Glossary of terms Application Management

Glossary of terms - Application Management

absorbed overhead: Overhead which, by means of absorption rates, is included in costs of specific products or saleable services, in a given period of time. Under- or over-absorbed overhead: the difference between overhead cost incurred and overhead cost absorbed: it may be split into its two constituent parts for control purposes.
absorption costing: A principle whereby fixed as well as variable costs are allotted to cost units and total overheads are absorbed according to activity level. The term may be applied where production costs only, or costs of all functions are so allotted.
action lists: Defined actions, allocated to recovery teams and individuals, within a phase of a plan. These are supported by reference data.
alert: Warning that an Incident has occurred.
alert phase: The first phase of a business continuity plan in which initial emergency procedures and damage assessments are activated.
allocated cost: A cost that can be directly identified with a business unit.
application portfolio: An information system containing key attributes of applications deployed in a company. Application portfolios are used as tools to manage the business value of an application throughout its lifecycle.
apportioned cost: A cost that is shared by a number of business units (an indirect cost). This cost must be shared out between these units on an equitable basis.
asset: Component of a business process. Assets can include people, accommodation, computer systems, networks, paper records, fax machines, etc.
asynchronous/synchronous: In a communications sense, the ability to transmit each character as a self-contained unit of information, without additional timing information. This method of transmitting data is sometimes called start/stop. Synchronous working involves the use of timing information to allow transmission of data, which is normally done in blocks. Synchronous transmission is usually more efficient than the asynchronous method.
availability: Ability of a component or service to perform its required function at a stated instant or over a stated period of time. It is usually expressed as the availability ratio, i.e. the proportion of time that the service is actually available for use by the Customers within the agreed service hours.
Balanced Scorecard: An aid to organisational performance management. It helps to focus not only on the financial targets but also on the internal processes, Customers and learning and growth issues.
baseline: A snapshot or a position which is recorded. Although the position may be updated later, the baseline remains unchanged and available as a reference of the original state and as a comparison against the current position (PRINCE2).
baseline security: The security level adopted by the IT organisation for its own security and from the point of view of good ‘due diligence’.
baselining: Process by which the quality and cost-effectiveness of a service is assessed, usually in advance of a change to the service. Baselining usually includes comparison of the service before and after the change or analysis of trend information. The term benchmarking is usually used if the comparison is made against other enterprises.
bridge: Equipment and techniques used to match circuits to each other ensuring minimum transmission impairment.
BS7799: The British standard for Information Security Management. This standard provides a comprehensive set of controls comprising best practices in information security.
budgeting: Budgeting is the process of predicting and controlling the spending of money within the organisation and consists of a periodic negotiation cycle to set budgets (usually annual) and the day-to-day monitoring of current budgets.
build: The final stage in producing a usable configuration. The process involves taking one of more input Configuration Items and processing them (building them) to create one or more output Configuration Items, e.g. software compile and load.
business function: A business unit within an organisation, e.g. a department, division, branch.
business process: A group of business activities undertaken by an organisation in pursuit of a common goal. Typical business processes include receiving orders, marketing services, selling products, delivering services, distributing products, invoicing for services, accounting for money received. A business process usually depends upon several business functions for support, e.g. IT, personnel, and accommodation. A business process rarely operates in isolation, i.e. other business processes will depend on it and it will depend on other processes.
business recovery objective: The desired time within which business processes should be recovered, and the minimum staff, assets and services required within this time.
business recovery plan framework: A template business recovery plan (or set of plans) produced to allow the structure and proposed contents to be agreed before the detailed business recovery plan is produced.
business recovery plans: Documents describing the roles, responsibilities and actions necessary to resume business processes following a business disruption.
business recovery team: A defined group of personnel with a defined role and subordinate range of actions to facilitate recovery of a business function or process.
business unit: A segment of the business entity by which both revenues are received and expenditure is caused or controlled, such revenues and expenditure being used to evaluate segmental performance.
Capital Costs: Typically those costs applying to the physical (substantial) assets of the organisation. Traditionally this was the accommodation and machinery necessary to produce the enterprise’s product. Capital Costs are the purchase or major enhancement of fixed assets, for example, computer equipment (building and plant) and are often also referred to as ‘one-off’ costs.
capital investment appraisal: The process of evaluating proposed investment in specific fixed assets and the benefits to be obtained from their acquisition. The techniques used in the evaluation can be summarised as non-discounting methods (i.e. simple payback), return on capital employed and discounted cashflow methods (i.e. yield, net present value and discounted payback).
capitalisation: The process of identifying major expenditure as Capital, whether there is a substantial asset or not, to reduce the impact on the current financial year of such expenditure. The most common item for this to be applied to is software, whether developed in-house or purchased.
category: Classification of a group of Configuration Items, Change documents or problems.
Change: The addition, modification or removal of approved, supported or baselined hardware, network, software, application, environment, system, desktop build or associated documentation.
Change Advisory Board (CAB): A group of people who can give expert advice to Change Management on the implementation of changes. This board is likely to be made up of representatives from all areas within IT and representatives from business units.
Change Authority: A group that is given the authority to approve Change, e.g. by the project board. Sometimes referred to as the Configuration Board.
Change Control: The procedure to ensure that all changes are controlled, including the submission, analysis, decision-making, approval, implementation and post-implementation of the change.
Change document: Request For Change, Change Control form, Change order, Change record.
Change history: Auditable information that records, for example, what was done, when it was done, by whom and why.
Change log: A log of Requests For Change raised during the project, showing information on each Change, its evaluation, what decisions have been made and its current status, e.g. Raised, Reviewed, Approved, Implemented, Closed.
Change Management: Process of controlling changes to the infrastructure or any aspect of services, in a controlled manner, enabling approved changes with minimum disruption.
Change record: A record containing details of which CIs are affected by an authorised change (planned or implemented) and how.
charging: The process of establishing charges in respect of business units, and raising the relevant invoices for recovery from Customers.
classification: Process of formally grouping Configuration Items by type, e.g. software, hardware, documentation, environment, application.

Process of formally identifying changes by type e.g. project scope change request, validation change request, infrastructure change request

Process of formally identifying Incidents, problems and Known Errors by origin, symptoms and cause.
closure: When the Customer is satisfied that an Incident has been resolved.
cold stand-by: See ‘gradual recovery’.
command, control and communications: The processes by which an organisation retains overall coordination of its recovery effort during invocation of business recovery plans.
Computer-Aided Systems Engineering (CASE): A software tool for programmers. It provides help in the planning, analysis, design and documentation of computer software.
Configuration baseline: Configuration of a product or system established at a specific point in time, which captures both the structure and details of the product or system, and enables that product or system to be rebuilt at a later date.

A snapshot or a position which is recorded. Although the position may be updated later, the baseline remains unchanged and available as a reference of the original state and as a comparison against the current position (PRINCE2).

See also ‘baseline’.
Configuration control: Activities comprising the control of changes to Configuration Items after formally establishing its configuration documents. It includes the evaluation, coordination, approval or rejection of changes. The implementation of changes includes changes, deviations and waivers that impact on the configuration.
Configuration documentation: Documents that define requirements, system design, build, production, and verification for a Configuration Item.
Configuration identification: Activities that determine the product structure, the selection of Configuration Items, and the documentation of the Configuration Item’s physical and functional characteristics including interfaces and subsequent changes. It includes the allocation of identification characters or numbers to the Configuration Items and their documents. It also includes the unique numbering of Configuration control forms associated with changes and Problems.
Configuration Item (CI): Component of an infrastructure – or an item, such as a Request For Change, associated with an infrastructure – which is (or is to be) under the control of Configuration Management. CIs may vary widely in complexity, size and type – from an entire system (including all hardware, software and documentation) to a single module or a minor hardware component.
Configuration Management: The process of identifying and defining the Configuration Items in a system, recording and reporting the status of Configuration Items and Requests For Change, and verifying the completeness and correctness of Configuration Items.
Configuration Management Database (CMDB): A database which contains all relevant details of each CI and details of the important relationships between CIs.
Configuration Management plan: Document setting out the organisation and procedures for the Configuration Management of a specific product, project, system, support group or service.
Configuration Management Tool (CM Tool): A software product providing automatic support for Change, Configuration or version control.
Configuration Structure: A hierarchy of all the CIs that comprise a configuration.
Contingency Planning: Planning to address unwanted occurrences that may happen at a later time. Traditionally, the term has been used to refer to planning for the recovery of IT systems rather than entire business processes.
Continuous Service Improvement Programme: An ongoing formal programme undertaken within an organisation to identify and introduce measurable improvements within a specified work area or work process.
cost: The amount of expenditure (actual or notional) incurred on, or attributable to, a specific activity or business unit.
cost-effectiveness: Ensuring that there is a proper balance between the Quality of Service on the one side and expenditure on the other. Any investment that increases the costs of providing IT services should always result in enhancement to service quality or quantity.
cost management: All the procedures, tasks and deliverables that are needed to fulfil an organisation’s costing and charging requirements.
cost of failure: A technique used to evaluate and measure the cost of failed actions and activities. It can be measured as a total within a period or an average per failure. An example would be ‘the cost of failed changes per month’ or ‘the average cost of a failed change’.
cost unit: In the context of CSBC the cost unit is a functional cost unit which establishes standard cost per workload element of activity, based on calculated activity ratios converted to cost ratios.
costing: The process of identifying the costs of the business and of breaking them down and relating them to the various activities of the organisation.
countermeasure: A check or restraint on the service designed to enhance security by reducing the risk of an attack (by reducing either the threat or the vulnerability), reducing the impact of an attack, detecting the occurrence of an attack and/or assisting in the recovery from an attack.
crisis management: The processes by which an organisation manages the wider impact of a disaster, such as adverse media coverage.
Critical Success Factor (CSF): A measure of success or maturity of a project or process. It can be a state, a deliverable or a milestone. An example of a CSF would be ‘the production of an overall technology strategy’.
Customer: Recipient of the service; usually the Customer management has responsibility for the cost of the service, either directly through charging or indirectly in terms of demonstrable business need.
data transfer time: The length of time taken for a block or sector of data to be read from or written to an I/O device, such as a disk or tape.
Definitive Software Library (DSL): The library in which the definitive authorised versions of all software CIs are stored and protected. It is a physical library or storage repository where master copies of software versions are placed. This one logical storage area may in reality consist of one or more physical software libraries or filestores. They should be separate from development and test filestore areas. The DSL may also include a physical store to hold master copies of bought-in software, e.g. fireproof safe. Only authorised software should be accepted into the DSL, strictly controlled by Change and Release Management.

The DSL exists not directly because of the needs of the Configuration Management process, but as a common base for the Release Management and Configuration Management processes.
Delta Release: A Delta, or partial, Release is one that includes only those CIs within the Release unit that have actually changed or are new since the last full or Delta Release. For example, if the Release unit is the program, a Delta Release contains only those modules that have changed, or are new, since the last Full Release of the program or the last Delta Release of the modules.

See also ‘Full Release’.
dependency: The reliance, either direct or indirect, of one process or activity upon another.
depreciation: The loss in value of an asset due to its use and/or the passage of time. The annual depreciation charge in accounts represents the amount of capital assets used up in the accounting period. It is charged in the cost accounts to ensure that the cost of capital equipment is reflected in the unit costs of the services provided using the equipment. There are various methods of calculating depreciation for the period, but the Treasury usually recommends the use of current cost asset valuation as the basis for the depreciation charge.
differential charging: Charging business Customers different rates for the same work, typically to dampen demand or to generate revenue for spare capacity. This can also be used to encourage off-peak or night-time running.
direct cost: A cost that is incurred for, and can be traced in full to a product, service, cost centre or department. This is an allocated cost. Direct costs are direct materials, direct wages and direct expenses.

See also ‘indirect cost’.
disaster recovery planning: A series of processes that focus only upon the recovery processes, principally in response to physical disasters, that are contained within BCM.
discounted cashflow: An evaluation of the future net cashflows generated by a capital project by discounting them to their present-day value. The two methods most commonly used are:

yield method, for which the calculation determines the internal rate of return (IRR) in the form of a percentage

net present value (NPV) method, in which the discount rate is chosen and the answer is a sum of money.
discounting: The offering to business Customers of reduced rates for the use of off-peak resources.

See also ‘surcharging’.
disk cache controller: Memory that is used to store blocks of data that have been read from the disk devices connected to them. If a subsequent I/O requires a record that is still resident in the cache memory, it will be picked up from there, thus saving another physical I/O.
downtime: Total period that a service or component is not operational, within agreed service times.
duplex (full and half): Full duplex line/channel allows simultaneous transmission in both directions. Half duplex line/channel is capable of transmitting in both directions, but only in one direction at a time.
echoing: A reflection of the transmitted signal from the receiving end; a visual method of error detection in which the signal from the originating device is looped back to that device so that it can be displayed.
elements of cost: The constituent parts of costs according to the factors upon which expenditure is incurred viz., materials, labour and expenses.
End User: See ‘User’.
environment: A collection of hardware, software, network communications and procedures that work together to provide a discrete type of computer service. There may be one or more environments on a physical platform, e.g. test, production. An environment has unique features and characteristics that dictate how they are administered in similar, yet diverse manners.
Expert User: See ‘Super User’.
external target: One of the measures against which a delivered IT service is compared, expressed in terms of the Customer’s business.
financial year: An accounting period covering 12 consecutive months. In the public sector this financial year generally coincides with the fiscal year which runs from 1 April to 31 March.
first-line support: Service Desk call logging and resolution (on agreed areas, for example MS Word).
first time fix rate: Commonly used metric, used to define Incidents resolved at the first point of contact between a Customer and the Service Provider, without delay or referral, generally by a front line support group such as a help desk or Service Desk. First time fixes are a sub-set of remote fixes.
Forward Schedule of Changes (FSC): Contains details of all the changes approved for implementation and their proposed implementation dates. It should be agreed with the Customers and the business, Service Level Management, the Service Desk and Availability Management. Once agreed, the Service Desk should communicate to the User community at large any planned additional downtime arising from implementing the changes, using the most effective methods available.
full cost: The total cost of all the resources used in supplying a service, i.e. the sum of the direct costs of producing the output, a proportional share of overhead costs and any selling and distribution expenses. Both cash costs and notional (non-cash) costs should be included, including the cost of capital.

See also ‘Total Cost of Ownership’.
Full Release: All components of the Release unit are built, tested, distributed and implemented together.

See also ‘Delta Release’.
Gateway: Equipment which is used to interface networks so that a terminal on one network can communicate with services or a terminal on another.
gradual recovery: Previously called ‘cold stand-by’, this is applicable to organisations that do not need immediate restoration of business processes and can function for a period of up to 72 hours, or longer, without a re-establishment of full IT facilities. This may include the provision of empty accommodation fully equipped with power, environmental controls and local network cabling infrastructure, telecommunications connections, and available in a disaster situation for an organisation to install its own computer equipment.
hard charging: Descriptive of a situation where, within an organisation, actual funds are transferred from the Customer to the IT organisation in payment for the delivery of IT services.
hard fault: The situation in a virtual memory system when the required page of code or data that a program was using has been redeployed by the operating system for some other purpose. This means that another piece of memory must be found to accommodate the code or data, and will involve physical reading/writing of pages to the page file.
host: A host computer comprises the central hardware and software resources of a computer complex, e.g. CPU, memory, channels, disk and magnetic tape I/O subsystems plus operating and applications software. The term is used to denote all non-network items.
hot stand-by: See ‘immediate recovery’.
ICT: The convergence of Information Technology, Telecommunications and Data Networking Technologies into a single technology.
immediate recovery: Previously called ‘hot stand-by’, provides for the immediate restoration of services following any irrecoverable Incident. It is important to distinguish between the previous definition of ‘hot stand-by’ and ‘immediate recovery’. Hot stand-by typically referred to availability of services within a short timescale such as 2 or 4 hours whereas immediate recovery implies the instant availability of services.
impact: Measure of the business criticality of an Incident. Often equal to the extent to which an Incident leads to distortion of agreed or expected Service Levels.
impact analysis: The identification of critical business processes, and the potential damage or loss that may be caused to the organisation resulting from a disruption to those processes. Business impact analysis identifies:

the form the loss or damage will take

how that degree of damage or loss is likely to escalate with time following an Incident

the minimum staffing, facilities and services needed to enable business processes to continue to operate at a minimum acceptable level

the time within which they should be recovered.

The time within which full recovery of the business processes is to be achieved is also identified.
impact code: Simple code assigned to Incidents and problems, reflecting the degree of impact upon the Customer’s business processes. It is the major means of assigning priority for dealing with Incidents.
impact scenario: Description of the type of impact on the business that could follow a business disruption. Usually related to a business process and will always refer to a period of time, e.g. Customer services will be unable to operate for two days.
Incident: Any event which is not part of the standard operation of a service and which causes, or may cause, an interruption to, or a reduction in, the quality of that service.
Incident Control: The process of identifying, recording, classifying and progressing Incidents until affected services return to normal operation.
indirect cost: A cost incurred in the course of making a product providing a service or running a cost centre or department, but which cannot be traced directly and in full to the product, service or department, because it has been incurred for a number of cost centres or cost units. These costs are apportioned to cost centres/cost units. Indirect costs are also referred to as overheads.

See also ‘direct cost’.
Informed Customer: An individual, team or group with functional responsibility within an organisation for ensuring that spend on IS/IT is directed to best effect, i.e. that the business is receiving value for money and continues to achieve the most beneficial outcome. In order to fulfil its role the ‘Informed’ Customer function must gain clarity of vision in relation to the business plans and assure that suitable strategies are devised and maintained for achieving business goals.

The ‘Informed’ Customer function ensures that the needs of the business are effectively translated into a business requirements specification, that IT investment is both efficiently and economically directed, and that progress towards effective business solutions is monitored. The ‘Informed’ Customer should play an active role in the procurement process, e.g. in relation to business case development, and also in ensuring that the services and solutions obtained are used effectively within the organisation to achieve maximum business benefits. The term is often used in relation to the outsourcing of IT/IS. Sometimes also called ‘Intelligent Customer’.
interface: Physical or functional interaction at the boundary between Configuration Items.
intermediate recovery: Previously called ‘warm stand-by’, typically involves the re-establishment of the critical systems and services within a 24 to 72 hour period, and is used by organisations that need to recover IT facilities within a predetermined time to prevent impacts to the business process.
internal target: One of the measures against which supporting processes for the IT service are compared. Usually expressed in technical terms relating directly to the underpinning service being measured.
invocation (of business recovery plans): Putting business recovery plans into operation after a business disruption.
invocation (of stand-by arrangements): Putting stand-by arrangements into operation as part of business recovery activities.
invocation and recovery phase: The second phase of a business recovery plan.
ISO9001: The internationally accepted set of standards concerning quality management systems.
IT accounting: The set of processes that enable the IT organisation to account fully for the way money is spent (particularly the ability to identify costs by Customer, by service and by activity).
IT directorate: The part of an organisation charged with developing and delivering the IT services.
IT Infrastructure: The sum of an organisation’s IT related hardware, software, data telecommunication facilities, procedures and documentation.
IT service: A described set of facilities, IT and non-IT, supported by the IT Service Provider that fulfils one or more needs of the Customer and that is perceived by the Customer as a coherent whole.
IT Service Provider: The role of IT Service Provider is performed by any organisational units, whether internal or external, that deliver and support IT services to a Customer.
ITIL: The OGC IT Infrastructure Library – a set of guides on the management and provision of operational IT services.
key business drivers: The attributes of a business function that drive the behaviour and implementation of that business function in order to achieve the strategic business goals of the company.
Key Performance Indicator: A measurable quantity against which specific Performance Criteria can be set when drawing up the SLA.
Key Success Indicator: A measurement of success or maturity of a project or process.

See also ‘Critical Success Factor’.
Knowledge Management: Discipline within an organisation that ensures that the intellectual capabilities of an organisation are shared, maintained and institutionalised.
Known Error: An Incident or Problem for which the root cause is known and for which a temporary Work-around or a permanent alternative has been identified. If a business case exists, an RFC will be raised, but, in any event, it remains a Known Error unless it is permanently fixed by a change.
latency: The elapsed time from the moment when a seek was completed on a disk device to the point when the required data is positioned under the read/write heads. It is normally defined by manufacturers as being half the disk rotation time.
lifecycle: A series of states, connected by allowable transitions. The lifecycle represents an approval process for Configuration Items, Problem Reports and Change documents.
logical I/O: A read or write request by a program. That request may, or may not, necessitate a physical I/O. For example, on a read request the required record may already be in a memory buffer and therefore a physical I/O is not necessary.
marginal cost: The cost of providing the service now, based upon the investment already made.
maturity level/milestone: The degree to which BCM activities and processes have become standard business practice within an organisation.
metric: Measurable element of a service process or function.
Operational Costs: Those costs resulting from the day-to-day running of the IT services section, e.g. staff costs, hardware maintenance and electricity, and relating to repeating payments whose effects can be measured within a short time-frame, usually less than the 12-month financial year.
Operational Level Agreement (OLA): An internal agreement covering the delivery of services which support the IT organisation in their delivery of services.
Operations: All activities and measures to enable and/or maintain the intended use of the ICT infrastructure.
opportunity cost (or true cost): The value of a benefit sacrificed in favour of an alternative course of action. That is the cost of using resources in a particular operation expressed in terms of forgoing the benefit that could be derived from the best alternative use of those resources.
outsourcing: The process by which functions performed by the organisation are contracted out for operation, on the organisation’s behalf, by third parties.
overheads: The total of indirect materials, wages and expenses.
Package Assembly/Disassembly Device (PAD): A device that permits terminals, which do not have an interface suitable for direct connection to a packet switched network, to access such a network. A PAD converts data to/from packets and handles call set-up and addressing.
page fault: A program interruption that occurs when a page that is marked ‘not in real memory’ is referred to by an active page.
Paging: The I/O necessary to read and write to and from the paging disks: real (not virtual) memory is needed to process data. With insufficient real memory, the operating system writes old pages to disk, and reads new pages from disk, so that the required data and instructions are in real memory.
PD0005: Alternative title for the BSI publication ‘A Code of Practice for IT Service Management’.
percentage utilisation: The amount of time that a hardware device is busy over a given period of time. For example, if the CPU is busy for 1800 seconds in a one-hour period, its utilisation is said to be 50%.
Performance Criteria: The expected levels of achievement which are set within the SLA against specific Key Performance Indicators.
phantom line error: A communications error reported by a computer system that is not detected by network monitoring equipment. It is often caused by changes to the circuits and network equipment (e.g. re-routing circuits at the physical level on a backbone network) while data communications is in progress.
physical I/O: A read or write request from a program has necessitated a physical read or write operation on an I/O device.
prime cost: The total cost of direct materials, direct labour and direct expenses. The term prime cost is commonly restricted to direct production costs only and so does not customarily include direct costs of marketing or research and development.
PRINCE2: The standard UK government method for project management.
priority: Sequence in which an Incident or Problem needs to be resolved, based on impact and urgency.
Problem: Unknown underlying cause of one or more Incidents.
Problem Management: Process that minimises the effect on Customer(s) of defects in services and within the infrastructure, human errors and external events.
process: A connected series of actions, activities, changes etc., performed by agents with the intent of satisfying a purpose or achieving a goal.
Process Control: The process of planning and regulating, with the objective of performing the process in an effective and efficient way.
programme: A collection of activities and projects that collectively implement a new corporate requirement or function.
provider: The organisation concerned with the provision of IT services.
Quality of Service: An agreed or contracted level of service between a service Customer and a Service Provider.
queuing time: Queuing time is incurred when the device, which a program wishes to use, is already busy. The program therefore has to wait in a queue to obtain service from that device.
RAID: Redundant Array of Inexpensive Disks – a mechanism for providing data resilience for computer systems using mirrored arrays of magnetic disks.

Different levels of RAID can be applied to provide for greater resilience.
reference data: Information that supports the plans and action lists, such as names and addresses or inventories, which is indexed within the plan.
Release: A collection of new and/or changed CIs which are tested and introduced into the live environment together.
remote fixes: Incidents or problems resolved without a member of the support staff visiting the physical location of the problems. Note: Fixing Incidents or problems remotely minimises the delay before the service is back to normal and are therefore usually cost-effective.
Request For Change (RFC): Form, or screen, used to record details of a request for a change to any CI within an infrastructure or to procedures and items associated with the infrastructure.
resolution: Action which will resolve an Incident. This may be a Work-around.
resource cost: The amount of machine resource that a given task consumes. This resource is usually expressed in seconds for the CPU or the number of I/Os for a disk or tape device.
resource profile: The total resource costs that are consumed by an individual on-line transaction, batch job or program. It is usually expressed in terms of CPU seconds, number of I/Os and memory usage.
resource unit costs: Resource units may be calculated on a standard cost basis to identify the expected (standard) cost for using a particular resource. Because computer resources come in many shapes and forms, units have to be established by logical groupings. Examples are:

CPU time or instructions

disk I/Os

print lines

communication transactions.
resources: The IT services section needs to provide the Customers with the required services. The resources are typically computer and related equipment, software, facilities or organisational (people).
Return On Investment: The ratio of the cost of implementing a project, product or service and the savings as a result of completing the activity in terms of either internal savings, increased external revenue or a combination of the two. For instance, in simplistic terms if the internal cost of ICT cabling of office moves is £100,000 per annum and a structured cabling system can be installed for £300,000, then an ROI will be achieved after approximately three years.
return to normal phase: The phase within a business recovery plan which re-establishes normal operations.
Risk: A measure of the exposure to which an organisation may be subjected. This is a combination of the likelihood of a business disruption occurring and the possible loss that may result from such business disruption.
Risk Analysis: The identification and assessment of the level (measure) of the risks calculated from the assessed values of assets and the assessed levels of threats to, and vulnerabilities of, those assets.
Risk Management: The identification, selection and adoption of countermeasures justified by the identified risks to assets in terms of their potential impact upon services if failure occurs, and the reduction of those risks to an acceptable level.
Risk reduction measure: Measures taken to reduce the likelihood or consequences of a business disruption occurring (as opposed to planning to recover after a disruption).
role: A set of responsibilities, activities and authorisations.
roll in, roll out (RIRO): Used on some systems to describe swapping.
Rotational Position Sensing: A facility which is employed on most mainframes and some minicomputers. When a seek has been initiated the system can free the path from a disk drive to a controller for use by another disk drive, while it is waiting for the required data to come under the read/write heads (latency). This facility usually improves the overall performance of the I/O subsystem.
second-line support: Where the fault cannot be resolved by first-line support or requires time to be resolved or local attendance.
Security Management: The process of managing a defined level of security on information and services.
Security Manager: The Security Manager is the role that is responsible for the Security Management process in the Service Provider organisation. The person is responsible for fulfilling the security demands as specified in the SLA, either directly or through delegation by the Service Level Manager. The Security Officer and the Security Manager work closely together.
Security Officer: The Security Officer is responsible for assessing the business risks and setting the security policy. As such, this role is the counterpart of the Security Manager and resides in the Customer’s business organisation. The Security Officer and the Security Manager work closely together.
seek time: Occurs when the disk read/write heads are not positioned on the required track. It describes the elapsed time taken to move heads to the right track.
segregation of duties: Separation of the management or execution of certain duties or of areas of responsibility is required in order to prevent and reduce opportunities for unauthorised modification or misuse of data or service.
self-insurance: A decision to bear the losses that could result from a disruption to the business as opposed to taking insurance cover on the Risk.
Service: One or more IT systems which enable a business process.
Service achievement: The actual Service Levels delivered by the IT organisation to a Customer within a defined lifespan.
Service Catalogue: Written statement of IT services, default levels and options.
Service Dependency Modelling: Technique used to gain insight in the interdependency between an IT service and the Configuration Items that make up that service.
Service Desk: The single point of contact within the IT organisation for Users of IT services.
Service Improvement Programme (SIP): A formal project undertaken within an organisation to identify and introduce measurable improvements within a specified work area or work process.
Service Level: The expression of an aspect of a service in definitive and quantifiable terms.
Service Level Agreement (SLA): Written agreement between a Service Provider and the Customer(s) that documents agreed Service Levels for a service.
Service Level Management (SLM): The process of defining, agreeing, documenting and managing the levels of Customer IT service, that are required and cost justified.
Service Management: Management of Services to meet the Customer’s requirements.
Service Provider: Third-party organisation supplying services or products to Customers.
Service quality plan: The written plan and specification of internal targets designed to guarantee the agreed Service Levels.
Service Request: Every Incident not being a failure in the IT Infrastructure.
Services: The deliverables of the IT services organisation as perceived by the Customers; the services do not consist merely of making computer resources available for Customers to use.
severity code: Simple code assigned to problems and Known Errors, indicating the seriousness of their effect on the Quality of Service. It is the major means of assigning priority for resolution.
simulation modelling: Using a program to simulate computer processing by describing in detail the path of a job or transaction. It can give extremely accurate results. Unfortunately, it demands a great deal of time and effort from the modeller. It is most beneficial in extremely large or time-critical systems where the margin for error is very small.
soft fault: The situation in a virtual memory system when the operating system has detected that a page of code or data was due to be reused, i.e. it is on a list of ‘free’ pages, but it is still actually in memory. It is now rescued and put back into service.
Software Configuration Item (SCI): As ‘Configuration Item’, excluding hardware and services.
software environment: Software used to support the application such as operating system, database management system, development tools, compilers, and application software.
software library: A controlled collection of SCIs designated to keep those with like status and type together and segregated from unlike, to aid in development, operation and maintenance.
software work unit: Software work is a generic term devised to represent a common base on which all calculations for workload usage and IT resource capacity are then based. A unit of software work for I/O type equipment equals the number of bytes transferred; and for central processors it is based on the product of power and CPU time.
solid state devices: Memory devices that are made to appear as if they are disk devices. The advantages of such devices are that the service times are much faster than real disks since there is no seek time or latency. The main disadvantage is that they are much more expensive.
spec sheet: Specifies in detail what the Customer wants (external) and what consequences this has for the Service Provider (internal) such as required resources and skills.
stakeholder: Any individual or group who has an interest, or ‘stake’, in the IT service organisation of a CSIP.
standard cost: A predetermined calculation of how many costs should be under specified working conditions. It is built up from an assessment of the value of cost elements and correlates technical specifications and the quantification of materials, labour and other costs to the prices and/or wages expected to apply during the period in which the standard cost is intended to be used. Its main purposes are to provide bases for control through variance accounting, for the valuation of work in progress and for fixing selling prices.
standard costing: A technique which uses standards for costs and revenues for the purposes of control through variance analysis.
stand-by arrangements: Arrangements to have available assets that have been identified as replacements should primary assets be unavailable following a business disruption. Typically, these include accommodation, IT systems and networks, telecommunications and sometimes people.
storage occupancy: A defined measurement unit that is used for storage type equipment to measure usage. The unit value equals the number of bytes stored.
Strategic Alignment Objectives Model (SAOM): Relation diagram depicting the relation between a business function and its business drivers and the technology with the technology characteristics. The SAOM is a high-level tool that can help IT services organisations to align their SLAs, OLAs and acceptance criteria for new technology with the business value they deliver.
Super User: In some organisations it is common to use ‘expert’ Users (commonly known as Super or Expert Users) to deal with first-line support problems and queries. This is typically in specific application areas, or geographical locations, where there is not the requirement for full-time support staff. This valuable resource, however, needs to be carefully coordinated and utilised.
surcharging: Surcharging is charging business Users a premium rate for using resources at peak times.
swapping: The reaction of the operating system to insufficient real memory: swapping occurs when too many tasks are perceived to be competing for limited resources. It is the physical movement of an entire task (e.g. all real memory pages of an address space may be moved at one time from main storage to auxiliary storage).
system: An integrated composite that consists of one or more of the processes, hardware, software, facilities and people, that provides a capability to satisfy a stated need or objective.
tension metrics: A set of objectives for individual team members to use to balance conflicting roles and conflicting project and organisational objectives in order to create shared responsibility in teams and between teams.
terminal emulation: Software running on an intelligent device, typically a PC or workstation, which allows that device to function as an interactive terminal connected to a host system. Examples of such emulation software includes IBM 3270 BSC or SNA, ICL C03, or Digital VT100.
terminal I/O: A read from, or a write to, an on-line device such as a VDU or remote printer.
third-line support: Where specialists’ skills (e.g. development/engineer) or contracted third-party support is required.
third-party supplier: An enterprise or group, external to the Customer’s enterprise, which provides services and/or products to that Customer’s enterprise.
thrashing: A condition in a virtual storage system where an excessive proportion of CPU time is spent moving data between main and auxiliary storage.
threat: An indication of an unwanted Incident that could impinge on the system in some way. Threats may be deliberate (e.g. wilful damage) or accidental (e.g. operator error).
Total Cost of Ownership (TCO): Calculated by including depreciation, maintenance, staff costs, accommodation, and planned renewal.
tree structures: In data structures, a series of connected nodes without cycles. One node is termed the ‘root’ and is the starting point of all paths; other nodes termed ‘leaves’ terminate the paths.
unabsorbed overhead: Any indirect cost that cannot be apportioned to a specific Customer.
underpinning contract: A contract with an external supplier covering delivery of services that support the IT organisation in their delivery of services.
unit costs: Costs distributed over individual component usage. For example, it can be assumed that, if a box of paper with 1000 sheets costs £10, then each sheet costs 1p. Similarly if a CPU costs £lm a year and it is used to process 1,000 jobs that year, each job costs on average £1,000.
urgency: Measure of the business criticality of an Incident or Problem based on the impact and the business needs of the Customer.
User: The person who uses the service on a day-to-day basis.
Utility Cost Centre (UCC): A cost centre for the provision of support services to other cost centres.
variance analysis: A variance is the difference between planned, budgeted or standard cost and actual cost (or revenues). Variance analysis is an analysis of the factors that have caused the difference between the predetermined standards and the actual results. Variances can be developed specifically related to the operations carried out in addition to those mentioned above.
version: An identified instance of a Configuration Item within a product breakdown structure or Configuration Structure for the purpose of tracking and auditing Change history. Also used for Software Configuration Items to define a specific identification released in development for drafting, review or modification, test or production.
version identifier: A version number, version date, or version date and time stamp.
virtual memory system: A system that enhances the size of hard memory by adding an auxiliary storage layer residing on the hard disk.
Virtual Storage Interrupt (VSI): An ICL VME term for a page fault.
vulnerability: A weakness of the system and its assets, which could be exploited by threats.
warm stand-by: See ‘intermediate recovery’.
waterline: The lowest level of detail relevant to the Customer.
Work-around: Method of avoiding an Incident or Problem, either from a temporary fix or from a technique that means the Customer is not reliant on a particular aspect of the service that is known to have a Problem.
workloads: In the context of Capacity Management Modelling, a set of forecasts which detail the estimated resource usage over an agreed planning horizon. Workloads generally represent discrete business applications and can be further subdivided into types of work (interactive, timesharing, batch).
WORM (Device): Optical read only disks, standing for Write Once Read Many.
XML: Extensible Markup Language. XML is a set of rules for designing text formats that let you structure your data. XML makes it easy for a computer to generate data, read data, and ensure that the data structure is unambiguous. XML avoids common pitfalls in language design: it is extensible, platform-independent, and it supports internationalisation and localisation.