Strategy and architecture

Business strategy and planning

IT management - ITMG

The management of the IT infrastructure and resources required to plan for, develop, deliver and support IT services and products to meet the needs of a business. The preparation for new or changed services, management of the change process and the maintenance of regulatory, legal and professional standards. The management of performance of systems and services in terms of their contribution to business performance and their financial costs and sustainability. The management of bought-in services. The development of continual service improvement plans to ensure the IT infrastructure adequately supports business needs.

Level 5

Takes responsibility for the design, procurement, installation, upgrading, operation, control, maintenance (including storage and communication of data, voice, text, audio and images) and effective use of IT infrastructure components and monitors their performance. Provides technical management of an IT operation, ensuring that agreed service levels are met and all relevant procedures are adhered to. Schedules and supervises all maintenance and installation work. Ensures that operational problems are identified and resolved. Provides appropriate status and other reports to specialists, users and managers. Ensures that operational procedures and working practices are fit for purpose and current.

Financial management - FMIT

The overall financial management, control and stewardship of the IT assets and resources used in the provision of IT services, including the identification of materials and energy costs, ensuring compliance with all governance, legal and regulatory requirements.

Level 5

Advises on financial planning and budgeting. Develops financial plans and forecasts. Monitors and manages IT expenditure, ensuring that all IT financial targets are met, and examining any areas where budgets and expenditure exceed their agreed tolerances. Assists with the definition and operation of effective financial control and decision making, especially in the areas of service, projects and component cost models and the allocation and apportionment of all incurred IT costs. Analyses actual expenditure, explains variances, and advises on options in use of available budget.

Business process improvement - BPRE

The identification of new and alternative approaches to performing business activities. The analysis of business processes, including recognition of the potential for automation of the processes, assessment of the costs and potential benefits of the new approaches considered and, where appropriate, management of change, and assistance with implementation. May include the implementation of a process management capability/discipline at the enterprise level.

Level 5

Analyses business processes; identifies alternative solutions, assesses feasibility, and recommends new approaches. Contributes to evaluating the factors which must be addressed in the change programme. Helps establish requirements for the implementation of changes in the business process.

Business risk management - BURM

The planning and implementation of organisation-wide processes and procedures for the management of risk to the success or integrity of the business, especially those arising from the use of information technology, reduction or non-availability of energy supply or inappropriate disposal of materials, hardware or data.

Level 5

Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business. Refers to domain experts for guidance on specialised areas of risk, such as architecture and environment. Co-ordinates the development of countermeasures and contingency plans.

Technical strategy and planning

Continuity management - COPL

The provision of service continuity planning and support. This includes the identification of information systems which support critical business processes, the assessment of risks to those systems' availability, integrity and confidentiality and the co-ordination of planning, designing, testing and maintenance procedures and contingency plans to address exposures and maintain agreed levels of continuity. This function should be performed as part of, or in close cooperation with, the function which plans business continuity for the whole organisation.

Level 5

Owns the service continuity planning process and leads the implementation of resulting plans. Coordinates the identification by specialists across the organisation of information and communication systems which support the critical business processes, and the assessment of risks to the availability, integrity, and confidentiality of those systems. Evaluates the critical risks associated with these systems and identifies priority areas for improvement. Coordinates the planning, designing, testing of maintenance procedures and contingency plans to address exposure to risk and ensure that agreed levels of continuity are maintained.

Network planning - NTPL

The creation and maintenance of overall network plans, encompassing the communication of data, voice, text and image, in the support of an organisation's business strategy. This includes participation in the creation of service level agreements and the planning of all aspects of infrastructure necessary to ensure provision of network services to meet such agreements. Physical implementation may include copper wire, fibre-optic, wireless, or any other technology.

Level 5

Creates and maintains network plans for own area of responsibility, contributes to setting service level agreements, and plans the infrastructure necessary to provide the network services to meet such agreements.

Solution architecture - ARCH

The design and communication of high-level structures to enable and guide the design and development of integrated solutions that meet current and future business needs. In addition to technology components, solution architecture encompasses changes to service, process, organisation, and operating models. Architecture definition must demonstrate how requirements (such as automation of business processes) are met, any requirements which are not fully met, and any options or considerations which require a business decision. The provision of comprehensive guidance on the development of, and modifications to, solution components to ensure that they take account of relevant architectures, strategies, policies, standards and practices (including security) and that existing and planned solution components remain compatible.

Level 5

Uses appropriate tools, including logical models of components and interfaces, to contribute to the development of systems architectures in specific business or functional areas. Produces detailed component specifications and translates these into detailed designs for implementation using selected products. Within a business change programme, assists in the preparation of technical plans and cooperates with business assurance and project staff to ensure that appropriate technical resources are made available. Provides advice on technical aspects of system development and integration (including requests for changes, deviations from specifications, etc.) and ensures that relevant technical strategies, policies, standards and practices (including security) are applied correctly.

Change and transformation

Business change management

Change implementation planning and management - CIPM

The definition and management of the process for deploying and integrating new digital capabilities into the business in a way that is sensitive to and fully compatible with business operations.

Level 5

Creates the business readiness plan, taking into consideration IT deployment, data migration, capability deployment (training and engagement activities) and any business activities required to integrate new digital processes or jobs into the "business as usual" environment. Determines the readiness levels of business users with regard to upcoming changes; uncovers readiness gaps and creates and implements action plans to close the gaps prior to going live. Assists the user community in the provision of transition support and change planning, and liaises with the project team. Monitors and reports progress on business readiness targets, business engagement activity, training design and deployment activities, key operational metrics and return to productivity measures. Defines the series and sequence of activities to bring stakeholders to the required level of commitment, prior to going live.

Delivery and operation

Service design

Availability management - AVMT

The definition, analysis, planning, measurement, maintenance and improvement of all aspects of the availability of services, including the availability of power. The overall control and management of service availability to ensure that the level of service delivered in all services is matched to or exceeds the current and future agreed needs of the business, in a cost effective manner.

Level 5

Provides advice, assistance and leadership associated with the planning, design and improvement of service and component availability, including the investigation of all breaches of availability targets and service non-availability, with the instigation of remedial activities. Plans arrangements for disaster recovery together with supporting processes and manages the testing of such plans.

Service level management - SLMO

The planning, implementation, control, review and audit of service provision, to meet customer business requirements. This includes negotiation, implementation and monitoring of service level agreements, and the ongoing management of operational facilities to provide the agreed levels of service, seeking continually and proactively to improve service delivery and sustainability targets.

Level 5

Ensures that service delivery meets agreed service levels. Creates and maintains a catalogue of available services. In consultation with the customer negotiates service level requirements and agrees service levels. Diagnoses service delivery problems and initiates actions to maintain or improve levels of service. Establishes and maintains operational methods, procedures and facilities in assigned area of responsibility and reviews them regularly for effectiveness and efficiency.

Service transition

Service acceptance - SEAC

The achievement of formal confirmation that service acceptance criteria have been met, and that the service provider is ready to operate the new service when it has been deployed. (Service acceptance criteria are used to ensure that a service meets the defined service requirements, including functionality, operational support, performance and quality requirements).

Level 5

Engages with technical design and project managers or Project Management Office, to ensure correct products are produced, in a timely fashion. Evaluates the quality of project outputs against agreed service acceptance criteria.

Configuration management - CFMG

The lifecycle planning, control and management of the assets of an organisation (such as documentation, software and service assets, including information relating to those assets and their relationships. This involves identification, classification and specification of all configuration items (CIs) and the interfaces to other processes and data. Required information relates to storage, access, service relationships, versions, problem reporting and change control of CIs. The application of status accounting and auditing, often in line with acknowledged external criteria such as ISO 9000, ISO/IEC 20000, ISO/IEC 27000 and security throughout all stages of the CI lifecycle, including the early stages of system development.

Level 5

Manages configuration items (CIs) and related information. Investigates and implements tools, techniques and processes for managing CIs and verifies that related information is complete, current and accurate.

Asset management - ASMG

The management of the lifecycle for all managed assets (hardware, software, intellectual property, licences, warranties etc) including security, inventory, compliance, usage and disposal, aiming to protect and secure the corporate assets portfolio, optimise the total cost of ownership and sustainability by minimising operating costs, improving investment decisions and capitalising on potential opportunities. Knowledge and use of international standards for asset management and close integration with security, change, and configuration management are examples of enhanced asset management development.

Level 5

Manages and maintains the service compliance of all IT and service assets in line with business and regulatory requirements involving knowledge of financial and technical processes, tools and techniques. Identifies, assesses and communicates associated risks. Ensures asset controllers, infrastructure teams and the business co-ordinate and optimise value, maintain control and maintain appropriate legal compliance.

Change management - CHMG

The management of change to the service infrastructure including service assets, configuration items and associated documentation. Change management uses requests for change (RFC) for standard or emergency changes, and changes due to incidents or problems to provide effective control and reduction of risk to the availability, performance, security and compliance of the business services impacted by the change.

Level 5

Develops implementation plans for complex requests for change. Evaluates risks to the integrity of service environment inherent in proposed implementations (including availability, performance, security and compliance of the business services impacted). Seeks authority for those activities, reviews the effectiveness of change implementation, suggests improvement to organisational procedures governing change management. Leads the assessment, analysis, development, documentation and implementation of changes based on requests for change.

Service operation

Capacity management - CPMG

The management of the capability, functionality and sustainability of service components (including hardware, software, network resources and software/infrastructure as a Service) to meet current and forecast needs in a cost efficient manner aligned to the business. This includes predicting both long-term changes and short-term variations in the level of capacity required to execute the service, and deployment, where appropriate, of techniques to control the demand for a particular resource or service.

Level 5

Drafts and maintains standards and procedures for service component capacity management. Ensures the correct implementation of standards and procedures. Pro-actively reviews information in conjunction with service level agreements to identify any capacity issues and specifies any required changes. Works with business users to agree and implement short and medium term modifications to demand.

Security administration - SCAD

The provision of operational security management and administrative services. Typically includes the authorisation and monitoring of access to IT facilities or infrastructure, the investigation of unauthorised access and compliance with relevant legislation.

Level 5

Monitors the application and compliance of security administration procedures and reviews information systems for actual or potential breaches in security. Ensures that all identified breaches in security are promptly and thoroughly investigated and that any system changes required to maintain security are implemented. Ensures that security records are accurate and complete and that request for support are dealt with according to set standards and procedures. Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.

Application support - ASUP

The provision of application maintenance and support services, either directly to users of the systems or to service delivery functions. Support typically includes investigation and resolution of issues and may also include performance monitoring. Issues may be resolved by providing advice or training to users, by devising corrections (permanent or temporary) for faults, making general or site-specific modifications, updating documentation, manipulating data, or defining enhancements Support often involves close collaboration with the system's developers and/or with colleagues specialising in different areas, such as Database administration or Network support.

Level 5

Drafts and maintains procedures and documentation for applications support. Manages application enhancements to improve business performance. Advises on application security, licensing, upgrades, backups, and disaster recovery needs. Ensures that all requests for support are dealt with according to set standards and procedures.

Incident management - USUP

The processing and coordination of appropriate and timely responses to incident reports, including channelling requests for help to appropriate functions for resolution, monitoring resolution activity, and keeping clients appraised of progress towards service restoration.

Level 5

Ensures that incidents are handled according to agreed procedures. Investigates escalated incidents to responsible service owners and seeks resolution. Facilitates recovery, following resolution of incidents. Ensures that resolved incidents are properly documented and closed. Analyses causes of incidents, and informs service owners in order to minimise probability of recurrence, and contribute to service improvement. Analyses metrics and reports on performance of incident management process.