the city of Barranquilla; the number of participants can be seen as few. However, confidence in qualitative research is more gains by the wealth of data that represented by the size of the sample (Sandelowski, 1995).
The informants held an interview with a flexible script, with multiplicity of features that gave coherence to the phenomenon studied, based on 10 congruent items, which provide the connection due to the construction proposed by the author. The research objectives, events, synergies and indicators that allowed the development of questions in a systematic and orderly manner considered for its design.
For discussion of the results in this research, are generated responses to the stated research holopraxis how is the management of incidents based on the ITIL for institutions of higher education? Based on the analytical, comparative, explanatory implications, visiting of inferences, arguments, views of the actors involved in the study, in accordance to the aspects studied in accordance to their level of perception of the phenomenon addressed.
To stakeholders, the incident within the universities management process is not based on any industry standard, stakeholders also expressed that current procedures are not based on a framework of reference or set of good practices in the sector. Some actors exposed that in their institutions is conducted in test form, is not planned nor is not documented. Everyone agrees that despite possessing management tools tickets, which are part of the process not have a table of services through which an excellent incident management procedure can be performed.
Institutions to properly manage your incidents should be based on norms or on a set of good practices that allow them to be prepared and to deal with the process of incident management in an optimal and efficient way for the restoration of its the technology information services. It requires a change in the processes of the institutions supported by senior management, to alienate the infrastructure of the information technology organizations with business objectives to articulate them and integrate them with the mission of the institutions.
Based on the approaches of stakeholders seen from a systemic holistic perspective the components involved in incident management system they are part of a large system. Composed of several subsystems within which we have operational subsystem consisting of the processes of registration of incidents, monitoring, incident solution management, implementation of solutions, evaluation of the satisfaction of the user, care of different incidents that may be present.
Subsystem of individuals who report. verify and interact with subsystems, here we have users who interact with the services provided by the institution, human resource as technicians, engineers, specialists responsible for stick incidents care procedures, as well as external suppliers of services and infrastructure that has the institution. Tools subsystem consists of the necessary infrastructure both hardware, as is software to support a process of incident management.
Subsystem of management. Consisting of the Bureau or service center, which integrates help desk, as single point of contact between the support team and users to attend incidents, management problems, which aims to ensure the continuity of services and it infrastructure, supports the business processes, also allows plan structuring, monitoring as well as supply the delivery of a variety of services, among others.
Operational factors: changes in the environment, alteration of it services, poor relationship with suppliers, changing requirements, hidden requirements, increase or decrease of the capacity. Technological factors: obsolescence, lack of maintenance, malfunction of parts of the service, poor systems of support, BYOD devices and it infrastructure absence or not in accordance to the needs. Human factors: lack of staff, fitness staff, training of the personnel. Organizational factors: lack of budget, lack of planning, lack of continuity plans the business, poor management of incidents, entropy and bad relationship with suppliers,.
Firstly because of the lack of planning, originated in the lack of vision of the directives of the institutions to comply with standards of optimal services. Coupled with a limited budget allocated to the it area that does not allow to achieve the infrastructure appropriate for the provision of quality services as well as maintain operating services in the event of incidents that occur with redundant for the continuity of the business.
Stakeholders agree on different factors as the obsolescence of technology, lack of maintenance, due to the continuous innovations technological products, they tend to have a short service life, in such a way that if they are not renewed, the cost of maintenance services increases. At the same time, preventative maintenance is crucial to keep the systems operating properly, since it avoids costly damages and incidents whose production-level results may be disastrous and affect the continuity of the business.
Capacity, which means that the services were designed to meet the needs of a certain number of users, are backed by a process, storage, sized according to your initial design, capacity if this capability is subtilized or oversized, resources are missing, perform unnecessary investments resulting in additional maintenance and administration expenses or otherwise resources are insufficient with the consequent reduction of the quality of the service.
The above is related to other specified factors related to changing requirements, hidden requirements and changes in the conditions of operation, changes in the environment, not having the appropriate infrastructure, which originate in the continuous growth of the institutions, in terms of personnel, programs, processes that are part of the dynamics of their tasks related to its mission, in fulfilment of its objectives.
The lack of personnel in terms of the amount, as well as skills they must have to operate the infrastructure that gives support services, as well as to the correct process for the resolution of incidents once they occur, here actors wield malpractices carried out processes of incident management to cause delays in the restoration of the services at the agreed levels.
Finally, it introduces the concept of entropy, measure considered the uncertainty of the necessary information, so that in a process can reduce or eliminate the uncertainty. In an institution, the lack of information, the abandonment of standards, causes the increase of entropy, while the entropy grows, the system breaks down into its simplest State, this mean that the maximum probability of the systems is its gradual disorganization.
At this point all stakeholders interviewed agree that must be a computer tool that support staff, as well as the table of services in the process of incident management, software infrastructure should be supported in web and/or mobile applications that enable the end user reporting the incidences from any place where they are speeding up the process, in such a way to activate the logistics technique from the single point of contact, to restore the service as soon as ensuring an adequate level of service quality to the customer.
You must have a software of monitoring services for the design of solutions to incidents with registration of logs, systems of databases with mobile applications that alert it staff, to receive reports of incidents from anywhere, avoiding having to wait to get to your Office PC to be realize they have an incidence that meet. One or more machines that serve as a support system, servers, sensors of levels of service and support to software, data, equipment of telecommunications, computers, laptops, network infrastructure is required in terms of the hardware tablets, mobile devices.
The actors agree that generally required technical skills specific depending on the service that is offered to the user, must also possess skills, often cannot be with users face to face, it is imperative to be a skillful communicator, learn to listen to customers, understand them, write e-mails in a clear, concise and with good spelling. It staff must reason, think intelligently with capacity for the detection of incidents, so talking to the customer they can answer complicated questions, diagnose problems, be working to solve logical problems, possess social skills, understand the needs of customers, providing a good customer, be respectful, stay calm, courteous and quick, always.
The incidents in the University education institutions management system should contain the following stages, in accordance to the life cycle of the incident:
Identification of the incident: is to try to monitor all the important components, so that you can detect actual or potential bugs as soon as possible and you can start the process of incident management.
Registration: it consists of specifying all the possible information about the incidence.
Categorization: classification and identification of the services affected by the incident.
Prioritization of incidents: establish a priority in accordance to the criticality of the business and service-level agreements. Investigate and diagnosis: consists in locating incidents: identify and record symptoms of incidents, determine possible causes and secure resources to its resolution.
Scaling: If the incident could not be resolved in the first instance, it must resort to a specialist who can give solution to the presented incidence.
Solving incidents: document, request and test the identified solutions or temporary and run recovery actions to restore the related service.
Close incidents: verify the satisfactory resolution of incidents and closure.
Formulate reports: monitor, analyze and report incidents.
For some of the actors the best way to integrate the stages of management of incidents of information technology system is through a cyclic structure with focus on processes, continuous improvement life cycle, where each stage of the incident management products, nurture the next stage; and at the end of the final stage will begin a new cycle of life. From another perspective, it must be comprehensively and horizontally within the Organization of the institution, because the management of incidents of TI affects across the services offered by the Department. It should be institutionalized, in addition to socialize as a policy of information technology within the institutions that determine the need for the use of this type of processes and solutions that improve the delivery of it services. On the other hand, everything must be documented, based on standards or set of best practices in the industry to strengthen procedures.
This proposed incident management core is made up of a strategic platform made up of mission, vision, values, policies, leadership and continuous improvement, control that give it a pointed administrative and functional spirit for the proper management and obtain competitive advantages.
Operational subsystem. Is responsible for the processes of the life cycle of incidents, which pass through groups of solution, undertakes to carry out the entire process from the identification until the closure of the incident with the confirmation of the user, for incident management develops activities described in the incident management process.
Figure 1
Operational subsystem
Currents of input operational subsystem must be imported from the environment are represented by the incidents for example service not available, application failure, system crash, reported by users or by your own it staff, the conversion process is represented by the lifecycle of incident management and the output current, within which we have the restoration of service, the closure of the incident, the reports.
Subsystem subjects. This subsystem is responsible for human resources, both clients (teachers, students, administrative staff, community), as well as the staff responsible for the IT area, as technicians, engineers, developers, analysts. Defines the technical skills, skills to resolve incidents, attention to the customer, establishment of roles and responsibilities.
Currents of input that the subsystem matters of the environment comprise the users that interact with IT services, as well as personnel from the area of you, the conversion process performs an analysis of the responsibilities, skills, skills, analysis of causes, symptoms and solution opportunities, output currents are represented in the measurements of the performance of subjects.
Figure 2
Subsystem of subjects
Tools subsystem. This subsystem includes the resources, the technological infrastructure for the support from the point of view of software, hardware, telecommunications networks, of the activities of the other subsystems. Includes the software's monitoring service, desktop applications or web-based or mobile to report incidents, information systems support to the table of services, platforms of hardware and networks that support applications. The subsystem input currents are determined by requests for technological infrastructure required by the Organization, the conversion processes are oriented towards the evaluation of the best tool to contribute to the objective of the other subsystems and their output streams are determined with the assessment and selection of the appropriate infrastructure.
Figure 3
Tools subsystem
Management subsystem. The functions played by the subsystem of management correspond to the activities of single point of contact with the users of it services. It is the subsystem that gives face to the environment, its external synergy that it relates to the other systems in the environment to import inputs and export their products. Manages incidents, service requests, handles the communication with the users, manages the life cycle of the incident, is the single point of contact, call and excellent support, sharing the role with all procedures of the core of the service life.
The subsystem of management is established as an integral part of the Organization, is related to all the subsystems, using technological tools and human resources to manage all the events. Input flows consist of requests made to this subsystem, output currents are defined by the responses of requests.
Figure 4
Management subsystem
Subsystem of order and balance (Anti-chaos). This subsystem is in charge of monitoring the other subsystems in their functions according to the parameters defined within the service level agreements. It measures the degree of deviation of the fulfillment of the objectives. Uses the internal communication, evaluates the responses of adaptation to the environment. Encourages the correct synergy to meet agreed service levels and is responsible for ensuring the quality of the service.
Figure 5
Subsystem of order and balance
This subsystem input currents are defined by all the anomalous behavior that affect the performance of each subsystem to perform its process, it monitors the quality of its inputs, as well as outputs, the conversion processes are focused on mechanisms to correct the deviations that occur, resulting in currents of output, Organization guidelines, adjustments, corrective policies that promote the order and the balance.
Figure 6
Proposed model of incident management
-----
Figure 7
Incident Management process flow
The information technology infrastructure can be seen as the sum of the assets of the Organization; hardware, software, data telecommunication facilities, procedures and documentation, also covers the set of services offered by the organization, budgeted by management and that include both human and technical capacities required to operate throughout the organization. The incident management process that is brewing within universities is reactive, is not based on some standard or set of best practices in the industry to enable it to respond correctly and in the shortest time possible incidents that are presented. Changes must be made, supported by the administrative part, to the management of incidents based on good practices, to provide continuity in the provision of IT services with quality, which contribute to the realization of the missionary processes of the institutions.
From the systemic perspective, we obtained the components that make up and integrate the incident management system, among which we have operational subsystem, the subsystem subject, subsystem, management subsystem, the subsystem of order and balance that integrated, will allow the correct operation of the system of management of incidents. Detailed the functions of each subsystem, the inflows, outflows, as well as conversion processes exercised by each of the subsystems and the relationships between them. The factors were grouped in several categories as operations, technological, human, organizational, these factors constitute the inflow of the subsystem of order and balance are defined by all anomalous behaviors that cause disruption of IT services, as well as the performance of each subsystem to perform their conversion process, represent the anomalies that affect the continuity and quality of service.
The management of incidents in the universities is oriented to an information system as a support to the bureau of services, along with the infrastructure necessary to establish a single point of contact, with the purpose to receive, transmit calls and orders via the telephone, email, fax, instant messaging, VOIP calls, among others that support all the activities in the management of incidents. For the conversion, process of the subsystem of subjects the human capacities required to support the activities of the management of incidents.
With the proposed model of incident management, defines its objective, the core of the model, the components of the model from the conceptual system approach from General Systems Theory, the description of the subsystems, conversion processes, flows of entry, exit, relationships, procedure of the incident management based on ITIL best practices; it is complied with the specific objective of designing a model for the management of incidents based on the IT Infrastructure Library of Information Technologies (ITIL) for institutions of higher education.
It is recommended that the universities build their processes related to the areas of you implementing the use of standards or sets of best practices in the industry. Socialize and institutionalize it as a policy of the necessity of the use of this type of processes and solutions that will improve the delivery of IT services. Finally, it is recommended to involve senior management, in the appropriation of an innovative culture, generating changes, that promotes the researchers, as well as the IT staff in the search for solutions to the improvement of processes of provision of IT services, to achieve the best disposition of the resources and the ongoing support at the institutional level.
Andrade Espinoza, S. (2006). Dictionary of Economics. Lima: Andrade.
Armijo, M. (2004, November 2-5). Good Governance Practices in Latin America. IX International Congress of CLAD on State Reform and Public Administration. Madrid, Spain.
Arnold Cathalifaud, M., & Osorio, F. (1998). Introduction to the Basic Concepts of General Systems Theory. Cinta de Moebio, 12.
Bozionelos, N. (2004). The relationship between disposition and career success: A British study. Journal of Occupational and Organizational Psychology, 77, 403-420.
British study. Journal of Occupational and Organizational Psychology, 77, 403-420.
Brenner, M., Rodosek, G., Hanemann, A., Hegering, H.-G., & Koenig, R. (2007). Service Provisioning: Challenges, Process Alignment and Tool Support.
Burnet, V. (2002). Managing the relationship with the customer. Prentice Hall.
Demirkan, H., Kauffman, R., Vayghan, J., Fill, H., Karaiannis, D., & Maglio, P. (2008). Service Orientated Management and technology. Electronic Commerce Research and Applications, 17.
Balabron Fernández, C. (2007). That is ITIL. Bit, 46-49.
Gómez, A. (2006). Competing in the information society. Thematic reflections of philosophers of the information and knowledge, signatures, 10-12.
Gorla, N., Somer, T., & Wong, B. (2010). Organizational impact of system quality, information quality, and service quality. Journal of strategic information systems, 19, 207-228.
Gutiérrez, A., Palaces, A., & Torrego, L. (2010, March 1). Digital tribes in the university classroom. Communicate (34), 173-181.
Guzmán, A. (2012, August). ITIL v3 Service Management. Ecorfan, 3(7), 801-806.
Hochstein, A., Tamm, G., & Brenner, W. (2005). Service-oriented it management: Benefit, cost and success factor. Proceedings of the Thirteenth European Information Systems. Regensburg: University of Regensburg.
International Electrotechnical Commission (IEC. (2008). ISO/IEC 38500. Geneva: ISO/IEC.
Játiva, M., & Gallo, J. (2006). Libqual TM: assessment of quality of services from the user's perspective. Bulletin of the Confederation of Associations of Archivists, Librarians, Museologists and Documentalists (ANABAD), 53-74.
Kaplan, R., & Norton, D. (1996). The balanced scorecard: translating strategy into action. Cambridge: Harvard Business School Press.
Knapp, D. (2010). The ITSM Process Design Guide: Developing, Reengineering, and Improving IT Service Management. (I. Academy, Ed.)
Lazcano, C. and. (2008). The facts of information, a scenario to the evaluation of the digital divide local user/client in the knowledge society. (Ud. Havana, Ed.) Annals of Documentation, 79-92.
Martin Valleys, D. (1999). Quality in the services a methodological approach. Tourism Studies, 15-33.
Marulanda Eceheverry, C. E., López Trujillo, M., & Slopes Churches, C. A. (2009, May). Development models for government. Scientia Et Technica (41), 185-190.
McKay, D., & Brockway, D. (1989). Building I/T infrastructure for the 1990s. Stage by Stage, 9(3), 1-11.
Mosquera Fernández, V. D., & Gonzales Núñez, A. (2012). Methodology for assessing the impact of outsourcing of IT services in the organizations. Free Enterprise (17), 69-81.
Office of Government Commerce. (2007). the Official Introduction to the ITIL Service Lifecycle. London: The Stationery Office (TSO), HM Government.
World Health Organization standards. (2005). Quality management systems - Fundamentals and vocabulary. ISO 9000. Geneva: ISO Central Secretariat.
Walls Ch, A. J., & BOILER M, E. (Apr., 2006). Virtual Information Services: An approach to competitiveness in the knowledge-based society. Enl@ec: Venezuelan.
Magazine of Information, Technology and Knowledge (1), 77-88.
Porter, M. (2010). Competitive advantage: creating and sustaining superior performance. Madrid: Pyramid Editions SA.
Red Solanelles, M. J. (2003, July). The marketing and information services. ACIMED (4).
Sandelowski, M. (1995). Focus on qualitative methods. Sample size in qualitative research. Research in Nursing and Health, 479-482.
Spohrer, J., Maglio, P., Bailey, J., & Gruh, D. (2007). Steps toward a science of service system. Computer, 40.
The IT Governance Institute ITGI. (2003). Board Briefing on IT Governance. 2Nd Edition.
1. Doctor in Management of Innovation. University Metropolitan of Barranquilla. Institutional subsystem of Research and Innovation. jvo001@yahoo.es
2. Doctor in Sciences, Mention Management. Doctor in Sciences of Education. University Popular of Cesar. Agro-Industrial Engineering Program, Research Group Creating Science. carlosvidal@unicesar.edu.co vidal.tovar@gmail.com