P a t h w a y t o

E m p l o y a b i l i t y

Program Manual
Code: CoK-ITS

IT SUPPORT & SERVICE MANAGEMENT

Page |1
 P a t h w a y t o
E m p l o y a b i l i t y

Dedication

To all our students and industry practitioners,

thank you for inspiring us, keeping us focused,
and making sure we do our best to help you
grow in your career with your skills and
knowhow.

VVnT is dedicated to build an empowered community of

Knowledgeable, Efficient and Ethical Verification,
Validation and Testing Professionals who contribute to
building trust and consumer confidence with Quality-First
approach in the development of Information Systems and
Secure Information Society. Our focus areas include -
Quality Assurance, Digital Assurance & Continuous
testing, Cybersecurity, Cloud Security, Privacy & Data
Protection, Audits & Compliance, Everything as DevOps.

At VVnT, we offer various Foundational level programs,

where you can earn “Certificate of Knowledge”.
Additionally, we provide Practitioner level trainings in an
internship model, where we assist on your Job placement.

Page |2
 P a t h w a y t o
E m p l o y a b i l i t y

COURSE PREREQUISITES

Candidate should have basic knowledge of computer

and networking fundamentals with logical approach. As
such, no previous experience is required to enroll for this
course. However, it’s good to be aware on information
technology industry and good communication skills is an
added advantage (either written or verbal) to opt for this
as career.

Eligibility criterion: Usually the industry demands for an

educational background of any Engineering / Science
graduate with Mathematics up to 10+2 level.

Earn Your Certificate of Knowledge (CoK): Upon

completion of this course, you need to appear for an
objective type Examination of 60 minutes duration and 40
questions. You need to correctly answer at least 60% of
the questions to pass the Examination.

STUDY WELL THIS COURSEWARE, AND

YOU CAN FEEL ABSOLUTELY CONFIDENT
TO EARN YOUR COK!!

Page |3
 P a t h w a y t o
E m p l o y a b i l i t y

1.1 - IT SUPPORT FUNCTION

The IT Support maintains the computer networks of all types of organisations,
providing technical support and ensuring that the whole company runs
smoothly. IT Support monitors and maintains the company computer
systems, installs, and configures hardware and software, and solves
technical issues as they arise.

Page |4
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.1 INTRODUCTION TO IT SUPPORT IN

THE MODERN WORLD
Long gone is the era of traditional IT help desk or service desk models,
where break-fix or incident management reigned. These no longer meet
the expectations of the consumers and citizens living and working in this
digital age.

Digital has changed the rules of customer and service support, dramatically,
and it’s only just begun. The needs created by the expectations of the
digital consumer have a significant and immediate impact on: (1) service
support strategies, (2) operating models, (3) use of technology, and of
course (4) the skillsets of support professionals

Now, all support organisations, no matter how big or small, will need to
apply ‘digital’ to their thinking.

1. Service Support Strategy

A good starting point is understanding the extent to which customers have
become “digital consumers” and what these consumers now expect.

Businesses will need to:

• Build a list of support-related situations that commonly occur.

• Ask their customers directly what methods of communication
(channels) they use to request support? Do these differ from what
they use at home? What methods would they prefer to use going
forward and for what situations? This should drive the support
channels offered.
• Know what technologies are available today and advances that can
help. Pay attention to interactive voice, virtual agent, guided
knowledge, and any emerging home technologies. It’s more often
the case that expectations are set by non-work-related activities and
imported into those at work.

Page |5
 P a t h w a y t o
E m p l o y a b i l i t y

• Inspect responses to support requests, and analyse how they and the
technologies involved interact with customers. What works, what
doesn’t? Where do the emotions of customers become inflamed,
and why? Where would a touch or voice interface work best?

2. Operating Models
This is an organisation’s approach to support. It’s less about their standard,
best practice processes and more about how they engage with customers.

They’ll need to answer the following questions:

• Is the current IT support model hierarchical (escalation based),

collaborative (team response), or chaotic (model du jour)? Is this
model applied to all situations?
• Is there sensitivity to the “personas” (common characteristics and
behaviors) of customers? Does the company adapt operational
response accordingly, or are governed by service agreements? How
does the company measure success?

Companies should consider adopting an “all the above” model where the
style of support (concierge, first-in-first-out, or contract-based) is situation-
or customer-based and requests for support have designed pathways
through the organisation.

3. Modern Support Technologies

Looking forward, there’s no doubt that more and more support agent tasks
will be automated as “virtual agents” are used (chatbots, computerized
website agents, interactive voice response). Organisations should see that
these are employed at the right points within a response, and more
importantly, does the customer agree that chatbots are helping their
support experience?

The design quality of automated, cognitive, and “human touch” support

systems and procedures is now a differentiating factor. It’s important to
know when and where this makes sense from the perspective of an

Page |6
 P a t h w a y t o
E m p l o y a b i l i t y

organisation and, again, their customers (employees in the case of internal

IT support).

Organisations must identify what can be automated, know what should be,
and appreciate what should not.

4. Staff Skillsets
In the digital age, human agents will be assisted by virtual agents. Thus,
when and how a human agent is engaged in a response will become
increasingly important, and likely situation-specific. Support personnel will
also want, and expect, to be using the best available technology.

Page |7
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.2 COMPUTER HARDWARE

Computer hardware includes the physical parts of a computer, such as the

case, central processing unit (CPU), monitor, mouse, keyboard, computer
data storage, graphics card, sound card, speakers and motherboard.

Here are some examples of some more hardware components:

• Monitor
• Motherboard
• CPU
• Main memory (RAM)
• Expansion cards.
• Power supply unit.
• Optical disc drive.
• Hard disk drive (HDD).

A computer monitor is an output device that displays information in pictorial

form. A monitor usually comprises the visual display, circuitry, and casing.

It is also known as a video display terminal (VDT) or a video display unit

(VDU). It is used to display images, text, video, and graphics information
generated by a connected computer via a computer's video card.

There are five types of monitors CRT (Cathode Ray tube), LCD (Liquid
Crystal Display), LED (Liquid Emitting Diode), OLED (Organic Light Emitting
Diode), and Plasma Monitor all are used in televisions or computer desktops.

A motherboard is the main printed circuit board (PCB) in a computer. The

motherboard serves as a single platform to connect all of the parts of a

Page |8
 P a t h w a y t o
E m p l o y a b i l i t y

computer together. It connects the CPU, memory, hard drives, optical

drives, video card, sound card, and other ports and expansion cards
directly or via cables. It can be considered as the backbone of a computer.

A central processing unit (CPU), also called a central processor, main

processor or just processor, is the electronic circuitry that executes
instructions comprising a computer program. The CPU performs basic
arithmetic, logic, controlling, and input/output (I/O) operations specified
by the instructions in the program.

RAM (Random Access Memory) is the hardware in a computing device

where the operating system (OS), application programs and data in current
use are kept so they can be quickly reached by the device's processor.
RAM is the main or primary memory in a computer. It is much faster to read
from and write to than other kinds of storage, such as a hard disk drive
(HDD), solid-state drive (SSD) or optical drive.

Random Access Memory is volatile. That means data is retained in RAM as

long as the computer is on, but it is lost when the computer is turned off.
When the computer is rebooted, the OS and other files are reloaded into
RAM, usually from an HDD or SSD.

In computing, an expansion card (Also called expansion board, adapter

card or accessory card) is a printed circuit board that can be inserted into
an electrical connector or expansion slot (also referred to as a bus slot) on

Page |9
 P a t h w a y t o
E m p l o y a b i l i t y

a computers motherboard, backplane or riser card to add functionality to

a computer system.

A Power Supply Unit (PSU) is an internal IT hardware component. Despite

the name, Power Supply Units (PSU) does not supply systems with power -
instead they convert it. Specifically, a power supply converts the
alternating high voltage current (AC) into direct current (DC), and they also
regulate the DC output voltage to the fine tolerances required for modern
computing components.

Optical drives retrieve and/or store data on optical discs like CDs, DVDs,
and BDs (Blu-ray discs), any of which hold much more information than
previously available portable media options like the floppy disk. The optical
drive normally goes by other names like a disc drive, ODD (abbreviation),
CD drive, DVD drive, or BD drive.

An HDD is a data storage device that lives inside the computer. It has
spinning disks inside where data is stored magnetically. ... The arm moves
the heads across the surface of the disk to access different data. HDDs are
considered a legacy technology, meaning they've been around longer
than SSDs.

1.1.2.1 TYPES OF COMPUTING DEVICES

As you know, computers are devices used to process information. There are
several terms used to describe computers; most of these terms indicate the

P a g e | 10
 P a t h w a y t o
E m p l o y a b i l i t y

size and the capability of the computer. The two main categories of
computers are:

These types of computers have an operating system that can run many
applications at the same time. Some examples are devices, such as servers,
laptops and smartphones.

These are devices that can only run one task. Some examples are ATMs and
processors embedded in devices, such as refrigerators and motor cars.

Embedded devices are devices designed for a single purpose; whether

that purpose is to wake you up in the morning, control the temperature of
the air conditioning or help navigate. As such, these devices are usually
excellent at their specific tasks, but they are also unable to do anything else.

Embedded devices are designed to perform specific dedicated

computing tasks. Examples of these devices are:

• ATM machines
• DVD players
• Anti-lock braking systems
• Digital watches
• MP3 players
• Drones
• Airbag control systems

P a g e | 11
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.2.2 INTERNAL COMPUTER COMPONENTS

In this section, let us talk about components that are generally inside the
computer case. Some of them are exclusively found inside the case, such
as the motherboard and the processor, whereas others can be internal or
external. For example, internal hard drives (for storage) are standard in
desktop and laptop computers, but you can also buy external hard drives
for expanded storage. Network cards are another great example. Today,
they are generally built into the computer, but you can easily find external
ones as well. Regardless of the location of your hard drive or network card,
it still provides the same functionality.

The internal components of a computer system consist of the hardware

required to store and process data, and communicate with external
devices, such as the input (e.g. keyboard, mouse), output (e.g. screen,
printer), and external storage devices (e.g. USB stick). External devices that
are portable are also called peripheral devices or peripherals.

The main internal components of a computer system are:

• Processor
• Main memory
• Input/output (I/O) controllers
• Buses: Address bus, data bus, and control bus

The processor, sometimes referred to as the CPU (central processing unit),

is the part of the computer that processes data by executing the
instructions of stored programs. At processor level, these will be low-level
instructions in the form of machine code that the processor has been
designed to handle, based on a specific for the processor to be able to
execute a program, the program instructions need to be transferred from
the secondary storage to the main memory from where they can be
fetched and executed. The data that needs to be processed is also loaded

P a g e | 12
 P a t h w a y t o
E m p l o y a b i l i t y

into the main memory (from secondary storage) or provided by the input
and output devices via the I/O controllers.

Main memory is memory that can be accessed directly by the processor. It

consists of memory locations where instructions or data are stored as binary
sequences. Each memory location has a physical address, which is a
number used to locate that memory location and access its contents.

Main memory can be volatile, which loses its contents when power is
removed, or non-volatile memory, which keeps its contents even without
power.

All external devices are connected through I/O controllers. These provide
the mechanism for input data to be received for processing and the results
of computation can be output from the system using the relevant I/O
device(s). I/O controllers provide a set of addressable registers that the
processor (CPU) can access to communicate with the I/O devices. For
example, the characters entered using a keyboard would be stored in an
I/O controller that the processor (CPU) can access and process, such as
display on a screen.

The different units of a computer system are connected together using

buses. An internal bus typically consists of a set of parallel connections that
allow internal components to communicate with each other and
exchange data. For example, in order to execute instructions and process
data, the processor needs to communicate with the main memory and

P a g e | 13
 P a t h w a y t o
E m p l o y a b i l i t y

with the input and output devices. There are also external buses that are
used to connect the peripherals to the processor in a serial or parallel way.
Different types of hardware is used to implement the various types of
internal and external buses depending on their intended use, for example
wires, electronic pathways, and tracks on printed circuits.

1.1.2.3 COMMON COMPUTER CONNECTOR TYPES

A connector is the unique end of a plug, jack, or the edge of a card that
connects to a port. For example, all desktop computer expansion cards
have a connector that allows them to connect in a slot on the
motherboard. When referring to cables, the connector is the end of the
cable that connects into a port.

A VGA (video graphics array) connector was created for use with many
types of devices that had graphics cards. First used in the 1980s, it was
common to see VGA connectors on televisions, laptops, computer monitors,
projectors, and other devices. This led the way to more advanced
connectors such as DVI and HDMI.

Digital Visual Interface (DVI) offers a distinctly sharper, better picture than
VGA. It's a unique connector because it can carry both digital and
analogue signals. DVI can also easily convert to other standards like HDMI
and VGA.

The PS/2 port is a 6-pin mini-DIN connector used for connecting keyboards
and mouse to a PC compatible computer system. Its name comes from the

P a g e | 14
 P a t h w a y t o
E m p l o y a b i l i t y

IBM Personal System/2 series of personal computers, with which it was

introduced in 1987.

An Ethernet cable is a common type of network cable used with wired

networks. Ethernet cables connect devices such as PCs, routers, and
switches within a local area network. These physical cables are limited by
length and durability

The 3.5mm stereo cables are used to connect a variety of audio devices
such as MP3 players, CD players, DVD players, and TVs to multimedia
receivers including headphones and earphones. The various combinations
include one male 3.5mm connector a choice of RCS connectors – two or
three, male or female.

"Universal Serial Bus" (USB) cable assemblies are some of the most popular
cable types available, used mostly to connect computers to peripheral
devices such as cameras, camcorders, printers, scanners, and more.

A kettle lead is known as a UK mains lead, an IEC cable or a power lead.

Some people call it a kettle lead as it is pretty much the same cable used
to power an electric kettle!

P a g e | 15
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.2.4 COMMON PERIPHERALS

Peripheral device, also known as peripheral, computer peripheral, input-
output device, or input/output device, any of various devices (including
sensors) used to enter information and instructions into a computer for
storage or processing and to deliver the processed data to a human
operator.

A computer keyboard is an input device that allows a person to enter letters,

numbers, and other symbols (together, these are called characters) into a
computer. It is one of the most used input devices for computers. A
keyboard contains many mechanical switches or push-buttons called
"keys".

Types of Keyboards

• QWERTY Keyboards
• Wired Keyboards
• Numeric Keypads
• Ergonomic Keyboards
• Wireless Keyboards
• USB Keyboards
• Bluetooth Keyboards
• Magic Keyboards

A computer mouse is a hand-held pointing device that detects two-

dimensional motion relative to a surface. This motion is typically translated
into the motion of a pointer on a display, which allows a smooth control of
the graphical user interface of a computer.

P a g e | 16
 P a t h w a y t o
E m p l o y a b i l i t y

Types of mouse

• Wired Mouse
• Bluetooth Mouse
• Trackball Mouse
• Optical Mouse
• Laser Mouse
• Magic Mouse
• USB Mouse
• Vertical Mouse

A graphics tablet (also known as a digitizer, drawing tablet, drawing pad,

digital drawing tablet, pen tablet, or digital art board) is a computer input
device that enables a user to hand-draw images, animations and graphics,
with a special pen-like stylus, similar to the way a person draws images with
a pencil.

A touchscreen or touch screen is the assembly of both an input and output

device. The touch panel is normally layered on the top of an electronic
visual display of an information processing system. The display is often an
LCD AMOLED or OLED display while the system is usually a laptop, tablet.

A barcode scanner is an input device that uses light beams to scan and
digitally convert printed barcodes. It then decodes the data and sends the
data to a computer. It consists of a lens, a source of light, and a light sensor
that can translate optical impulses into electrical signals.

P a g e | 17
 P a t h w a y t o
E m p l o y a b i l i t y

An image scanner is a digital device used to scan images, pictures, printed

text and objects and then convert them to digital images. Image scanners
are used in a variety of domestic and industrial applications like design,
reverse engineering, orthotics, gaming and testing. The most widely used
type of scanner in offices or homes is a flatbed scanner, also known as a
Xerox machine. This modern image scanner is a descendant of early fax
input devices and telegraphy equipment.

A microphone, colloquially called a mica or mike, is a device – a transducer

– that converts sound into an electrical signal.

A webcam is a video camera that feeds or streams an image or video in

real time to or through a computer network, such as the Internet. Webcams
are typically small cameras that sit on a desk, attach to a user's monitor, or
are built into the hardware.

P a g e | 18
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.3 COMPUTER SOFTWARE

Software is the programs that are needed to accomplish the input,
processing, output, storage, and control activities of information systems.
Computer Software, instructions that tell a computer what to do. Software
comprises the entire set of programs, procedures, and routines associated
with the operation of a computer system. A set of instructions that directs
a computer's hardware to perform a task is called a program, or software
program.

Types of Software

• Application Software
• System Software
• Firmware
• Programming Software
• Driver Software
• Freeware
• Shareware
• Open-Source Software

1.1.3.1 COMPARE FUNCTIONS AND FEATURES OF COMMON

OPERATING SYSTEMS
An Operating System (OS) is an interface between computer user and
computer hardware. An operating system is software which performs all the
basic tasks like file management, memory management, process
management, handling input and output, and controlling peripheral
devices such as disk drives and printers.

P a g e | 19
 P a t h w a y t o
E m p l o y a b i l i t y

Functions of Operating System

• An operating system manages the

processor’s working by allocating various jobs to it and ensuring that
each process receives enough time from the processor to function
properly.

• An operating system manages the

allocation and DE allocation of the memory to various processes and
ensures that the other process does not consume the memory
allocated to one process.

• There are various input and output devices.

An operating system controls the working of these input-output
devices. It receives the requests from these devices, performs a
specific task, and communicates back to the requesting process.

• An operating system keeps track of information

regarding the creation, deletion, transfer, copy, and storage of files
in an organized way. It also maintains the integrity of the data stored
in these files, including the file directory structure, by protecting
against unauthorized access.

• The operating system provides various techniques which

assure the integrity and confidentiality of user data. Following security
measures are used to protect user data:
o Protection against unauthorized access through login.
o Protection against intrusion by keeping Firewall active.
o Protecting the system memory against malicious access.
o Displaying messages related to system vulnerabilities.

• From time to time, the operating system checks the

system for any external threat or malicious software activity. It also
checks the hardware for any type of damage. This process displays

P a g e | 20
 P a t h w a y t o
E m p l o y a b i l i t y

several alerts to the user so that the appropriate action can be taken
against any damage caused to the system.
• In a multitasking operating system where multiple
programs run simultaneously, the operating system determines which
applications should run in which order and how time should be
allocated to each application.

Most commonly used Operating System

1. Workstation
a. Microsoft Windows
b. Apple macOS
c. Linux
2. Mobile
a. Android
b. Apple's iOS

Microsoft Windows

Microsoft Windows is a group of OSs manufactured by Microsoft. Windows

is available in 32 and 64-bit versions and offers a graphical user interface
(GUI), multitasking functionalities, virtual memory management capabilities,
and support for several peripheral devices.

• The New Start Menu. Microsoft has (thankfully) returned the Start
menu to the lower left-hand corner of the user interface, and this time,
the menu doesn't focus exclusively on desktop apps
• Windowed Apps
• Cortana
• Edge
• Action Center
• Virtual Desktops

P a g e | 21
 P a t h w a y t o
E m p l o y a b i l i t y

• Xbox Streaming

Apple macOS

MacOS is a proprietary graphical operating system developed and

marketed by Apple Inc. since 2001. It is the primary operating system for
Apple's Mac computers

• Dark mode. Apple / WIRED

• Revamped Maps app. Apple / WIRED
• Siri improvements
• A smarter Photos app
• Completely redesigned Reminders app
• New I Message, Mail and Notes features
• Huge updates to the Health app
• Big privacy upgrades

Linux

Linux is a family of open-source Unix-like operating systems based on the

Linux kernel, an operating system kernel first released on September 17,
1991, by Linus Torvalds. Linux is typically packaged in a Linux distribution.

Linux is the best-known and most-used open-source operating system. As

an operating system, Linux is software that sits underneath all of the other
software on a computer, receiving requests from those programs and
relaying these requests to the computer’s hardware

Portable − Portability means software can works on different types of

hardware in same way. Linux kernel and application programs support their
installation on any kind of hardware platform. Open Source − Linux source

P a g e | 22
 P a t h w a y t o
E m p l o y a b i l i t y

code is freely available and it is community-based development project

Android

Android is a software package and Linux based operating system for

mobile devices such as tablet computers and smartphones. It is developed
by Google and later the OHA (Open Handset Alliance). Java language is
mainly used to write the android code even though other languages can
be used

• Near Field Communication (NFC)

• Alternate Keyboards
• Infrared Transmission
• No-Touch Control
• Automation
• Wireless App Downloads
• Storage and Battery Swap
• Custom Home Screens

Apple's iOS

Apple iOS stands for iPhone operating system. It is a proprietary mobile

operating system of Apple for its handheld. It supports Objective-C, C, C++,
Swift programming language. It is based on the Macintosh OS X.

• Redesigned widgets. Widgets have been redesigned to be more

beautiful and data rich, so they can provide even more utility
throughout your day
• Widgets for everything
• Widgets on the Home Screen
• Widgets in different sizes

P a g e | 23
 P a t h w a y t o
E m p l o y a b i l i t y

• Widget gallery
• Widget stacks
• Smart Stack
• Siri Suggestions widget

1.1.3.2 APPLICATION SOFTWARE TYPES

Application software, or app for short, is software that performs specific
tasks for an end-user. For example, Microsoft Word or Excel is application
software, as are common web browsers such as Firefox or Google Chrome.

Different Types of Application Software Used by Businesses

• Word processors
• Graphics software
• Database software
• Spread sheet software
• Presentation software
• Web browsers
• Enterprise software
• Information worker software

A word processor (WP) is a device or computer program that provides for

input, editing, formatting, and output of text, often with some additional
features.

Graphics software can edit bitmap and/or vector graphics, and can be
used to design label templates. Examples of graphics software include

P a g e | 24
 P a t h w a y t o
E m p l o y a b i l i t y

Adobe Illustrator, Photoshop, InDesign, CorelDraw, Inscape, Microsoft Paint,

and Paint.Net.

Database software is software that is designed to create databases and to

store, manage, search, and extract the information contained within them.
It can also help your team with multi-user access control, security
management, and database communication.

Spread sheet software is a software application capable of organizing,

storing and analyzing data in tabular form. The application can provide
digital simulation.

Presentation software is defined as computer programs designed to allow

the user to present information in an engaging way such as with text,
pictures, sound and video. PowerPoint is an example of presentation
software.

A web browser is application software for accessing the World Wide Web.
When a user requests a web page from a particular website, the web
browser retrieves. Example of web browsers are Google chrome Microsoft
edge.

P a g e | 25
 P a t h w a y t o
E m p l o y a b i l i t y

Enterprise software, also known as enterprise application software (EAS), is

computer software used to satisfy the needs of an organization rather than
individual users. Such organizations include businesses, schools, interest-
based user groups, clubs, charities, and governments.

Information worker software lets users create and manage information,

often for individual projects within a department, in contrast to enterprise
management. Examples include time management, resource
management, analytical, collaborative and documentation tools.

1.1.3.3 BUSINESS & PRODUCTIVITY SOFTWARES IN DAILY USE

Productivity software is a category of application programs that help users
produce things such as documents, databases, graphs, worksheets and
presentations. Many productivity applications are intended for business use.
Examples of office productivity software include word processors,
database management systems (DBMS), and graphics software and
spread sheet applications.

Some important productivity software

• Microsoft 365
• Asana
• Bitrix24
• Team Viewer

Microsoft 365 is the productivity cloud designed to help you pursue your
passion and run your business. More than just apps like Word, Excel,

P a g e | 26
 P a t h w a y t o
E m p l o y a b i l i t y

PowerPoint, Microsoft 365 brings together best-in-class productivity apps

with powerful cloud services, device management, and advanced
security in one, connected.

Use Asana to keep all the projects in your program organized and on track.
Map, manage, track, and talk about your team's projects in Asana to go
beyond planning and get results. Save time, reduce distractions, and work
more productively by centralizing your team's work in Asana.

Bitrix24 is a collaboration software with complete tools for management,

collaboration, and communication. Bitrix24 gives you a unified platform for
your files, projects, messages, tasks, and contacts. You can immediately use
the platform by simply registering for an account and then inviting your
colleagues.

Team Viewer is a comprehensive, remote access, remote control and

remote support solution that works with almost every desktop and mobile
platform, including Windows, macOS, Android, and iOS. Team Viewer lets
you remote in to computers or mobile devices located anywhere in the
world and use them as though you were there.

1.1.3.4 COLLABORATION SOFTWARE & HOW IT'S USED IN A BUSINESS

DAILY
Collaboration software is designed to maximize teamwork effectiveness by
providing a central platform where employees can openly share

P a g e | 27
 P a t h w a y t o
E m p l o y a b i l i t y

knowledge, data, and documents to solve specific business problems or

complete creative projects together. Team members interact from any
location on the cloud, sparking innovation and driving progress to boost
profits and company growth.

Types of collaboration software

As with any software, collaboration platforms all have their strengths,

weaknesses, and prominent features. As you search, it’s helpful to know
there are a couple of main categories.

Communication-centric programs offer a variety of ways for employees to

interact and share knowledge, such as social networking. Managers create
groups for topic- or team-related discussions open to anyone interested.
Individuals can customize notification settings to ensure relevant messages
are received and minimize irrelevant chatter.

Other collaboration tools focus on collaborative project management and

offer more task management-related features. Assigning tasks, monitoring
progress, and streamlining workflow are also critical components for a team
striving to achieve a goal together. As members discuss ideas for a project
or problem, they can follow through with implementation to ensure the
overall process is on schedule. Examples of collaboration software

• Flow dock
• GoToMeeting
• Slack
• Proof Hub
• Red booth

P a g e | 28
 P a t h w a y t o
E m p l o y a b i l i t y

Benefits of collaboration software

Below are significant benefits of collaboration software and collaboration

software impact for any business.

Collaboration tools like Slack, Cisco Spark, and Hive broaden

communication opportunities by:

• Organizing discussions into channels

• Supporting voice and video calls
• Integrating with various popular apps (Google Drive, Trello, Dropbox,
etc.)
• Providing easy navigation through documents

Project management includes four main functions: planning, organizing,

leading, and controlling. At the first stage, planning, the project manager
creates a detailed plan based on the company’s goal and thorough
research. Collaboration software helps to schedule all the project planning
stages and share ideas among all team members. It also helps the team to
make informed decisions by putting all project details in one place.

Seamless team collaboration accelerates business progress and success.

Collaboration software can improve the workflow of Agile teams in the
following ways:

• Better remote working possibilities

• Improved scheduling
• Quick talent identification

P a g e | 29
 P a t h w a y t o
E m p l o y a b i l i t y

Collaboration software isn’t only convenient to use; it also saves a team’s

time, allowing them to focus on more important tasks.

Workers are able to easily publish, share, and organize company

information in groupware like Confluence and Zoho.

Software integrations with popular and convenient tools like Google Docs,
Dropbox, Trello, and others also speed up work. An employee can import
and export documents via these integrations right from groupware.

Additionally, collaboration software reduces paperwork and thereby saves

time with digital documentation.

One of the primary tasks of collaboration software is to unite employees

from different locations in the most convenient way. This task not only
facilitates an organization’s workflow but also increases employee
engagement and satisfaction with the company. Furthermore, engaged
employees impact a company’s overall productivity.

P a g e | 30
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.4 SETTING UP A BASIC WORKSTATION

Once you are allocated computer workstation, below accessories you can
adjust by following the guidelines:

Use your chair’s features to help position you appropriately.

• Seat Height: Your feet should be flat on the ground and thighs parallel
to the floor
• Seat Depth: There should be a space between the back of your
knees and the seat pan
• Seat Angle: Adjust the seat pan angle to comfort, usually around 90-
95 degrees.
• Backrest Support: Place the lumbar support at the small of your back
• Backrest Angle: Adjust the inclination of the backrest angle to
comfort, 95-105 degrees is optimal. If you have a ‘free float’ function
in your chair, try it out and use it.
• Armrest Height: Adjust the arm rests to allow your elbows to ‘fall’
onto the arm rests (i.e., keeping your shoulders down)

Keyboard: Adjust the height of your keyboard or keyboard tray to be at or

slightly above elbow height and the angle of the keyboard tray to be
parallel to the floor or slightly inclined. When setting your keyboard up, note
the following:

• Your wrists should not be bent and your elbows should be at your side
(to minimize forward and side reaching)

P a g e | 31
 P a t h w a y t o
E m p l o y a b i l i t y

• If you don’t have a keyboard tray, raise your seat to the correct
height and use a foot stool (if needed)

Mouse: Centre yourself in the midline of the keyboard and place the mouse
close to the keyboard

• Minimize reaching to the side or in front while using the device

• Don’t squeeze the mouse – hold it loosely
• Keep your wrists straight
• If using a wrist rest, rest your hand, not your wrist, on the pad
• Alternate hand use, if possible
• Increase your mouse pointer speed

Monitor:

• Place the monitor perpendicular to you

• Your line of sight should be the top 1/3 of your monitor screen
• Sit 18-30″ from the screen, adjust based on personal eyesight
• Office Lighting: Proper lighting makes all tasks easier. You receive
approximately 85% of your information through the sense of sight.
Good lighting reduces eye strain, eye irritation, blurred vision, and
headaches. Lighting concerns such as insufficient lighting and glare
may be present in your workspace.
• Sufficient lighting: add additional fixtures if necessary. Do not position
fixtures directly behind you.
• Reduce Glare: Increase brightness around the glare source. Position
fixture(s) to reduce reflected light that’s directed towards the eyes.

1.1.4.1 CONNECT HARDWARE

Hardware represents the physical and tangible components of a computer,
i.e. the components that can be seen and touched.

P a g e | 32
 P a t h w a y t o
E m p l o y a b i l i t y

Computer hardware is the physical components that a computer system

requires to function. It encompasses everything with a circuit board that
operates within a PC or laptop; including the motherboard, graphics card,
CPU (Central Processing Unit), ventilation fans, webcam, power supply, and
so on.

Examples of Hardware:

• Input devices − keyboard, mouse

• Output devices − printer, monitor
• Secondary storage devices − Hard disk, CD, DVD
• Internal components − CPU, motherboard, RAM

1.1.4.2 INSTALL AND CONFIGURE OPERATING SYSTEMS

Operating System Installation Tasks

• Set up the display environment

• Erase the primary boot disk
• Set up the BIOS
• Install the operating system
• Configure your server for RAID
• Install the operating system, update the drivers, and run operating
system updates, as necessary
• Instrument Control
• Choose the hardware applicable to you and follow the
corresponding instructions to properly install and configure your
system. After installation and configuration are completed, locate
and download an instrument driver to get to measurements in the
most efficient manner.

To configure operating system settings, in Control Panel, click Performance

and Maintenance. To view operating system performance configuration

P a g e | 33
 P a t h w a y t o
E m p l o y a b i l i t y

options, in the Performance and Maintenance window, click System, and

then click the Advanced tab.

1.1.4.3 INSTALL AND CONFIGURE APPLICATIONS

Installation (or setup) of a computer program (including device drivers and
plugins), is the act of making the program ready for execution. Installation
refers to the particular configuration of a software or hardware with a view
to making it usable with the computer.

• You can follow the steps below to install an application from an .exe
file.
• Locate and download an .exe file.
• Locate and double-click the .exe file. (It will usually be in your
Downloads folder.)
• A dialog box will appear. Follow the instructions to install the software.
• The software will be installed.

1.1.4.4 CONFIGURE ACCESSIBILITY OPTIONS

Accessibility is Important for Individuals, Businesses, Society. ... That is, the
accessibility barriers to print, audio, and visual media can be much more
easily overcome through web technologies. Accessibility supports social
inclusion for people with disabilities as well as others, such as: older people.

Accessibility features are designed to help people with disabilities use

technology more easily. For example, a text-to-speech feature may read
text out loud for people with limited vision, while a speech-recognition
feature allows users with limited mobility to control the computer with their
voice.

Types of assistive technologies and accessibility features

• Screen readers. A screen reader enables users with visual disabilities

or impairments to navigate a UI by transforming visuals to audio

P a g e | 34
 P a t h w a y t o
E m p l o y a b i l i t y

• Speech recognition
• Magnifier
• Visual settings and color schemes
• Narrator
• On-screen keyboard
• Mouse keys
• Providing flexible UI

P a g e | 35
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.5 CONFIGURING NETWORK ACCESS

Network access control is the act of keeping unauthorized users and
devices out of a private network. Effective network access control restricts
access to only those devices that are authorized and compliant with
security policies, meaning they have all the required security patches and
anti-intrusion software. Network configuration is also known as network
setup.

Network Configuration

Network configuration allows a system administrator to set up a network to

meet communication objectives. The process involves the following tasks:

• Router configuration: Specifies the correct IP addresses and route

settings, etc.
• Host configuration: Sets up a network connection on a host
computer/laptop by logging the default network settings, such as IP
addressing, proxy, network name and ID/password, to enable
network connection and communication.
• Software configuration: Any network-based software, like an intrusion
detection system (IDS), is allowed access and provided with the
appropriate credentials to monitor network traffic.

Click the ‘Start’ button, and then click ‘Control Panel’. On the ‘Control
Panel’ window, click ‘Network and Internet’. On the ‘Network and Internet’
window, click ‘Network and Sharing Center’. On the ‘Network and Sharing
Center’ window. Under Change your networking settings, click ‘Set up a
new connection or network’.

P a g e | 36
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.5.1 NETWORK CONNECTION TYPES

Network Connection means an Internet access service for use by multiple
machines.

Types of network connection

• Wired
• Wireless
• Cellular

A wired network uses cables to connect devices, such as laptop or desktop

computers, to the Internet or another network. ... The most common wired
networks use cables connected at one end to an Ethernet port on the
network router and at the other end to a computer or other device
generally used at offices and homes.

Most routers and modems available from home and business internet
providers support Ethernet standards, so you connect a computer with a
standard wired network adapter.

A wireless network allows devices to stay connected to the network but

roam untethered to any wires. Access points amplify Wi-Fi signals, so a
device can be far from a router but still be connected to the network
examples Wi-Fi and Bluetooth.

Cellular network is most commonly the native connectivity method

deployed with most cell phones, smartphones, and dial-up devices. It's a

P a g e | 37
 P a t h w a y t o
E m p l o y a b i l i t y

mobile-based network used with a radio antenna. These devices are

associated with “cell”s and can move from cell to cell in order to
communicate and maintain communication.

1.1.5.2 INSTALL AND CONFIGURE A ROUTER

A router is a device that connects two or more packet-switched networks
or sub networks. It serves two primary functions: managing traffic between
these networks by forwarding data packets to their intended IP addresses,
and allowing multiple devices to use the same Internet connection.

The best place for a wireless business router is in an open area of the
workplace, as you'll benefit from even coverage. However, sometimes
it's not easy to find a space out in the open because you must connect
the router to a broadband gateway from your ISP (Internet service
provider), which is usually attached to a cable near an outside wall.

Attach the router to a cable - or choose a mesh router

To solve the "long-distance" problem when connecting a router, you can

use a CAT5e or CAT6 cable to connect the router to the ISP gateway's
Ethernet port. Another option is to run Ethernet cables through the walls
of your office to the chosen central location for the router.

Yet another option is to install a mesh network with a router. A mesh

network allows you to place multiple Wi-Fi transmitters across your home
or office, all on one network.

P a g e | 38
 P a t h w a y t o
E m p l o y a b i l i t y

No matter which option you choose, you'll use a basic Ethernet cable,
plugged into the router's wide-area network (WAN) or Internet port. The
Internet port is typically set apart from other ports by a different colour.

Your router's LED lights tell you if you've successfully made an active
Internet connection. If you don't see lights confirming such a connection,
make sure you've plugged the cable into the correct port.

Test the connection with a device

Confirm that your router has a working connection by plugging a laptop

computer into one of the device ports on the back of the router. If all
goes well, you should be able to begin a wired connection, just as you
did when confirming an active Internet connection.

In some cases, ISPs offer customers gateways with built-in routers. In most
cases, these combined devices are not built for business environments,
nor do they have extra ports, security, and other options that allow you
to add services and expand networks as the business grows.

If you have a gateway with an integrated router, you'll have to configure

the gateway to disable the router and pass the WAN IP address—the
unique Internet protocol address that the Internet provider assigns to
your account—and all network traffic through to your new router.

If you don’t take this step, you may run into conflicts that prevent devices
from working properly. You may need to contact your ISP for help with
this step.

First, turn off the gateway. If there is already an Ethernet cable plugged
into the gateway's local-area network (LAN) port, unplug the cable and

P a g e | 39
 P a t h w a y t o
E m p l o y a b i l i t y

plug it into your router's WAN port. Turn the gateway back on and wait
a few minutes for it to boot up. Plug in the router's power supply and turn
it on, again waiting a few minutes.

The easiest way to continue with router setup is to use a mobile app if
the router maker provided one. If there is no app, or you'd rather use the
router's web-based dashboard, connect the router to a computer via
an Ethernet cable.

You might find the router's IP address printed on the back of device itself;
if not, type 192.168.1.1, a common router address, into the browser
search bar.

To configure the router, you'll need to log in, using its default admin
name and password. You can usually find this information printed on the
router itself, or in an accompanying user manual.

Next, enter the required credentials. Once you're in, you should
immediately create a new username and password. The defaults are
usually something like "admin" and "password1234," which are obviously
not secure—so make sure to change them at the first opportunity.

Your router may need an update of the "firmware," or software that

operates it. Update it as soon as possible, since the new firmware might
fix bugs or offer new security protections.

P a g e | 40
 P a t h w a y t o
E m p l o y a b i l i t y

Some routers may download new firmware automatically, but many do

not. You may need to check for updates through the app or the browser
interface.

Just as most routers come with preassigned admin usernames and

passwords, most also come with pre-set Wi-Fi usernames and passwords.
You’ll likely be prompted to change the Wi-Fi username and password,
but even if you don't see such a prompt, plan to do so quickly.

If your router is equipped with auto-install features, rely on them to help

complete setup. For example, you should be able to use auto-
configuration to manage IP addresses with the Dynamic Host
Configuration Protocol (DHCP), which automatically assigns IP addresses
to devices. You can always change these addresses later.

Many router manufactures provide security functionality to safeguard

network and user privacy. You can login into the web dashboard and
enabling added security features such as firewall, web filtering, and
access controls to protect yourself from malicious traffic. You can also
set up virtual private networks (VPNs) for privacy

1.1.5.3 NETWORK AND ALTERNATIVE TECHNOLOGIES

A network consists of two or more computers that are linked in order to
share resources (such as printers and CDs), exchange files, or allow
electronic communications. The computers on a network may be linked

P a g e | 41
 P a t h w a y t o
E m p l o y a b i l i t y

through cables, telephone lines, radio waves, satellites, or infrared light

beams. Wide Area Network (WAN)

Network Technology involves the use of data systems to manage and

deliver digital resources over a computer network. A variety of industries use
computer hardware and system software that maintains a network,
creating a need for specialists to manage them.

Types of Network Alternative Technologies

• Software Defined Networking (SDN)

• Multi Cloud Technology
• Cloud Repatriation
• Edge Computing
• Internet of Things (IoT)
• Artificial Intelligence (AI)
• Intent Based Networking
• Wireless Data Links for Drone

Software-Defined Networking (SDN) is an approach to networking that uses

software-based controllers or application programming interfaces (APIs) to
communicate with underlying hardware infrastructure and direct traffic on
a network.

Multicloud - the use of cloud services from two or more vendors - gives
organizations more flexibility to optimize performance, control costs, and
leverage the best cloud technologies available.

P a g e | 42
 P a t h w a y t o
E m p l o y a b i l i t y

Unclouding or cloud repatriation is the process of reverse-migrating

application workloads and data from the public cloud to a private cloud
located within an on-premise data center or to a colocation provider.

Edge computing is a distributed computing paradigm that brings

computation and data storage closer to the sources of data. This is
expected to improve response times and save bandwidth. "A common
misconception is that edge and IoT are synonymous.

The Internet of Things (IoT) describes the network of physical objects—

“things”—that are embedded with sensors, software, and other
technologies for the purpose of connecting and exchanging data with
other devices and systems over the internet.

In the simplest terms, AI which stands for artificial intelligence refers to

systems or machines that mimic human intelligence to perform tasks and
can iteratively improve themselves based on the information they collect.

Intent-Based Networking means that the network you design mirrors the
network you deploy in every detail (even the cabling). Apstra provides:

P a g e | 43
 P a t h w a y t o
E m p l o y a b i l i t y

Automated management of data center leaf-spine network services. Real-

time closed-loop validation using advanced processing data analytics.

• Advanced Mini Link System (AMLS) Advanced wireless data link for
sUAS and tactical UGVs
• Integrated Data Link System (IDLS MK-II) Secure wireless data link,
ideal for long-range UAV missions
• UVF/VHF Radio
• Secondary Link & UHF FTS

1.1.5.4 SHARING AND STORAGE METHODS

File sharing is the practice of distributing or providing access to digital
media, such as computer programs, multimedia, documents or electronic
books. File sharing may be achieved in a number of ways.

• File transfer protocol programs (FTP)

• Peer-to-peer networks
• Removable storage media
• Online file sharing services

• FTP stands for File transfer protocol.

• FTP is a standard internet protocol provided by TCP/IP used for
transmitting the files from one host to another.

P a g e | 44
 P a t h w a y t o
E m p l o y a b i l i t y

• It is mainly used for transferring the web page files from their creator
to the computer that acts as a server for other computers on the
internet.
• It is also used for downloading the files to computer from other servers.

A peer-to-peer, or “P2P,” file transfer service allows the user to share

computer files through the Internet. These services are set up to allow users
to search for and download files to their computers, and to enable users to
make files available for others to download from their computers.

• Google Drive
• One Hub
• Microsoft One Drive
• EFileCabinet
• Drop box Business

Expandable storage is a form of computer storage that is designed to be

inserted and removed from a system.

• USB memory sticks

• External hard drives
• CDs
• DVDs
• Mobile phones and tablet devices

P a g e | 45
 P a t h w a y t o
E m p l o y a b i l i t y

What is Data Storage?

Data storage essentially means that files and documents are recorded
digitally and saved in a storage system for future use. Storage systems may
rely on electromagnetic, optical or other media to preserve and restore the
data if needed. Data storage makes it easy to back up files for safekeeping
and quick recovery in the event of an unexpected computing crash or
cyber-attack.

Data storage can occur on physical hard drives, disk drives, USB drives or
virtually in the cloud. The important thing is that your files are backed up
and easily available should your systems ever crash beyond repair. Some
of the most important factors to consider in terms of data storage are
reliability, how robust the security features tend to be and the cost to
implement and maintain the infrastructure. Browsing through different data
storage solutions and applications can help you arrive at the choice that is
the best fit for your business' needs.

There are two broad types of data storage, including direct attached
storage and network attached storage. There are many devices that fit into
each of these categories, each with their own unique advantages and
disadvantages, which we’ll explain in more detail below. For now, let’s take
a closer look at each of these main categories:

As the name might suggest, direct attached storage (DAS) includes types
of data storage that are physically connected to your computer. This
storage is generally accessible to only a single machine. Some common
devices in this category include

P a g e | 46
 P a t h w a y t o
E m p l o y a b i l i t y

• Hard Drives
• Solid-State Drives (SSD)
• CD/DVD Drives
• Flash Drives

Network attached storage (NAS) allows for multiple machines to share

storage over a network. This is accomplished with multiple hard drives or
other storage devices in a RAID configuration. One of the key benefits of
NAS is the ability to centralize data and improve collaboration. Data can
be easily shared among connected machines, and permission levels can
be set to control access. While NAS solutions tend to be more costly than
DAS solutions, they are still very affordable as storage technology has
advanced significantly.

P a g e | 47
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.6 WORKING WITH FILES, FOLDERS,

AND APPLICATIONS
Understanding how to work with files and folders is an important part of
using your computer. Once you understand how files and folder work, you'll
use them all the time. In this lesson, we'll show you the absolute basics of
working with files, including how to open files, move your files into folders,
and delete files.

There are many different types of files you can use. For example, Microsoft
Word documents, digital photos, digital music, and digital videos are all
types of files. You might even think of a file as a digital version of a real-
world thing you can interact with on your computer. When you use different
applications, you'll often be viewing, creating, or editing files. Files are
usually represented by an icon. In the image below, you can see a few
different types of files below the Recycle Bin on the desktop.

P a g e | 48
 P a t h w a y t o
E m p l o y a b i l i t y

Windows uses folders to help you organize files. You can put
files inside a folder, just like you would put documents inside a real folder. In
the image below, you can see some folders on the desktop.

You can view and organize files and folders using a built-in application
known as File Explorer (called Windows Explorer in Windows 7 and earlier
versions). To open File Explorer, click the File Explorer icon on the taskbar, or
double-click any folder on your desktop. A new File Explorer window will
appear. Now you're ready to start working with your files and folders.

As you begin using your computer, you will start to collect more and more
files, which can make it more difficult to find the files you need. Fortunately,
Windows allows you to move files to different folders and delete files you no
longer use.

You can change the name of any file or folder. A unique name will make it
easier to remember what type of information is saved in the file or folder.

P a g e | 49
 P a t h w a y t o
E m p l o y a b i l i t y

If you no longer need to use a file, you can delete it. When you delete a
file, it is moved to the Recycle Bin. If you change your mind, you can move
the file from the Recycle Bin back to its original location. If you're sure you
want to permanently delete the file, you will need to empty the Recycle
Bin.

1.1.6.1 CREATING FILES

A file is a collection of data stored in one unit, identified by a filename. It

can be a document, picture, audio or video stream, data library,
application, or other collection of data. ... A library file is a unit of data that
is referenced by a specific program or the operating system itself.

• Open an application (Word, PowerPoint, etc.) and create a new file

like you normally would
• Click File
• Click Save as
• Select Box as the location where you'd like to save your file. If you
have a particular folder that you'd like to save it to, select it
• Name your file
• Click Save

1.1.6.2 NAVIGATING A FILE STRUCTURE

Files are placed in a hierarchical structure. The file system specifies naming
conventions for files and the format for specifying the path to a file in the

P a g e | 50
 P a t h w a y t o
E m p l o y a b i l i t y

tree structure. Each file system consists of one or more drivers and dynamic-
link libraries that define the data formats and features of the file system.

Perform the following steps to navigate the file system using the Isilon File
System Explorer.

Note: If you have more than 1,000 entries, the File System Explorer displays
abbreviated file and directory names (the file name and Properties link
only). To view files and directories, next to Page, type a page number to
display that page, or click the previous-page and next-page buttons to
scroll through the pages.

Navigate the file structure

1. On the File System menu, click File System Explorer. The File System
Explorer page appears.

Note: To expand or reduce the size of the right or left panel, move the
vertical bar to the left or right.

2. To show the contents of a directory, click the plus sign (+) next to the
directory name in the left pane. The directory contents appear.

To expand a directory in the right pane, click that directory in the left
pane. Move the pointer over an icon in the right pane to view its identity as
a directory, a shared directory, or a file. The contents of the directory
appear in the right pane.

1.1.6.3 MANAGING FILES AND FOLDERS

File management is organizing and keeping track of fi les and folders.
Working with poorly managed fi les is like looking for a needle in a
haystack—it is frustrating and time consuming to search through irrelevant,
misnamed, and out-of-date fi les to find the one you want. Windows allows
you to organize folders and fi les in a fi le hierarchy, imitating the way you
store paper documents in real folders. Just as a fi ling cabinet contains
several folders, each containing a set of related documents and several

P a g e | 51
 P a t h w a y t o
E m p l o y a b i l i t y

dividers grouping related folders together, a file hierarchy allows you to

place fi les in folders, then place folders in other folders, so that your fi les
are organized and easier to find. Windows 7 provides you with a main fi le
management window called Windows Explorer. Windows Explorer provides
access to fi les, folders, drives, and disks on your local, Home group (a
shared home network), and network computers. You have just been hired
as a marketing specialist. Ron Dawson, the vice president of Marketing,
wants you to review the fi les on your computer and organize them for some
upcoming projects.

• Organization Is the Key to Electronic File Management

• Use the Default Installation Folders for Program Files
• One Place for All Documents
• Create Folders in a Logical Hierarchy
• Nest Folders Within Folders
• Follow the File Naming Conventions
• Be Specific
• Skip the Desktop. Never ever store files on your Desktop
• Skip Downloads
• File things immediately
• Sort everything once a week
• Use descriptive names
• Search is powerful
• Don't use too many folders
• Stick with it

1.1.6.4 COMPRESSING AND EXTRACTING FILES

A compressed file is any file which is smaller than its original size and could
contain one or more files, or even a directory. A compressed file has the
compressed attribute switched on. Compressed files have the advantage

P a g e | 52
 P a t h w a y t o
E m p l o y a b i l i t y

of being faster to transmit and download, and can allow more data to be
stored in physical or removable media.

Examples of compressed file extensions are .RAR, .ZIP and .TAR.

There are many advantages associated with compressed files.

Compressed files can help in saving hard drive space, and are also faster
to transmit, download and store. Compressed files are more convenient for
faster reading and writing, especially in the case of text or word processor
documents.

Extract is a term used to describe the process of decompressing and

moving one or more files in a compressed file (e.g., zip file) to an alternate
location.

Compressed 'zip' files are widely used as they pack one or more computer
files into a single file or folder which takes up less space. It can be a very
useful way of sending or storing files. You'll need to unzip them to extract
the contents inside. Zip files are very common on the internet.

1.1.6.5 SCREEN CAPTURES

A screen shot (sometimes called a screen capture) is an image of a

computer desktop that can be saved as a graphics file. Various programs
are available for creating screen shots, but it is easy to do without any
special program.

To take a screen shot on a Windows platform, first press the Print Screen
button (usually on the top row of the keyboard). The screen shot is copied
to the clipboard, the memory area that temporarily stores information. The
image then has to be pasted into a document in a word processing

P a g e | 53
 P a t h w a y t o
E m p l o y a b i l i t y

program such as Word or into an image editor, such as Adobe Photo Shop.
(The mouse cursor is not included in the image.) To get a shot of the active
window only, press the Alt key and the Print Screen key at the same time.

On a Macintosh platform, press the Command, Shift, and numeral three

keys together to create an image file.

On a Unix platform, there are different methods for the various interfaces.
A common one is the command xwd -out filename.xwd, which allows you
to click a screen to make an image file.

P a g e | 54
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.7 CONFIGURING AND USING WIRELESS

DEVICES

This involves configuring wireless devices and using wireless devices.

1.1.7.1 CONFIGURING WIRELESS DEVICES

If you already have high-speed (broadband) Internet service at your house,

it's pretty easy to create your own home wireless network. Commonly
known as Wi-Fi, a wireless network allows you to connect laptops,
smartphones, and other mobile devices to your home Internet service
without an Ethernet cable.

• Once you've acquired a wireless router, you'll need to connect it to

your existing Internet modem.
• Connect an Ethernet cable from your modem to the wireless router
(there is usually a short Ethernet cable included with your wireless
router for this purpose).
• Plug in the power cable for the wireless router.
• Wait at least 30 to 60 seconds, and make sure the lights on your router
are working correctly.

Next, you'll need to use your computer to configure your router's default
settings. This includes setting a unique name and password for your wireless
network

P a g e | 55
 P a t h w a y t o
E m p l o y a b i l i t y

• Using your web browser, enter the router's default IP address into the
address bar, then press Enter. Your router's instructions should include
this information, but some of the most common addresses include
192.168.0.1, 192.168.1.1, and 192.168.2.1.
• The router's sign-in page will appear. Again, the exact sign-in details
should be included with your router's instructions, but most routers use
a standard user name and password combination, such as admin
and password.
• Your router's settings page will appear. Locate and select the
Network Name setting, then enter a unique network name.
• Locate and select the Network Password setting, and choose an
Encryption option. There are several types of encryption you can use,
but we recommend WPA2, which is generally considered to be the
most secure.
• Enter your desired password. Make sure to use a strong password to
help ensure no one else can access your network.
• Locate and select the Save button to save your settings.

That's it! Now you're ready to connect to your Wi-Fi network and make sure
it's working. The process for connecting to a Wi-Fi network will vary slightly
depending on what type of computer or device you're using, but any
system will require these basic steps.

• Locate your computer's network settings, and search for nearby Wi-Fi
networks.
• Select your network, and enter your password.
• If the connection is successful, open your web browser and try
navigating to a webpage like www.google.com. If the page loads, it
means your Wi-Fi connection is working correctly.

P a g e | 56
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.7.2 USING WIRELESS DEVICES

Wireless technology describes electronic devices that communicate
without cords using radio frequency signals. Wireless technology is used in
a variety of modern device to provide convenience and greater mobility,
and wireless devices play an important role in voice and Internet
communications.

A wireless router is a device that accepts an incoming Internet connection

and sends data as RF signals to other wireless devices that are near the
router. Wireless routers are used to connect wireless-enabled computers
and other devices to the Internet. A network set up with a wireless router is
sometimes called a wireless local area network (WLAN.). Many routers have
built-in security features such as firewalls which help protect devices
connected to the router against malicious data, such as computer viruses.

Wireless adapters are hardware devices installed inside computers that

enable wireless connectivity. If a computer does not have a wireless
adapter, it will not be able to connect to a router in order to access the
Internet. Some computers have wireless adapters built directly into the
motherboard while it is also possible to install stand-alone wireless adapters
to add wireless capability to a computer that did not come with an
adapter built in.

A wireless repeater is a wireless networking device that is used to extend

the range of a router. A repeater receives wireless signals and then re-emits
them with increased strength. By placing a repeater between a router and

P a g e | 57
 P a t h w a y t o
E m p l o y a b i l i t y

the computer connected to the router, signal strength can be boosted,

resulting in faster connection speeds.

Cellular and cordless phones are two more examples of device that make
use of wireless signals. Cordless phones have a limited range, but cell
phones typically have a much larger range than local wireless networks,
since cell phone providers use large telecommunication towers to provide
cell phone coverage. Satellite phones make use of signals from satellites to
communicate, similar to Global Positioning System (GSP) devices.

Anything that uses radio signals to communicate can be considered a

wireless device. Common devices, such as garage door openers, baby
monitors, certain video game consoles and walkie-talkies, make use of
wireless technology.

P a g e | 58
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.8 SECURING COMPUTING DEVICES

Computer security, cybersecurity or information technology security (IT
security) is the protection of computer systems and networks from
information disclosure, theft of or damage to their hardware, software, or
electronic data, as well as from the disruption or misdirection of the services
they provide.

Blank or simple passwords are an invitation for abuse by viruses, worms, and
criminals. Create a password that is a maximum of 8 characters long, using
a combination of letters and numbers. Click below for details.

Use windows update properly to ensure your windows computer is free of

critical vulnerabilities and to get future updates.

New viruses, Trojans, worms, etc. are discovered every day. These can be
used by criminals to attack systems, steal personal information (credit card
numbers, bank PINs), and other costly acts.

Email attachments containing viruses will normally be detected by your

Antivirus software. However, as new viruses are discovered daily, it is wise to

P a g e | 59
 P a t h w a y t o
E m p l o y a b i l i t y

take care when viewing unexpected or suspect email attachments, and

running software downloaded from unfamiliar websites. Be especially
mindful when downloading software via peer-to-peer networks. A recent
study has shown that nearly 50% of all programs available for download via
a popular file sharing network contain viruses or Trojans. If in doubt, contact
the sender for verification, or don't open it.

Some websites carry malware which, just by visiting them, may put your
computer at risk. Be careful when you type a web address - often a typo
can lead you to a different website masquerading as the one you
expected. Your web browser may have built-in protection against
untrusted websites, with settings that you can explore.

1.1.8.1 TYPES OF SECURITY THREATS

Threat can be anything that can take advantage of a vulnerability to

breach security and negatively alter, erase, harm object or objects of
interest. Software attacks mean attack by Viruses, Worms, Trojan Horses etc.
Many users believe that malware, virus, worms, bots are all same things.

There are several types of security threats

• Malware
• Emotet
• Denial of Service
• Man in the Middle
• Phishing
• SQL Injection
• Password Attacks

P a g e | 60
 P a t h w a y t o
E m p l o y a b i l i t y

Malware is malicious software such as spyware, ransom ware, viruses and

worms

Emotet is a Trojan that is primarily spread through spam emails (malspam).

The infection may arrive either via malicious script, macro-enabled
document files,

A Denial-of-Service (DoS) attack is an attack meant to shut down a

machine or network, making it inaccessible to its intended users. DoS
attacks accomplish this by flooding the target with traffic, or sending it
information that triggers a crash. In both instances, the DoS attack deprives
legitimate users (i.e. employees, members, or account holders) of the
service or resource they expected. Victims of DoS attacks often target web
servers of high-profile organizations such as banking, commerce, and
media companies, or government and trade organizations.

A man-in-the-middle attack is a type of eavesdropping attack, where

attackers interrupt an existing conversation or data transfer. After inserting
themselves in the "middle" of the transfer, the attackers pretend to be both
legitimate participants.

Phishing is a type of social engineering attack often used to steal user data,
including login credentials and credit card numbers. It occurs when an

P a g e | 61
 P a t h w a y t o
E m p l o y a b i l i t y

attacker, masquerading as a trusted entity, dupes a victim into opening an

email, instant message, or text message.

SQL injection is a code injection technique used to attack data-driven

applications, in which malicious SQL statements are inserted into an entry
field for execution (e.g. to dump the database contents to the attacker).

A password attack refers to any of the various methods used to maliciously

authenticate into password-protected accounts. These attacks are
typically facilitated through the use of software that expedites cracking or
guessing passwords.

1.1.8.2 SECURE WEB BROWSING

Browser security is the application of Internet security to web browsers in

order to protect networked data and computer systems from breaches of
privacy or malware. Security exploits of browsers often use JavaScript,
sometimes with cross-site scripting with a secondary payload using Adobe
Flash.

Browsers only warn you about sites but cannot stop you from going there.
Even if you have high security settings and anti-virus software, visiting a risky
Web site can result in viruses, spyware or worse.

P a g e | 62
 P a t h w a y t o
E m p l o y a b i l i t y

New patches are often released to fix existing vulnerabilities in browser

software, so having the most up-to-date versions is critical.

Anti-virus software provides protection by scanning for and removing

malicious files on your computer and avoid downloading anything until
you’re confident that it is secure. If you have any suspicion that a file may
not be legitimate or may be infected, scan it with anti-virus software before
downloading.

The “s” in “https” stands for secure, meaning that the Website is employing
SSL encryption. Check for an “https:” or a padlock icon in your browser’s
URL bar to verify that a site is secure before entering any personal
information.

Using the same password for multiple sites only makes it easier for attackers
to compromise your sensitive information. Instead, keep track of your
different passwords with a handwritten list that you keep in a safe place or
come up with your own algorithm for creating unique passwords that only
you would know. It is also recommended that you change your passwords
every 90 days.

Nearly all browsers and many websites in general offer to remember your
passwords for future use and Web sites can use hidden fields to steal the

P a g e | 63
 P a t h w a y t o
E m p l o y a b i l i t y

data from forms. Enabling these features make them easier for an attacker
to discover if your system gets compromised. Also, criminals can hijack your
browsing session and steal your information if you stay logged-in to a site. If
you have these features enabled, disable them and clear your stored
passwords.

Websites’ privacy policies and user agreements should provide details as

to how your information is being collected and protected as well as how
that site tracks your online activity. Websites that don’t provide this
information in their policies should generally be avoided.

Keeping an eye on your online statements will allow you to react quickly in
the event that your account has been compromised.

Attackers often use wireless sniffers to steal users’ information as it is sent

over unprotected networks. The best way to protect yourself from this is to
avoid using these networks altogether.

Popup blocking is now a standard browser feature and should be enabled

any time you are surfing the Web. If it must be disabled for a specific
program, turn it back on as soon as that activity is complete.

P a g e | 64
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.9 BASIC SECURITY PRINCIPLES

Confidentiality, integrity, and availability (CIA) define the basic building

blocks of any good security program when defining the goals for network,
asset, information, and/or information system security and are commonly
referred to collectively as the CIA triad.

It's crucial in today's world for people to protect their sensitive, private
information from unauthorized access.

Protecting confidentiality is dependent on being able to define and

enforce certain access levels for information. In some cases, doing this
involves separating information into various collections that are organized
by who needs access to the information and how sensitive that information
actually is - i.e. the amount of damage suffered if the confidentiality was
breached.

Some of the most common means used to manage confidentiality include

access control lists, volume and file encryption, and UNIX file permissions.

Data integrity is an essential component of the CIA Triad and designed to

protect data from deletion or modification from any unauthorized party,
and it ensures that when an authorized person makes a change that should
not have been made the damage can be reversed.

P a g e | 65
 P a t h w a y t o
E m p l o y a b i l i t y

The third component of the CIA Triad refers to the actual availability of your
data. Authentication mechanisms, access channels and systems all have
to work properly for the information they protect and ensure it's available
when it is needed.

High availability systems are the computing resources that have

architectures that are specifically designed to improve availability. Based
on the specific HA system design, this may target hardware failures,
upgrades or power outages to help improve availability, or it may manage
several network connections to route around various network outages.

1.1.9.1 VALUE OF DATA AND INFORMATION

Data and information are crucial assets to create value on various possible
levels. They need to be protected as we would do with all important assets,
they need to be treated with care, they derive their meaning from their
purpose and they are becoming economic goods as such, with data being
a business asset.

In today’s world of information technology, data & information assets need

to be treated as the most important asset an organization has. The reason
being is that, physical assets such as land, buildings, machinery and raw
materials are almost impossible, if not, very challenging to steal and/or
compromise. Data & information assets can be easily stolen and the
information that is at risk of getting stolen can oftentimes be extremely
valuable to people who have no business having access to that
information. Think of how valuable a person’s social security number is on
the black market when it comes to identity theft.

P a g e | 66
 P a t h w a y t o
E m p l o y a b i l i t y

Intellectual property is a category of property that includes intangible

creations of the human intellect that can be copyrighted, patented or
trademarked. Although intellectual property can be in the form of a book,
video games, movies, or computer program, the intangible creation stored
in various physical manifestations is what is actually protected by
intellectual property rights and laws.

1.1.9.2 SECURITY TRIAD

The CIA triad in enterprise security. At its core, the CIA triad is a security
model that you can—should—follow in order to protect information stored
in on-premises computer systems or in the cloud. It helps you:

• Keep information secret (Confidentiality)

• Maintain the expected, accurate state of that information (Integrity)
• Ensure your information and services are up and running (Availability)

It’s a balance: no security-Team can 100% ensure that confidentiality,

integrity, and availability can never be breached, no matter the cause.

Instead, security professionals use the CIA triad to understand and assess
your organizational risks. Dynkin suggests breaking down every potential

P a g e | 67
 P a t h w a y t o
E m p l o y a b i l i t y

threat, attack, and vulnerability into any one function of the triad. For
example:

• A data breach attacks the confidentiality of your data.

• A ransom ware incident attacks the availability of your information
systems.

Understanding what is being attacked is how you can build protection

against that attack. Take the case of ransom ware—all security
professionals want to stop ransom ware. Where we tend to view ransom
ware broadly, as some “esoteric malware attack”, Dynkin says we should
view it as an attack designed specifically to limit your availability.

When you think of this as an attempt to limit availability, he told me, you
can take additional mitigation steps than you might have if you were only
trying to “stop ransomware”.

The triad can help you drill down into specific controls. It also applies at a
strategy and policy level. Dynkin continues: When you understand the CIA
triad, you can expand your view of security “beyond the specific minutiae
(which is still critically important) and focus on an organizational approach
to information security.”

Prioritize each thing you need to protect based on how severe the
consequences would be if confidentiality, integrity, or availability were
breached. For example, how might each event here breach one part or
more of the CIA triad?

• A service interruption: An attacker could interrupt your access as a

bargaining chip for something else.

P a g e | 68
 P a t h w a y t o
E m p l o y a b i l i t y

• Interception: An attacker could block or hijack your emails to learn

about company activity.
• Modification or fabrication: An attacker could modify or fake your
information.

What if some incident can breach two functions at once? Consider, plan
for, and take actions in order to improve each security feature as much as
possible. For example, having backups—redundancy—improves overall
availability. If some system’s availability is attacked, you already have a
backup ready to go

P a g e | 69
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.10 SECURITY BEST PRACTICES

In today world there are wide range of attacks and threats to your
computer. While it’s true that you need to be vigilant when protecting your
computer, the good news is that there are many steps you can take to help
secure your system. Even if you follow all of the best steps to protect your
computer, you can still find yourself the victim of an attack—there is no
guarantee that you’re safe. Your goal though is to make a would-be
attacker’s life as miserable as possible. Following the proper steps
dramatically decreases the odds of an attack being successful versus
having an unprotected system.

In below sections we will cover steps you can take to protect your
computer and your data. As part of that, you will learn how to harden your
computer, manage user accounts properly, and protect yourself on a
network, with particular emphasis on Internet and email safety.

1.1.10.1 DEVICE HARDENING

The term device hardening has to be one of the best terms in all of
computing. It sounds strong and powerful and like it will make your
computer invincible. Device hardening helps protect your computer by
reducing its vulnerabilities.

If you think about it, the very act of networking computers is what makes
them vulnerable to attacks. Device hardening is one proactive step you
can take at the local machine to reduce the likelihood of a successful
attack.

Below are some of the device-hardening techniques:

• Disabling unused or potentially dangerous features
Unused features with potential security holes are things that hackers
love. Think of a scenario where an attacker exploits a bug in an

P a g e | 70
 P a t h w a y t o
E m p l o y a b i l i t y

unused feature and remains undetected; this allows them to continue

their tasks without deterrents. It’s like being able to eat all of the
cookies in the cookie jar knowing that no one will look for crumbs—
almost too good to be true!

• Disabling Unused Communication Methods

o Disabling Unused Services
o Disabling AutoPlay
o Locking the system
Locking the system can mean two things. The first is physically
locking the system to a desk or in a drawer so it can’t be
stolen. The second is to software lock the system when you
leave your desk

• Setting NTFS Permissions and Enabling Encryption

When different users log into the same computer locally, though, you
need to employ other methods to keep their private data separate.

One way is to set certain folders to be inaccessible to other local users.

To do this in Windows, use the Security tab in the folder’s Properties
dialog box. It contains file-sharing permission settings that apply to
local access. You can also encrypt certain folders so their content is
scrambled if someone tries to browse the file content, such as with a
disk-editor utility.

• Utilizing security software and features

There are four main classes of applications to help protect your
system against malware and hackers:
o Antivirus software defends against viruses, worms, and Trojan
horses.
o Antispyware software defends against adware and spyware.
o Antispam software reduces the amount of junk email you
receive.
o Software firewalls block potentially dangerous network traffic.

P a g e | 71
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.10.2 ANTIVIRUS / ANTI-MALWARE

Antivirus is a kind of software used to prevent, scan, detect and delete

viruses from a computer. Once installed, most antivirus software runs
automatically in the background to provide real-time protection against
virus attacks.

• AVG Antivirus
• McAfee Antivirus
• Norton Antivirus
• Ad-Aware

It is one of the most popular and widely used antivirus software. The good
thing is that you can avail its services for free. You can download it securely
from the internet. It takes minimal space and is capable of working with
different windows and Operating Systems.

Within small time intervals, it keeps scanning computer files. If you want to
get rid of a virus or spyware, then install it now. Social networking protection,
anti-spam pro, email scanner, anti-rootkit, protective cloud technology are
some essential features of AVG Antivirus.

This differs from AVG Antivirus as you can set a timer for scanning files in
McAfee Antivirus. With Wi-Fi protection, network manager, performance
and PC optimization, and efficient web protection, McAfee Antivirus is the
second most popular antivirus program. Like AVG Antivirus, the McAfee

P a g e | 72
 P a t h w a y t o
E m p l o y a b i l i t y

Antivirus also protects your computer from viruses and spyware. You have
to get a subscription if you want to avail the services of McAfee Antivirus.

If you are looking for an incredible antivirus at affordable cost, then Norton
Antivirus is your best bet. It is ideal for the protection of personal and
financial data. The amazing features of this software include the startup
manager, disk doctor, threat protection and the safe web that makes
Norton a highly desired antivirus.

This software will scan your computer daily and will delete all the junk files
and viruses. It will ask you to pay an annual subscription fee to enjoy its
services.

Lavasoft has introduced this incredible antivirus program. This software will
protect your personal and financial data from various cyber criminals. It
prevents from all the viruses and spyware that attack your computer by
showing ads. If you are facing multiple threats while using the internet, then
make sure to install Ad-Aware as it will help you in overcoming the hurdles
while surfing. It is powerful enough to trace keystrokes and passwords also.
It is very strong in fighting against Trojans

Antispyware applications look for known spyware and adware programs

and offer to disable them or remove them from your system. Like antivirus
applications, antispyware programs look for definitions—that is, code
snippets that identify a spyware or adware component.

P a g e | 73
 P a t h w a y t o
E m p l o y a b i l i t y

Most antispyware applications also can remove lesser security and privacy
threats, such as tracking cookies. Many antivirus applications include
antispyware protection too, so you may not have to bother with a separate
antispyware application.

Some antispyware applications run all the time in the background, like an
antivirus application. Others run only when you specifically open them and
initiate a scan.

Windows Defender is a free antispyware tool that comes with Windows.

There are also many other free and commercial antispyware programs
available, such as Spybot Search & Destroy (www.safer-networking.org).

it costs almost nothing to send millions of emails, so even if only a very small
percentage of people respond, it’s still a money-making proposition.
People also send spam to perpetrate fraud, either by trying to sell useless or
nonexistent products or by trying to trick people into visiting phishing
websites or sites where a virus or other malware will be downloaded.

Many email applications include filters and other tools to manage spam.
Microsoft Outlook has its own junk-mail filter, However, these built-in filters
often fail to catch a lot of the spam because their algorithms for
differentiating between spam and legitimate mail aren’t sophisticated.

Some antivirus applications include an antispam component, and you can

also buy add-on antispam programs or get them for free. For example,
SpamBayes, available for free at spambayes.sourceforge.net, is an
extremely sophisticated email differentiator that uses a ranking system that
evaluates each message on multiple criteria to determine its spam
probability. It’s available for Windows, UNIX, Linux, and Mac OS X.

P a g e | 74
 P a t h w a y t o
E m p l o y a b i l i t y

Firewall can protect you in two ways. They protect your network resources
from bad traffic generated by hackers, and they can simultaneously
prevent computers on your network from accessing undesirable content
on the Internet. Firewalls perform these tasks by monitoring and filtering
network traffic. Windows comes with its own software, appropriately
named Windows Firewall. If you want to obtain a different firewall, you can
find them as stand-alone products or part of a security suite such as Norton
Security.

1.1.10.3 HOST FIREWALL

A host-based firewall is firewall software that is installed directly on a

computer (rather than a network). Host-based firewalls help detect and
stop viruses, malware and other malicious scripts that may not have been
caught by network security. When a host-based firewall is regularly
updated and running on an individual computer, the individual computer
is protected against viruses and other malicious software.

Many popular Anti-Virus programs include a host-based firewall feature. To

verify if you have a host-based firewall installed on your computer, first
confirm that you have an Anti-Virus program installed in your computer.
Then, make sure to turn on the firewall feature.

1.1.10.4 MANAGING PASSWORDS

Password management is a critical security feature that tends to get

overlooked. It involves proper user training and is aided by restrictions a
network administrator can set on users if their computers are part of a
domain.

P a g e | 75
 P a t h w a y t o
E m p l o y a b i l i t y

One of the first things that users should know is to change their default
passwords and make the passwords they choose complex. Also teach your
users to not share their password with anyone—passwords are to remain
confidential in order to protect the network.

Any attacker can find out what the default password is for a given program
or device in just a few minutes. A quick Google search will reveal that
information. The defaults may be great for letting you connect and get the
device or program up and running quickly, but in order to keep snoopers
or would-be attackers out, you must change the defaults as soon as
possible.

1.1.10.5 CREATING SECURE PASSWORDS

We should avoid creating simple, easy same passwords for all sites that
require a login. However, one of the first steps to protecting your information
is using unique and secure passwords for the sites you use. Even if a site
claims that it is secure, it is important that you use a password that will be
difficult for hackers to discover.

A strong password is one that is difficult for someone to guess. Strong

passwords have these characteristics:

• Long The longer, the better. At least eight characters are optimal.
• Varied The password contains at least one capital letter and at least
one number and/or symbol.
• Unusual The password doesn’t appear in a dictionary and isn’t a
proper noun.

P a g e | 76
 P a t h w a y t o
E m p l o y a b i l i t y

Passwords that are easy to guess are considered weak passwords. Some of
the worst passwords of all are things like qwerty, 12345, the user ID, and the
word password. Only slightly better are the names of people, pets, and
places. Even though a password should be difficult for others to guess, it’s
okay to make it easy for you to remember. To do this, try combining
numbers and letters that make sense to you but won’t make sense to other
people.

Some companies’ IT policies require that you change your password at

regular intervals, such as every 90 days. The rationale is that the longer you
keep a password, the more likely that someone has surreptitiously seen you
type it, or you’ve written it down somewhere, or some other security breach
has occurred.

You must take the initiative to keep changing the password in a regular
interval, especially on sites where you manage your financial affairs.

To help you remember your password in a frequently changing

environment, you may want to develop a structured system of changes.
For example, suppose your password is video$Furrier. When you change it,
you might add the two-digit number of the month in which you changed it.
For example, if you change it in February, you can make it video$02Furrier.
Then, when you change it again in May, you can change it to
video$05Furrier.

User authentication happens when the system you are logging into
validates that you have proper credentials. Oftentimes, this is as simple as
entering a username and password, but it could be more complex.

P a g e | 77
 P a t h w a y t o
E m p l o y a b i l i t y

To increase security, your computer or network might require multifactor

authentication, which as the name implies requires multiple pieces of
information for you to log in. Generally speaking, in addition to a username,
multifactor authentication requires you to provide two or more pieces of
information out of these three categories: something you know, something
you have, or something you are.

Something you know is generally a password. Something you have can be

one of a few different things, such as a smart card or a security token.

A smart card is a plastic card, similar in dimensions to a credit card, that

contains a microchip that a card reader can scan, such as on a security
system. Smart cards often double as employee badges, enabling
employees to access employee-only areas of a building or to use elevators
that go to restricted areas, or as credit cards.

One of the big problems that larger systems must deal with is the need for
users to access multiple systems or applications. This may require a user to
remember multiple accounts and passwords. The purpose of a single sign-
on (SSO) is to give users access to all the applications and systems they
need when they log on. This is becoming a reality in many network
environments.

Single sign-on is both a blessing and a curse. It’s a blessing in that once the
user is authenticated, they can access all the resources on the network with
less inconvenience. It’s a curse in that it removes potential security doors
that otherwise exist between the user and various resources.

P a g e | 78
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.10.6 DATA ENCRYPTION

Data encryption converts data from a readable, plaintext format into an

unreadable, encoded format: cipher text. Users and processes can only
read and process encrypted data after it is decrypted. The decryption key
is secret, so it must be protected against unauthorized access.

Encryption is the basic building block of data security. It is the simplest and
most important way to ensure a computer system's information can't be
stolen and read by someone who wants to use it for malicious purposes.

Data security encryption is widely used by individual users and large

corporations to protect user information sent between a browser and a
server. That information could include everything from payment data to
personal information. Data encryption software, also known as an
encryption algorithm or cipher, is used to develop an encryption scheme
that theoretically can only be broken with large amounts of computing
power.

When information or data is shared over the internet, it goes through a series
of network devices worldwide, which form part of the public internet. As
data travels through the public internet, there is a chance it could be
compromised or stolen by hackers. To prevent this, users can install specific
software or hardware to ensure the secure transfer of data or information.
These processes are known as encryption in network security.

Encryption is also used to protect passwords. Password encryption methods

scramble your password, so it's unreadable by hackers.

P a g e | 79
 P a t h w a y t o
E m p l o y a b i l i t y

1.1.10.7 SAFE BROWSING PRACTICES

Web browsers work by downloading and displaying web pages, which are
essentially programming scripts. The script is rendered as a formatted web
page by your web browser on your local PC.

The trouble is, at the moment when that page is downloaded, there are
numerous opportunities for a hacker to take advantage of the connection
in various ways. For example, your requests for pages can be intercepted
on their way to the server. This can compromise your privacy, because
someone can see what pages you’re requesting. More important, however,
it can compromise any login information you may be sending to a financial
or business site. Scripts can also contain malicious code that infects your
system, making it perform unwanted activities like sending your private
information to a third party or displaying countless ads. Web pages can also
have embedded Flash or Java applications that can do harm in some
cases.

Before getting into specific things you should recognize, here are two
basic safe web- browsing tips:

• Do Not Visit Questionable Sites This one might seem self-evident, right?
Part of the problem might be identifying a questionable site, much
like you can’t always identify a “bad person” simply based on their
looks. Some sites are pretty obvious, though. Sites that claim to offer
free software downloads for programs you know aren’t normally free,
sites that offer hate-themed material, and adult websites tend to be
the most notorious for providing your computer with unwanted
content.
• Limit the Use of Personally Identifiable Information Personally
identifiable information (PII) is anything that can be used to identify
an individual person on its own or in context with other information.
This includes your name, address, other contact information, the

P a g e | 80
 P a t h w a y t o
E m p l o y a b i l i t y

names of your family members, and other details you would consider
private. You should also be judicious in providing your email address
to websites to avoid getting spam.

It is of vital importance that your internet connection is secure. This

connection is a way into your computer for hackers. Your internet
connection can be a gateway leading hacker to view files on your
computer, discover your passwords, and commit identity theft. Hackers can
also use your internet connection for their own purposes, which can
inadvertently get you into trouble. It is important to take measures to make
sure your internet connection is not accessible to anyone outside your
home or business. If you connect to the internet using a modem or router,
the first thing you should do is change the password from the one that
comes with the device.

Firmware is the software that makes your computer work. Manufacturers will
often release updates to firmware as they discover ways to make it more
functional and more secure. You should update your firmware device as
soon as it is released so that your device has the best possible security.

HTTP (Hypertext Transfer Protocol) is a way for servers and browsers to

communicate with one another. When browsing the internet, the address
bar will display either http or https. Sites that are secure will begin with an
“https” instead of a basic “http.” The s stands for secure. It translates
information into a language that is impossible for hackers to read

P a g e | 81
 P a t h w a y t o
E m p l o y a b i l i t y

Most of us don’t give much thought to the privacy of what we search on

the internet, but it is important to use safe web search practices anytime
you are browsing the internet. If you have not taken measures to set your
browser to private, then what you search on the internet can be accessed
by others, including hackers and investigators. Search engines will often
store your searches with your IP address, which can be valuable information
to scam artists. If you are serious about keeping your searches private, you
may want to consider using a proxy server.

1.1.10.8 PATCHING / UPDATES

Newer versions of existing software products are frequently released. These

newer versions might fix known bugs with the application, while others will
add functionality that didn’t exist before. The frequency of version releases
depends on the software manufacturer and the severity of the issue. If it’s
an update or a patch to solve an issue within the program, the
manufacturer will provide that update for free.
In this section, we will look at updating and patching OSs, applications
(including security software), and drivers. Here we will focus on how often
you should update, scheduling updates, and automatic updates.

The OS is the platform on which everything else sits, so it’s important that it
be a stable and reliable platform.
You don’t always have to have the most recently released OS version, but
you do need a version that’s current enough so that all the software you
want to use runs on it. Whatever version you use, you should make sure all
available security updates are applied to it to avoid problems due to viruses,
worms, and other exploits.

P a g e | 82
 P a t h w a y t o
E m p l o y a b i l i t y

Most OSs have an automatic update feature, which relieves users of the
burden of remembering to look for and install updates. However,
occasionally an update may cause a problem on some systems. For
example, an update may have an incompatibility with a certain piece of
hardware that you’ve installed, causing it to stop working, or an update
may cause an older application to crash. For this reason, some network
administrators prefer to keep control of updates themselves on all the PCs
they support rather than enabling individual users to choose to download
them or not; therefore, they may disable automatic updates on individual
PCs.
On a Mac, you control the automatic updates via the Software Update
dialog box, shown in Figure 4.28. (Access this from System Preferences on
the Dock.) You can specify an interval at which to check for updates (for
example, Weekly) and choose whether to download updates
automatically.
In Windows, you control automatic updates via the Windows Update
section of Control Panel. (It’s in the System And Security area.) You can turn
updating on/off, manually check for updates, review update history, and
more.

Updating or patching an application generally isn’t as critical as the

operating system, with the exception of your security software. As I
mentioned in the last section, Windows Update and other OS updating
software can sometimes find updates for your applications as well. If not,
the application manufacturer will release updates and patches as
downloadable files on their website. These updates are installed just like the
application, with an .exe, .msi, .zip, or other file you open to begin the
installation.
Security software is the one major exception. You always want to make sure
that your security software is up to date, which includes its definitions library.
Earlier in this chapter we looked at Norton Internet Security and its setting
for automatic updates. Regardless of the antivirus or other security program
you have installed, automatic updates are a good idea. They keep you
from forgetting and then ending up having not updated in several months.

P a g e | 83
 P a t h w a y t o
E m p l o y a b i l i t y

If you do want to manually control your security updates, it’s

recommended that you run them at least once per week.

Drivers also require infrequent updates. Usually, the only time you will want
to update a driver is if you are having problems with your hardware. For
example, I was having issues with my video card. Occasionally when I
would resize windows in Windows, the display would freeze, go black, and
then return to normal.

P a g e | 84
 P a t h w a y t o
E m p l o y a b i l i t y

1.2 - IT SERVICE MANAGEMENT

FUNCTION
Most organizations evolve organically, regardless of function. Even the
most forward-thinking teams, departments or businesses cannot predict
exactly what will happen to them in future and there will always be the
need for change.

From a service perspective most service operations have also

developed organically in response to the needs of the business they
support. IT help desks evolved in the 1980s for various reasons (one being
that companies like IBM offered discounts to their customers if they
operated a single point of contact help desk!).

These help desk teams soon found that their problem was often not so
much dealing with their customers, but being able to get help from their
own (IT) department. The point being here that, in the evolved organic
organisation, people both in IT and ‘the business’ had found ways of
working and communicating with each other that worked (well sort of).

Informal service relationships are often flawed, inconsistent, inefficient,

expensive and unaccountable, but to the people involved, they often
worked – help desks just messed up this system!?

P a g e | 85
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.1 INTRODUCTION TO IT SERVICE

MANAGEMENT IN THE MODERN WORLD
IT Services focuses on a Service Management strategy. "IT Service
Management (ITSM) is a discipline for managing information
technology (IT) systems, philosophically centered on the customer's
perspective of IT's contribution to the business". IT Services uses an ITIL
framework to implement IT service management with its core processes
including: incident, problem, configuration, and change.
• Incident - tracks interruptions to service with the goal of getting
business back to normal quickly
• Problem - correlates incidents that have common causes
(problems) and identifies work arounds
• Change - tracks and controls modifications to configuration items
like equipment and software
• Configuration - focuses on recording and controlling accurate
records of configuration items necessary for the service to operate

Here is brief on how this framework is structured:

• Service catalog - a "restaurant menu" of services offered
• Project planning - a short list of in progress and planned projects
• Standard practices - reproducible steps for reproducible results
• Change advisory board - managing change to improve services
and prevent problems
• Priority decision matrix - Technician’s work 24x7 to achieve high
levels of service

P a g e | 86
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.2 IT SERVICE MANAGEMENT

CONCEPTS
1.2.2.1 WHY IT SERVICE MANAGEMENT IS NEEDED?

About 80% of all IT service outages originate from "people and process
issues". The duration of outages and degradations significantly
dependent on nontechnical factors.

IT service management aims at providing high quality IT services

meeting customers' and users' expectations, by defining, establishing
and maintaining service management processes.

P a g e | 87
 P a t h w a y t o
E m p l o y a b i l i t y

ITSM is a major streamlining element of your business activities. Effective

ITSM eradicates all of the jarring qualities between end users and IT
professionals, manages the overall relationship between the two, and
remedies conflicts. There are plenty of benefits to utilizing ITSM, outlined
briefly here.
• Business alignment: One of the most notable benefits of ITSM is it
affords the IT team a more in-depth and accurate understanding of the
requirements of the business. This is otherwise known as business
alignment—making sure everyone is on the same page and working
toward the same goals.
• Increased productivity: An obvious advantage is effective ITSM
should lead to increased productivity within the IT team. This is, in part,
on account of the roles and associated responsibilities of each team
member being more clearly defined.
• Satisfied end users: A more productive team leads to greater end-
user satisfaction, which is intimately connected with overall business
success. ITSM ensures end users receive the best service and have
reasonable expectations.
• Improved problem solving: Problem-solving processes also benefit
from ITSM, as it reduces the amount of time between incident
identification and the implementation of a solution. By giving you
access to detailed analytics, ITSM enables you to measure your own
performance, so it can be improved upon. It assists in executing a more
proactive approach to incidents, enabling you to strike pre-emptively
before the issue has had time to do any damage. Moreover, ITSM makes
it significantly easier to identify problems in the first place, and to keep
them from recurring.
• Compliance: Lastly, ITSM ensures your organization is satisfying all
the relevant regulatory requirements, saving you the headache of
staying on top of compliance.

1.2.2.2 WHAT IS A SERVICE?

Service:
A way to provide value to a user / customer through bringing about
results that they want to achieve

P a g e | 88
 P a t h w a y t o
E m p l o y a b i l i t y

Service provider:
Organisation or federation or part of an organisation or federation that
manages and delivers a service or services to customers

Examples of IT services:
• Provision of standard desktop workstations
• Connectivity: E-Mail, LAN, internet access
• Provision of computational resources
• Provision of standard and special applications
• Storage, backup, archival storage

Defining Value by Service

Service is an intangible good that is delivered by a service provider to
customers. It’s something that provides value to the customers by
helping them achieve their goals.

The distinction between service function and service quality in IT Service

Management is similar to the distinction made in the field of
Requirements Engineering between functional requirements and non-
functional requirements (often called quality attributes)

1.2.2.3 WHAT IS A PROCESS AND ITS ROLES?

Process

P a g e | 89
 P a t h w a y t o
E m p l o y a b i l i t y

Set of activities that bring about a specific objective or set of results from
a set of defined inputs.

Basic facts about IT service management processes:

• ITSM processes support the delivery of IT services.
• To provide one IT service to a customer, often several processes
are needed.
• An IT service being successfully delivered is the result from many
processes successfully operating and interacting.

1.2.2.4 CLASSIC LINE ORGANIZATION AND PROCESSES

Discussion: Imagine the handling of an incident that is reported to the
service desk. Who is responsible for the overall outcome? The service
desk says it is a DB issue. The DB server team say it is a network issue. The
Network team says it is a Desktop support issue, who refer it back to the
helpdesk.
Without ITSM roles and responsibilities: who is responsible for the
resolution of the incident? Perhaps Top Management, but does that
help the user get their service running again?

P a g e | 90
 P a t h w a y t o
E m p l o y a b i l i t y

What comprises a process?

P a g e | 91
 P a t h w a y t o
E m p l o y a b i l i t y

Process roles

Process owner:
• Overall accountability for a process
• Defines process goals, monitors their fulfillment
• Has authority to provide / approve resources

Process manager:
• Responsible for the operational effectiveness and
efficiency of a process
• Reports to the process owner
• Process staff member:
• Responsible for performing a specific process
activity
• Escalates exceptions to the process manager

1.2.2.5 SERVICE MANAGEMENT SYSTEM (SMS)

Service management system (SMS):

Overall management system that controls and supports management of
services within an organisation or federation

P a g e | 92
 P a t h w a y t o
E m p l o y a b i l i t y

Policy:
Documented set of intentions, expectations, goals, rules and requirements,
often formally expressed by top management representatives in an
organisation or federation

Activity:
Set of actions carried out within a process

Procedure:
Specified set of steps or instructions to be carried out by an individual or
team to perform one or more activities of a process

1.2.2.6 COMMON TERMS

P a g e | 93
 P a t h w a y t o
E m p l o y a b i l i t y

Below are important terms from the IT service management context (In
alphabetical order):

P a g e | 94
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.3 KEY CONCEPTS OF SERVICE

MANAGEMENT
Service management is a set of specialized organizational capabilities for
enabling value for customers in the form of services. These capabilities
include tangible things like capital, people, and equipment, and can also
include intangible things like knowledge, management and skills. These
capabilities can also include intangible things, like knowledge,
management, and skills.

The goal of IT service management is to maximize the value delivered and

obtained from technology-driven products and services.

1.2.3.1 VALUE AND VALUE CO-CREATION

The purpose of an organization is to create value for stakeholders. Here,

value is defined as:
• Perceived benefits
• Usefulness
• Importance

Value is subject to the perception of the stakeholders, whether they be

the customers or consumers or the organization itself. Think about a ride
sharing service: for some people the value is convenience; for others it
might be cost or flexibility. Value can be subjective, depending on the point
of view.

In the past, organizations viewed themselves as ‘service providers’,

delivering value to their customers in a mono-directional manner: the
provider delivering value to the customer, while the customer plays no role
in value creation. This model, however, has become outdated.

P a g e | 95
 P a t h w a y t o
E m p l o y a b i l i t y

Organizations now recognize that value is co-created through an active

collaboration between providers and consumers. This co-creation is
augmented by the work of other stakeholders which are part of the
relevant service relationships.

1.2.3.2 VALUE: SERVICES, PRODUCTS, AND RESOURCES

In IT Service Management framework, the service is the ultimate center of

focus in every aspect of service management. A service is defined as a
means of enabling value co-creation by facilitating outcomes that
customers want to achieve, without the customer having to manage
specific costs and risks. The services that an organization provides are
based on one or more of its products.

A product is any configuration of an organization’s resources designed to

offer value for a consumer. Resources can include people, capital,
equipment, software, etc.

Service providers usually present their services to consumers in the form of

service offerings, which describe one or more services based on one or
more products. A service offering is a description of one or more services
that are designed to address the needs of a target consumer group. The
three main components of service offerings are:
• Goods
• Access to resources
• Service actions

Here are some examples:

Component Description Examples

P a g e | 96
 P a t h w a y t o
E m p l o y a b i l i t y

Supplied to the consumer

Ownership is transferred to
the consumer
Goods
Consumer takes responsibility Appliances
for future use Consumer goods

Ownership is not transferred

to the consumer
Access is granted or licensed
to the consumer under
agreed terms and conditions

Access to Web hosting

The consumer can only Cloud Storage
Resources access the resources during
the agreed consumption
period and according to Online gaming
other agreed service terms subscription

Performed by the service

provider to address a
consumer’s needs
Service Performed according to an
Actions agreement with the Car maintenance
consumer IT user support

Different offerings can be configured for different target consumer

segments depending on:
• Demand
• Capacity to pay
• Additional factors/span

1.2.3.3 Stakeholders in Service Management

P a g e | 97
 P a t h w a y t o
E m p l o y a b i l i t y

This new perspective of value co-creation results in a critical need to

identify all the players who are involved. This could include suppliers,
consumers, financiers, regulators—even influencers. Let’s identify some of
the main stakeholders in service management:

Stakeholder Definition Example

A person or a group of people

that has its own functions with
Organization responsibilities, authorities, and A company, an
relationships to achieve its institution, or an
objectives. individual

An organization that takes up the An airline that

Service role of creating and delivering provides air
Provider services transportation services

A business that buys

Service An organization that takes up the and uses internet
Consumers role of receiving services services from an ISP

The term service consumer is generic by nature, so we can further delineate

roles such as:
• Customer: A person who defines the requirements for a service and
takes responsibility for the outcomes of service consumption; e.g.,
the IT Manager.
• User: A person who uses services; e.g. the company employees.
• Sponsor: A person who authorizes budget for service consumption;
e.g., the Finance Manager.

Note that these terms can be used by a single individual who can act as
the customer, user, and sponsor of a service they have bought and
consumed.

P a g e | 98
 P a t h w a y t o
E m p l o y a b i l i t y

Beyond the consumer and provider roles, many other stakeholders are
often important to value creation. Identifying these roles in service
relationships ensures effective communication and stakeholder
management.

1.2.3.4 SERVICE RELATIONSHIPS

A service relationship is defined as the cooperation between a service

provider and service consumer. Service relationships are established
between two or more organizations to co-create value. An organization
can play the role of provider or consumer interchangeably, depending on
the situation.

Service relationships include:

• Service provision
• Service consumption
• Service relationship management, which are the joint activities
performed by a service provider and a service consumer to ensure
continual value co-creation based on agreed and available service
offerings.

The service relationship model is used to showcase the ever-changing

interaction between service providers and consumers. An organization can
procure services and use them to deliver services to another consumer, thus
shifting from consumer to provider. For example, a call centre may
purchase internet services from a supplier and then use those services to
provide customer relationship management services for its customers.

1.2.3.5 VALUE: OUTCOMES, COSTS AND RISKS

Service providers help their consumers to achieve outcomes and, in doing

so, take on some of the associated risks and costs. However, the service

P a g e | 99
 P a t h w a y t o
E m p l o y a b i l i t y

relationship can result in negative outcomes or introduce new or previously

unknown risks and costs.

Service relationships are perceived as valuable only when they have more
positive effects than negative, particularly regarding impact on outcomes,
costs, and risks.

1. Outcomes: When an organization acts as a service provider, it

produces outputs that help its consumers to achieve certain outcomes.
An output is defined as a tangible or intangible deliverable of an activity;
for example, transportation from one location to another.

An outcome, by contrast, is the result for a stakeholder that was enabled

by one or more outputs. If the output is transportation between
locations, the outcome might be that the stakeholder has an interview
or doctor’s appointment.

Depending on the relationship between the provider and the consumer,

it can be difficult for the provider to fully understand the outcomes that
the consumer wants to achieve. In some cases, both parties will work
together to define the desired outcomes.

P a g e | 100
 P a t h w a y t o
E m p l o y a b i l i t y

2. Costs: Costs are the amount of money spent on a specific activity or

resource. From the service consumer’s perspective, there are two types
of cost involved in service relationships:
• Costs removed from the consumer by the service (a part of the
value proposition). For example, for a car sharing service, the
customer does not pay for the actual cost of purchasing the car.
• Costs imposed on the consumer by the service (the costs of service
consumption). In a car sharing service, the customer pays for
cellular or internet services to request the service.
The two types of cost must be fully understood if a service provider is to
obtain value for money and ensure the right decisions are made about the
service provision. Providers need to ensure that services are delivered within
budget constraints and meet the financial expectations of the
organization.

3. Risks: A risk is any event, including possible events, that could cause
harm or loss or make it more difficult to achieve objectives. Risk is
considered an uncertain outcome, one that that can be positive or
negative. Two types of risk are concerning to service consumers:
• Risks removed from a consumer by the service (part of the value
proposition). For example, for an online streaming service, the
failure of equipment involved in delivering the service.
• Risks imposed on a consumer by the service (risks of service
consumption). For an online streaming service, the threat of lawsuit
for copyright infringement.

It is the duty of the provider to manage the detailed level of risk on behalf
of the consumer. However, the consumer has a role to play in
contributing to risk reduction as a function of value co-creation. The
consumer contributes to reducing risk by:
• Actively participating in defining the service requirements and
clarifying its required outcomes, often on an ongoing basis.
• Clearly communicating the critical success factors (CSFs) and
constraints that apply to the service.
• Ensuring the provider has access to the necessary consumer
resources throughout the service relationship.

P a g e | 101
 P a t h w a y t o
E m p l o y a b i l i t y

4. Utility & Warranty: How do we know that a service is delivering value for
the consumer and meeting the service provider’s requirements? By
evaluating, in totality, the utility and warranty of the service.
• Utility is the functionality offered by a product or service to meet a
particular need. Utility perhaps answers ‘what the service does’ or
whether a service is ‘fit for purpose’. To have utility, a service must
either support the performance of the consumer and/or remove
constraints from the consumer.
• Warranty, on the other hand, is the assurance that a product or
service will meet agreed requirements. Warranty answers ‘how the
service performs’ or whether a service is ‘fit for use’. Warranty often
relates to service levels aligned with the needs of service
consumers, such as availability, capacity, security, and continuity.

When assessing a service, you must consider the impact of costs and risks
on utility and warranty—this generates a complete picture of the viability
of a service. Both utility and warranty are essential for a service to facilitate
its desired outcomes and, therefore, help create value. For example, if you
are using a courier delivery service, the utility involves the delivery of your
packages while warranty is about the speed and handling of your
packages.

P a g e | 102
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.4 KEY CONCEPTS OF SERVICE

RELATIONSHIPS

1.2.4.1 SERVICE OFFERING

A service is made of many service components which includes services and

products. Consumer of the service will have an interface to use the service
which does not represent all the components of the services, instead only
to those interfaces which are required to access the services.

For example: The employees of the organization use intranet portal to

access the HR services. Here, the intranet portal is the service interface,
whereas the servers, LAN service etc. are also present which ensures the
service availability to employees.

Service Offerings: A description of one or more services, designed to

address the needs of a target consumer group. A service offering may
include goods, access to resources, and service actions.

Goods to be supplied to a consumer. Goods are supposed to be

transferred from the provider to the consumer, with the consumer taking
responsibility for their future use. Some of the examples of goods are a
physical server, Mobile phone, laptop etc. The ownership of the goods is
transferred to the consumer and consumer should take responsibility of the
goods and its future use.

Access to resources granted or licensed to a consumer under agreed

terms and conditions. The resources remain under the provider’s control
and can be accessed by the consumer only during the agreed service
consumption period. Some of the examples are access to the mobile
network, or to the network storage or to a cloud environment etc. The

P a g e | 103
 P a t h w a y t o
E m p l o y a b i l i t y

ownership is not transferred to consumer, where the access is granted for

the period of agreement (terms & condition) or license provided. The
consumer can only access during the period of licence and terms &
conditions.

Service actions performed to address a consumer’s needs. These actions

are performed by the service provider according to the agreement with
the consumer. Some of the examples are, user support like service desk,
where the service actions are performed to fulfil the needs of the consumer.
In this example of service desk, resolving the incidents of the users will be
one of the service actions.

1.2.4.2 SERVICE RELATIONSHIP

Service relationship refers to the model of engagement that the service

provider and customer will have with each other to co-create value. An
organization should always strive & do more than simply providing a service.
There needs to be a collective effort and cooperation to create service
value.

To establish the service relationships, organization has to envisage the

alignment and value cascading effect from organization to organization
and co-create value. In a service relationship, the organizations i.e. service
providers & customer (service consumer), should work together towards
creating value. These dual roles are not mutually exclusive, but an
organization usually provides and consumes a number of services at any
given point in time.

Service Relationship is a “A cooperation between a service provider and

service consumer”. Service relationships include service provision, service
consumption, and service relationship management.

P a g e | 104
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.4.3 SERVICE PROVISION

Service provision refers to the activities performed to provide services to

service consumer, by a service provider organization. This includes;

• Management of all the services provider’s resources, which are

configured to deliver the service. That is, hardware, software,
supplier’s services etc.
• Providing access to the users (the service consumers) to access these
resources like access to cloud services mentioned earlier
• Actioning the agreed service actions, to accomplish the service
results like resolution of incidents, configuration of a service
component etc.
• Service level management of all the services provisioned and
managed throughout the service lifecycle and continually improving
the service levels & service performance
• It may also include the supply of goods, like supply of products which
are ordered by the consumer through an ecommerce portal like
Amazon or eBay.

1.2.4.4 SERVICE CONSUMPTION

Service consumption Activities performed by an organization to consume

services. Service consumption includes:

• Management of the consumer’s resources which are required to

access & use the services by consumer. For example, the consumer
resource can be a router or network switch, where the internet

P a g e | 105
 P a t h w a y t o
E m p l o y a b i l i t y

services from an internet service provider is connected through which

consumers can use the internet services.
• Service actions performed by users, including utilizing the provider’s
resources, and requesting service actions to be fulfilled. For example,
opening the internet portal through internet browser & entering the
login credentials to access the bank account, through net banking
services
• Service consumption may also include the receiving (acquiring) of
goods. For example, logging in and ordering goods / products in an
ecommerce portal like Amazon or eBay websites.

1.2.4.5 SERVICE RELATIONSHIP MANAGEMENT

Both the service provider and service consumer have to perform the
activities to ensure the co-creation of value; continually; and also ensure
that the services achieve agreed service levels and are available as per
the defined / agreed service offerings.

Whenever a service is delivered to a customer, by the service provider, the

service provider has to create new resources to facilitate / enable the
service to consumers, so that services consumer gets the necessary
platform to customize or modify their existing services. This would further
enable the service consumer of a service provider to provide services to
their customers.

In other words, the service consumer is using the new or modified resources
to create its own products to fulfil the needs of their target consumer group,
thus becoming a service provider. These interactions can be seen in the
figure below i.e. Service relationship model.

P a g e | 106
 P a t h w a y t o
E m p l o y a b i l i t y

For example, An Internet service providers’ services are delivered to a

bank, wherein the bank receives these services & configures it to enable it
to provide a net-banking service. Further the consumer or banking services,
is enabled to do the necessary transaction in their account (like payment
of invoice, or invest on new services / project of their business etc) and this
loop continues further.

This flow of services with continuous value creation requires an alignment &
understanding of service relationship

P a g e | 107
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.5 THE SERVICE VALUE SYSTEM

The visualization and establishment of Service value system in an
organization is an essential need of modern business environment. ITIL®4
considers Service Value System (SVS), which depicts the representation of
various service assets (components) & Organizational activities throughout
the service life cycle.

In entirety the Service Value System (SVS) depicted in ITIL®, should facilitate
and stress on integration and coordination across the service value stream
and should provide direction to the organization through a strong and
unified approach, considering the need for flexibility, adaptability,
adaptability by organizations to enable sustainability and consistency.

P a g e | 108
 P a t h w a y t o
E m p l o y a b i l i t y

The various components of ITIL® Service Value System (SVS) are;

• Guiding Principles
• Governance
• Service Value Chain
• Practices
• Continual Improvement

P a g e | 109
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.6 THE NATURE, USE AND INTERACTION

OF 7 ITIL GUIDING PRINCIPLES
To ensure the shared understanding, establishing common approach for
service management across the organization and making appropriate
organizational decisions & actions, the ITIL® guiding principles provide the
required guidance. These guiding principles create the foundation
required for establishing the culture and behaviour across the organization
(i.e. strategic decision making in day-to-day Operation)

Think about guiding principles as a set of boundaries that are drawn. You
can play within these boundaries and, at no cost, cross them. In simple
terms, it’s stated as “A recommendation that guides an organization in all
circumstances.”

The seven guiding principles of ITIL are represented as follows:

P a g e | 110
 P a t h w a y t o
E m p l o y a b i l i t y

These guiding principles are not restricted to ITIL and service management
alone. You can apply them to any industry and it would be true. In other
words, they are universal and more importantly, practical.

In several ways, ITIL’s guiding principles follow the Agile manifesto. For
example, working software over comprehensive documentation is a
classic example of where we lay emphasis on things that embellish but not
the core value. Guiding principles Focus on Value and Keep it Simple and
Practical gel well with it. Likewise, responding to change over following a
plan is embodied with Progress Iteratively with Feedback. Agile manifesto
states

• Individuals and interactions over processes and tools

• Working software over comprehensive documentation
• Customer collaboration over contract negotiation
• Responding to change over following a plan
Every organization implements service management in its own way. There
are several other frameworks and methodologies in use. Organizations will
choose to combine and mix different methodologies and frameworks to
come up with a customized framework that works for them. The guiding
principles ensure that they allow enough room for these frameworks to
combine and synergize. It is important to note that the guiding principles
work toward creating value for the customer and help improve products
and services on a continual basis.

An organization should identify the guiding principles relevant for the

scenario and use it (them) judiciously.

P a g e | 111
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.6.1 FOCUS ON VALUE

The entire ITIL is built around creating value to the customer. The ITIL
definition of Focus on Value Guiding Principle states that

“All activities conducted by the organization should link back,

directly or indirectly, to value for itself, its customers, and other
stakeholders.”

A service provider exists not to provide services to customers but to provide

value through services. As per the ITIL definition, the service that is offered
must be dissected in terms of its deliverables. Each of these deliverables
must be mapped to the service consumption and the business processes
at the customer’s end. Through this exercise, a service provider will be in an
ideal situation to measure if the services offered are generating value, and
if more value can be generated by tweaking services and in the process
can create value for themselves along with other stakeholders involved
through the value generation lifecycle.

Picking the Netflix example, the video streaming service provides ample
value to customers who like to be entertained. They gather data from their
customers on the genre, the language, and the age ratings that are
streamed by their customers. This information is used to recommend other
available shows to customers and to fund new shows that are on similar
lines as the demand indicates. This exercise of Netflix gathering data and
using it wisely is an example of generating more value for the customer. In
the process, Netflix too creates value through the content it produces,
which could lead to additional customers signing up. Other stakeholders
like the production companies, story writers, and actors also become part
of the value generation and create value for themselves through video
production.

P a g e | 112
 P a t h w a y t o
E m p l o y a b i l i t y

Value generation can be typically fulfilled using the four-step process:

• Understanding the service consumer: Value generation dictates that

you know the person who is going to enjoy your service. Unless you
understand the consumer’s desires, tastes, needs, and necessities,
you cannot aim to deliver a service that makes them happy. A
service consumer is generally happy if the service generates value
and can deliver its intended purposes.

Apart from the service consumers themselves, a service provider must

look toward understanding the other stakeholders in play, like
sponsors who will be funding the service, the customers, and others,
as necessary.

• Understanding the service consumer’s perspective: Knowing the

consumer is information. The service provider must aspire to go in
depth—not just getting objective answers to questions but to truly
understand them by going into the perspectives. This would typically
be answering the 6Ws – who, what, where, when, why, and how.

From a service management perspective, this translates to a service

provider understanding:

Why the consumer uses this service?

How does the service generate value?

Who uses it?

Where and when is it used?

What is achieved through the services?

What are the financial limitations for the customer?

What risks are involved that can be foreseen?

Remember that value has a lot to do with perception. So, it is essential

in the value generation process to measure value through the eyes

P a g e | 113
 P a t h w a y t o
E m p l o y a b i l i t y

of the customer rather than mere numbers. Second, the perception

of value does not always remain constant. Finally, costs and risks play
a significant role whether a customer chooses a service provider or
not. Customers may not opt for cheap services for fear that their
quality may be substandard, and opt for something reasonable and
fair instead.

• Obtaining feedback from the customer: Feedback is like gold dust in

the service industry. With the changing perceptions of value to a
customer, keeping up with them is a challenge for service providers.
So, they try and obtain feedback from their customers on various
factors.

The feedback mainly tries to understand the customer experience

(CX), which is also referred to as user experience (UX). CX is defined
as the product of interactions between an organization and a
customer over a period, with respect to products and services. This
experience/feedback will provide information about how a customer
feels about the product/service and the organization providing it.

CX is based on how a customer feels about a service and it’s a game

of perceptions. For the same service, you will have one set of
customers who might love it and an equal measure who might hate
it. When you look across the spectrum, you will find customer
experience expressed in various shades of gray. A service provider
organization in such a situation would look at the majority perception,
and if the popular feedback is to make certain changes, they will
definitely opt to do so.

• Applying the Principles / Learnings: What is the point of

conducting surveys, taking feedback, and spending tons if you are
not going to use the knowledge to make changes to products and
services?

P a g e | 114
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.6.2 START WHERE YOU ARE

Many a time, when organizations jump into transformation exercises or

even where they need to get to point B from point A, it is exciting and
tempting for those involved to start everything anew. Without the
overheads of the current state, the architects would be able to build
anything they want and design masterpieces. In reality, it doesn’t work this
way. To start something from scratch, you need huge capital, and not only
financials. It takes more time to get to point B starting afresh and, most
importantly, getting used to the new ways of working will never be a smooth
ride. Finally, there could be a solid base today that we totally ignore for the
sake of excitement.

In this principle, we encourage starting from where we are rather than

starting all over. We look at reusing the basic core rather than laying a new
foundation. And we define a process to make this judgement call.

Assess the Current State

Before you make a call on changing anything, it is worthwhile to see where

you are currently. It may not be an arduous road to the intended target if
you start with what you have. Or it may be better to scrap everything and
start with a blank slate. The answer to either of these options can be
obtained if the current state is assessed objectively.

It is crucial that the assessment carried out is unbiased and is purely seen
through the eyes of objectivity. The assessor must therefore put on the hat
of an inquisitive child that questions every single move, to identify the
motive and to get a true sense of reality.

P a g e | 115
 P a t h w a y t o
E m p l o y a b i l i t y

The true sense of reality can be obtained through measuring.

Measure Everything

How do we know that something is working unless it is measured?

As per Goodhart’s law, “When a measure becomes a target, it ceases to

be a good measure.”

In service management, several metrics are gathered and key

performance indicators (KPIs) are tracked. However, where some of the
organizations can possibly go wrong is by measuring the wrong numbers.

Going back to outputs and outcomes: track outcomes, not the outputs.
The service desk is often pegged with a KPI known as first time right, which
puts the onus on the agent to resolve the issue while the caller stays on the
line and not have to put the ticket on hold or pass it to a colleague. To
accomplish this KPI, the agent might try to close out the call with an
incomplete resolution leading to a desired output but not necessarily a
favorable outcome. Instead of measuring the first-time right parameter,
measure if the customer had to call back again to report the same issue;
measure if the customer feels that the solution provided is complete; and
measure mainly from the customer’s perspective. This will give the true
sense of measurements that gives the organization a taste of reality.

Applying the Principles/Learnings

With a good understanding of the current state of affairs backed by

measurements that give a well-rounded reality, you will be in a fairly good
position to decide to opt for overhaul or build/renovate over the existing
state.

P a g e | 116
 P a t h w a y t o
E m p l o y a b i l i t y

Reiterating and putting the principle to practice, the approach you are
likely to undertake will resemble the four steps indicated in Figure

This principle can be applied to products, services, processes, practices,

team structure, or any other part of the organization and service value
system.

It is extremely uncommon that products, services, or practices get

overhauled without reusing what is already there. Even in transformation
exercises, we reuse what is already there and start building on top of it.

1.2.6.3 PROGRESS ITERATIVELY WITH FEEDBACK

The third principle relates directly to the Agile project management

framework, where the work is broken down into individual chunks and is
delivered in several iterations. DevOps being a superset of Agile builds on
the principle of iterations that are defined by feedback.

The concept of Agile delivery, as the name goes, is built on the premise that
the requirements change and a project undertaken with a traditional
approach fails to create value, as the perception of value (requirements)
changes by the time it is delivered. To avoid this gulf between value and
delivery, project management transformed into delivering in several

P a g e | 117
 P a t h w a y t o
E m p l o y a b i l i t y

iterations, and each successive iteration would consider the changing

requirements and the feedback received from the involved stakeholders.

Importance of Feedback

Not all feedback is gold. You get chaff as well. So, it is important that the
feedback is studied, and measured against the product you are designing.

A product or a service must remain relevant in the market today, it needs

to rely on customer feedback and must evolve dynamically.

The role of feedback must be upheld to the highest order and at every
stage of the service delivered. Feedback should be requested and
customers must be persuaded to provide feedback. Unless the service
provider knows what the customer is thinking, they will never have an
accurate understanding of the wants and needs, which translates to value
being delivered, which further leads to continuation of the business
relationship.

A mature feedback process can expect to gather:

1. Perception of the user of the product/service

2. Perception of the customer of the product/service
3. Upcoming requirements (demand)
4. Understanding of the value chain deficiencies
5. Information around customers’ relationships with their partners,
suppliers, and service providers
Feedback Feeding Iterations
Iterations are like mini projects. The entire sequence of development and
testing takes place within an iteration. Most importantly, iterations are time
boxed, meaning there is a definite time frame for when iterations start and
when they end. Unless notified, one iteration follows another and then the

P a g e | 118
 P a t h w a y t o
E m p l o y a b i l i t y

next. These iterations are referred to as sprints in the Agile framework. This is
illustrated in Figure below:

So, although iteration through Agile gives great flexibility, there are
constraints that decide which piece of work gets accepted into an
iteration; generally it is not recommended that new pieces of work get
accepted into an iteration midway.

Typically at the end of a sprint a demo session is held for the customer. The
customer is expected to participate and provide feedback. The feedback
is immediately considered, analyzed, and the customer is asked to prioritize
working on the feedback or other open items. Based on the customer’s
directions on prioritization, the team works on the requirements in the next
iteration. In essence, feedback fuels iterations and has a definite bearing
on the development that happens in every iteration. So, it is essential that
the service provider obtains feedback and reverts to the customer quickly
to ensure the power of feedback in iteration is not lost.

Applying the Principles/Learnings

P a g e | 119
 P a t h w a y t o
E m p l o y a b i l i t y

Using iterations does not imply that the development happens at a quicker
pace. Iterations and MVP also do not imply that incomplete or half-baked
products are released into the market. A product can be broken down into
several pieces of individual functionalities. In iterations, individual
functionalities are identified to be developed in a time boxed period.
Specifically, in MVP, the minimum set of functionalities required to
characterize the product is included.

While we recommend working in iterations fed by feedback inputs, we

should not lose sight of the end product that has been visualized. In other
words, do not stray away from the final objective that you need to achieve.
It is possible that working in iterations puts on blinders to the teams involved,
which is not entirely wrong. Therefore, a customer representative, a project
team member called the product owner is in place to keep tabs on the
progress in relationship to the final product delivery.

There are many traps that the development team can fall into. One of the
common traps is to develop once and develop right; a good amount of
analysis goes in before the development can begin. At times, the analysis
is so deep and in detail, the team in charge of it would not know where to
stop their analysis and this concept is called analysis paralysis . To avoid this,
every activity that the team undertakes needs to be time boxed, including
the non–core-developmental efforts.

1.2.6.4 COLLABORATE AND PROMOTE VISIBILITY

Collaboration, cooperation, and visibility are some of the key factors that
drive Agile and DevOps methodologies. Especially in DevOps, without
team members and teams collaborating, the thought of a single team
coming together for the success of a product is unthinkable. Likewise, the

P a g e | 120
 P a t h w a y t o
E m p l o y a b i l i t y

work that is done must be transparent to the customer. The customer needs
to be involved in day to day activities. Hence the need for the product
owner to be a part of the development team. The days of service provider
organization being a black box are over. Welcome to the world where
customers and service providers collaborate, share, and become partners
in creating value and success.

Collaboration Partners

The days of a single service provider or complete in-house delivery are over.
Multiple service providers must work together toward a single product
delivery. For example, an application could have a company working on
the development side of things, another organization supporting it, and yet
another organization taking care of its interfaces. In such a scenario, there
are bound to certain trade secrets that organizations would want to keep
under wraps. However, doing so will only harm the customer because it
results in poor delivery, delayed resolution, and increased rework. So, do
the organizations shun their differences and their unique selling propositions
for the betterment of the customer? The answer could be yes in certain
situations. The situation could be when multiple service providers are
working on the same piece of code or a shared technology.

Another collaboration opportunity is between the service provider and the

customer. Today customers engaging at every level of the delivery
including initiation and planning. While sharing between service providers
is acceptable with a pinch of salt, when it comes to customers it is not that
easy. Service providers do not naturally feel comfortable to invite the devil
into their homes. They want to avoid questions that might pertain to
capacity, ways of working, and the technologies employed.

P a g e | 121
 P a t h w a y t o
E m p l o y a b i l i t y

The game of collaboration between a service provider and a customer

must be played with specific rules. The customer becomes part of the team
and is responsible for prioritizing the backlog items and clarifying the
requirements. The development team and the customer come together
daily to share updates, including those where they are stuck. This
necessarily removes the surprise element from the equation. When the
sprint ends, the demo that the product owner witnesses is not something
like a movie premiere seen for the first time. They would have witnessed its
growth from day 1, and the demo is an event where the delivery gets
accepted and further feedback is given, which helps during the rest of the
delivery process.

Means of Communication

The world is flat—not literally though! Customers, service providers, and

other stakeholders sitting in a single location is as rare as hen’s teeth.
DevOps calls for collaboration, and this is possible through frequent
conversations and visibility of work.

Video calling, group chats, and boards for sharing information (like we do
on Facebook) are some of the common features that enable information
sharing with the familiarity of sitting across the table. The service provider
and the customer must ensure such tools are made the platform for all
communications and should move away from other forms.

For improvements to happen, the role of feedback is at the center. This

communication takes place through customers who talk to the service
providers, generally speaking. But what about the general users who don’t
get a chance to voice their opinion and feedback? To get their feedback,
surveys and studies are conducted to gather feedback. Based on the

P a g e | 122
 P a t h w a y t o
E m p l o y a b i l i t y

general perception and feedback, contact is made with users to get

clarifications if needed, and improvement action undertaken.

Expanding Visibility

The various initiatives and activities that are taken up are not always known
to the various layers in an organization. It stops at a certain management
level and does not trickle down. This lack of visibility plagues most
organizations today and is a leading hindrance factor to creating team
spirit and invigorating loyalty. Leaders must spread the message of what
the organization is doing, especially in product/service development and
improvement initiatives. This information should percolate along with the
reason for doing it in the first place and how it points to true north: the
organization’s vision and mission goals. Most importantly, this is not a one-
time effort. Such communications should be periodic, and the means
matter too.

The next area where lack of visibility is common is in product/service

development where the customers feel that after getting the requirements,
the development team seems to have disappeared. Poor visibility on work
progress will set in panic for the customer because without it, there is no
guarantee that the product/service will be delivered on time and as per
the specifications.

Think about the domino effect. Poor visibility will impact decision making as
well.

Applying the Principles/Learnings

The principle of collaboration and promoting visibility has multiple facets of

learning. The most important of them all is visibility of work across an

P a g e | 123
 P a t h w a y t o
E m p l o y a b i l i t y

organization and visibility of work progress to customers and decision

makers. Plaguing decision making is perhaps the biggest sin one can make
in a corporate setting.

Keep the customer as the focus and integrate the teams around the
customer.

Communication is another key aspect, which according to some studies

makes up 65 to 75 percent of the overall project time. So, it is imperative
that we get this right. Identify the right types of communication and
communicate periodically to the right people. Seek feedback and use it
wisely.

1.2.6.5 THINK AND WORK HOLISTICALLY

No product or service stands alone to deliver value. It needs to be

connected to other services to fulfill all objectives. Take any example that
you could think of, IT or not. More and more we are realizing that all things
are connected. If any of the leading countries takes a dip, economies and
markets around the world follow the dip. For months and years to come,
there will be all kinds of problems with supply, demand, and other trades.
Whenever you plan and execute activities surrounding products or services,
do not think small, but cover your scope from one end of the spectrum to
the other.

Applying the Principles/Learnings

A database such as a configuration management database

(CMDB) identifies and documents the integrations and dependencies.

P a g e | 124
 P a t h w a y t o
E m p l o y a b i l i t y

Such a picture needs to be drawn for every product/service for us to be

able to define the road map with the right set of stakeholders.

One way of defining products and services is through the number of

integrations that they come built with. The more integrations, the more
complexity, because making any changes would require visibility to all
stakeholders and concurrence too. Even if the involved technology and
coding could be simple and straightforward, the complexity grows with the
integrations. This is one of the primary reasons for middleware products to
be considered most complex, and every change requires plenty of forward
thinking and planning.

To manage complex integrations or any number of integrations for that

matter, collaboration and providing visibility (guiding principle #4) is the
key. Along with this, you need to have an agreed set of principles,
processes, and practices so that everybody in the value chain talks the
same language and points toward true north.

1.2.6.6 KEEP IT SIMPLE AND PRACTICAL

Minimalism is a theme that has been picking up pace since the Second
World War. The concept is to do the minimal set of things necessary. In all
areas of life such as arts, films, architecture, and even in technology, it has
become the new norm. It follows the principle of doing the minimum
number of things to achieve the objective as long as it is within the set
bounds and is practical.

Keeping things on a leash to achieve the objectives in a minimal way is not

alien to IT and IT management frameworks. The Lean transformation
framework, which is strongly associated with Agile, guides optimizing the

P a g e | 125
 P a t h w a y t o
E m p l o y a b i l i t y

resources, people, efforts, and energy of your organization toward creating

value for the customer.

The sixth guiding principle—keep it simple and practical—also embodies

the principles of Lean, and the guidance is around keeping things
minimalistic and pragmatic.

What to Shelve, What to Keep

This is an interesting decision, isn’t it? When there are several process
activities, several services with varying crosslines, the identification of the
activities and services that are sheer waste is not visible like neon in the dark.
A detailed analytical exercise must be undertaken, especially if the services
and processes have overbearing dependencies, to identify the fault lines.
We can carry out an activity similar to the business impact analysis, where
every activity is analyzed from all possible angles to identify the impact to
the business, to the service provider, and to other involved parties.

During design it is natural to add activities to review other activities in a bid

to get the outcome right.

Enablers to Simplicity and Pragmatism

The design that is put in place must look at the inputs, players, triggers, and
outcomes holistically and find a solution that is conflict free. You do not
want to introduce conflicts, which is a surefire way of ensuring failure.

Picking an IT service management example this time, change

management is a classic example of governance playing ball with
operations. There are approval processes to ensure changes can go into

P a g e | 126
 P a t h w a y t o
E m p l o y a b i l i t y

the system. If you are tasked with a design to expedite changes, you would
propose a standard change management process whereby the changes
are preapproved and can be carried out during the agreed terms and
conditions. Having just a standard change management process is not
sufficient; there are too many loopholes and conflicts. How do you ensure
that it is compliant? Sure, an audit is one way, but it’s too reactive and the
hit rate is too small. How about embedding the change management
process with some automation, such as providing write/modify accesses to
servers only when a change is registered with the server configuration item
mapped to it, along with the change window. Only during the change
window does the server allow its configuration to be changed. This is just
the tip of an iceberg; a lot more can be conceived and achieved on the
back of this idea to ensure that unauthorized changes do not get
executed.

Applying the Principles/Learnings

The minimalistic lifestyle is popular for a reason. It gives people fewer things
to worry about and increases the happiness quotient. How? It removes the
complexities in life that otherwise would take considerable efforts to
maintain. Apply the same principle to service management as well. Keep
things simple and run proof of concepts to ensure it is practical.

The easiest way to achieve it is by doing a business impact analysis (as I

stated—and not the traditional one). For every activity, find out how it is
adding value, and whether it is taking you closer to the outcome or not. If
it is either taking you away from the goal or standing still, then it is a waste
that you can well afford to lose.

P a g e | 127
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.6.7 OPTIMIZE AND AUTOMATE

The final guiding principle is around fine tuning and cranking the service
management system to deliver in full force: optimize and automate. When
this principle is applied, the product, service, or processes are already in
place. It is a matter of making it more effective and efficient, and not about
the functionality itself. Optimization deals with the effectiveness of
removing wastes from the system and introducing activities or modifying
existing ones toward bettering the outcome.

Automation, on the other hand, deals with efficiencies that are gained by
using technology. Automation removes human intervention and ensures
that the activities entrusted to it are completed successfully to a tee. What
we achieve through automation is speed (efficiency gain) and negation of
human errors. However, there is a limitation on the kind of activities that can
be automated. Only activities that are repetitive in nature—where the
nature of inputs, work processes, and outputs are concerned—can be
done by the machines. Other activities that require human cognizance
cannot be automated, at least for now. There are artificial intelligence
engines built by organizations that are trying to emulate human brains,
though it is not conclusive that they can replace them completely.

These days all industries employ automation. It is necessary no matter how

many human resources we have, because certain activities such as
monitoring infrastructure or self-healing are better done by the machines
than us; we are too slow and may lack the focus to keep an eye on things
every second.

P a g e | 128
 P a t h w a y t o
E m p l o y a b i l i t y

Optimization Practices

Any work processes that we can think of can be optimized. Think about the
day to day processes and workflows that we deal with. Even after
optimizing them, you can perhaps still find more opportunities to optimize.

My point is that every process, workflow, and service can be optimized as

many times as needed—if there is sufficient capital, zeal, and ideas.

Carrying out optimization somewhat follows the continual service

improvement (CSI) process that existed during the ITIL V3 days:

• Agree on the scope of optimization

• Analyze the areas which are in scope
• Measure the baseline for future comparison
• Agree with stakeholders on the road map
• Ensure all stakeholders are involved in the process and gather their
inputs
• Execute improvements in an iterative manner
• Keep track of the metrics that define the optimization success
• Compare metrics with baseline to obtain the level of
optimization achieved

Automation Practices

As is the case of optimization, automation too can be applied to most of

the areas. The only constraint could be the application of technology into
the particular area.

P a g e | 129
 P a t h w a y t o
E m p l o y a b i l i t y

In the area of DevOps, we use automation heavily: including continuous

integration, continuous delivery and deployment, automation/continuous
testing, monitoring, self-healing, configuration management, and cloud
management, among others.

Applying the Principles/Learnings

Reiterating the learnings in this principle:
• It is a good practice to optimize first and then to automate, to ensure
that the automation carried out does not exemplify and increase the
complexity required for automation on nonoptimized work processes.
• Measure everything. The only way you can decide whether an
optimization has worked is through the metrics.
• When it comes to technology, there will certainly be dependence on
capital. The best way to counter it is to start with technologies that
are already employed. Once they bear fruit, capital could flow easily.
• All optimization and automation activities should be carried out in
iterations, along with the feedback received from previous iterations
(principle #3).

P a g e | 130
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.7 APPLYING THE GUIDING PRINCIPLES

Now that you are familiar with the 7 guiding principles in the ITIL framework,
let’s apply the principles in your service desk configuration.

Here are some common service desk scenarios demonstrating ways to put
these guiding principles into practice in your organization.

1.2.7.1 FOCUS ON VALUE

“Everything the organization does should link back, directly or indirectly, to

value for itself, its customers, and other stakeholders.” A common request
from the service desk is to run recurring reports—usually on a weekly or
monthly basis. Since executives often initiate these requests, they are
delivered without question. Have you ever stepped back to ask, “Why?”
"Focus on value" encourages teams to do just that—ensure you're
delivering and maximizing value. That also means encouraging people to
ask questions about the requests they receive. For those responsible for
running the reports, consider asking the following: Who reviews this report?
What story does this data tell? It may be that the report goes straight in the
email trash folder. Maybe it could have more value if the data was
presented differently or aligned with other key company objectives.
Perhaps there’s a better audience or a more efficient way to review the
information. When doing work, supporting services, and designing
products, always remember to ask: Does this help create value?

1.2.7.2 START WHERE YOU ARE

“The current state should be investigated and observed directly to make

sure it is fully understood.” In a nutshell, don’t start from scratch without first
considering what you already have available. A common story I hear from
customers starts with new leadership joining an organization. Stepping into
a new position often requires a review of current ITSM practices, like a new

P a g e | 131
 P a t h w a y t o
E m p l o y a b i l i t y

IT director assessing the service desk’s classification of incidents. This

presents an opportunity to improve the organization's categorization, which
could improve the platform's ease of use, streamline incident routing, and
drive more granular reports. Rather than scrapping everything, this IT
director can take a page from the principle, "start where you are." Examine
what the organization has previously established in their environment and
understand why. What was the design thinking behind how the existing
environment was built, and were there any requirements around why they
are gathering specific data? What value, no matter how small, do they
currently gain from what is already built? There might be significant risks or
consequences to a complete teardown and rebuild. Sometimes it’s
necessary, but it often makes the most sense to “start where you are” and
find areas for improvement. You need to know where you are before you
can get to where you want to go.

1.2.7.3 PROGRESS ITERATIVELY WITH FEEDBACK

“Do not attempt to do everything at once. By organizing work into smaller,
manageable sections that can be executed and completed in a timely
manner, it is easier to maintain a sharper focus on each effort.” Using
feedback before, throughout, and after each iteration helps ensure that
actions are focused and appropriate, even if circumstances change. Let’s
say an organization is implementing a new ITSM platform, intended for
multiple internal service providers' workflows and day-to-day functions. The
improvement manager is weighing the possibility of implementing the new
system in a phased approach or as one concentrated initiative.

Keeping this guiding principle in mind can:

• Reduce organizational impact by focusing on a set of resources at a
time
• Foster visibility into areas for improvement for future phases
• Ensure that the focus is maintained for each business unit during their
stage of the project

Do less at once, and do it better.

P a g e | 132
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.7.4 COLLABORATE AND PROMOTE VISIBILITY

“Working together across boundaries produces results that have greater

buy-in, more relevance to objectives, and increased likelihood of long-term
success.” A business customer for an IT department asks for ways to deliver
their services better. To do this, IT knows that it will require major changes to
the infrastructure. The changes will take some services offline for the
duration of the improvement activities, including services unrelated to the
specific asks of the initial business customer. Following this guiding principle
and encouraging a partnership across stakeholders can produce the
following results:

• Reduce or avoid negative impact or downtime

• Create an opportunity to show value in these changes for the other
areas of business
• Allow for other potential improvements to be realized by these
activities

Encouraging cross-functional knowledge makes for a smarter, more

successful organization.

1.2.7.5 THINK AND WORK HOLISTICALLY

“No service, or element used to provide a service, stands alone. The

outcomes achieved by the service provider and service consumer will
suffer unless the organization works on the service as a whole, not just its
parts.” When considering an improvement to one of their primary services,
an organization must think about four dimensions of service management:

• The people (consumers) wish their experience was more user-friendly.

• The technology their consumers interface with needs to be
compatible with the technology of the service it’s hosted on.
• The service is hosted by a third-party partner.
• The current processes to manage and support the service may
receive significant change as a result of this improvement.

P a g e | 133
 P a t h w a y t o
E m p l o y a b i l i t y

The whole of a service has four dimensions to always consider: the people,
the information and technology, the partners/suppliers, and the processes.

1.2.7.6 KEEP IT SIMPLE AND PRACTICAL

“In a process or procedure, use the minimum number of steps necessary to

accomplish objectives.” When a process is designed to meet an objective,
it should run efficiently. As process improvements are introduced,
technological advancements and business partners' needs should also be
taken into consideration. Following this principle encourages stakeholders
to break from "what's known" in an effort to embrace practicality. When
internal service providers such as human resources embrace the digital
transformation, there is often a migration of processes from hardcopy PDFs
to digital workflows. Consider onboarding a new hire. Information
traditionally collected in a paper form can be easily collected digitally.
Retaining the form's simplicity but translating to your ITSM tool can
automate data collection and streamline the process. Most organizations
have an idea of how the onboarding process should flow. Connect with
stakeholders to outline a workflow that automates notifications and assigns
tasks to the appropriate parties based on the digital form you create. This
workflow should simplify the means to the end goal, and the only way to
do that is to involve each stakeholder in its construction. Work should deliver
results, not create more work.

1.2.7.7 OPTIMIZE AND AUTOMATE

“Eliminate anything that is truly wasteful and use technology to achieve

whatever it is capable of. Human intervention should only happen where it
really contributes value.” IT teams are usually familiar with category-based
ticket routing, which allows certain incidents to skip the general queue and
land directly with the appropriate agents. Other teams within the
organization can leverage similar automation. Many legal teams intake
requests through manual assignment. As each request comes in, the
manager reviews and assigns based on his/her employees' expertise.
Introducing an ITSM platform enables the manager to leverage the unique
skills of each employee by automating request routing. When defined
parameters are met, the requests are automatically dispatched to the

P a g e | 134
 P a t h w a y t o
E m p l o y a b i l i t y

legal employee that meets the appropriate skill set. Optimizing service desk
categories, and then using that data to automate ticket routing is a great
way to deliver faster resolutions. But the automation is only possible when
the configuration and workflows are carefully planned. Follow this guiding
principle to help requests get fulfilled in a more efficient manner. Optimize
to do it right. Automate to do it efficiently.

Putting Principles into Action

Building value through the consistent application of ITIL principles is not

terribly complicated. The value proposition is inherent in the principles
themselves. It may take a bit of effort to assimilate them into practice at the
IT Service Desk, but the rewards are definitely worth it – for both you and
your customers.

P a g e | 135
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.8 IT GOVERNANCE FRAMEWORK IN

ITSM
Governance is a formal framework which provides a structure for an
organization to ensure that there is a means for an organization to
establish direction and control. All the investment made by the
organization supports business objectives and creates value.

IT governance comprises of processes, tools, and methodologies which

enable an organization to ensure the alignment of business strategy &
goals with an IT service (services), IT Infrastructure and the environment.
IT governance complements an organization by enabling it to achieve
its goals and objectives, through this alignment.

Aligning an IT strategy to business strategy is an essential need which is

fulfilled by the establishment of a formal governing structure, both at
organization level & IT. That is, an IT governance is an integral part of
overall enterprise governance. Through a formally established
framework, an organization can achieve its strategies and goals, by
producing measurable results.

IT governance provides the set of policies, rules and regulations, which

defines and ensures an effective, efficient, valuable, controlled IT
operation of an IT department. IT Governance also helps in evaluating
the performance of IT and its contribution to the business and business
growth.

P a g e | 136
 P a t h w a y t o
E m p l o y a b i l i t y

ITIL4 complements COBIT, the IT governance framework, by aligning to

it. By embracing such frameworks, an organization can comply with
regulatory requirements.

Governing bodies and governance

An organization embraces a governance structure through which the

organization’s direction and control mechanism is established.
Governance considers and demonstrates three main activities. That is,

• Evaluate
• Direct
• Monitor

Evaluate - focuses on evaluating the organization, its strategy, its portfolios,

organizational relationships with other entities and individuals. The
governing body ensures the evaluation of the organization regularly to
ensure the needs of the stakeholders are met and to keep the organization
aligned and in compliance with evolving circumstances in an
organizational environment.

Direct - refers to the assignment of responsibilities by a governing body,

which ensures preparing and implementing strategies and policies for the
organization. Strategies focus on setting the directions for all the
organizational activities, investment (current & future) etc and also helps in
justifying the investment decisions. Policies focus on establishing the
guidelines for setting the required (accepted) behaviour across the
organization and guides on how to demonstrate those, which are
applicable to all the stakeholders like employees, partners, customers,
suppliers and all others.

P a g e | 137
 P a t h w a y t o
E m p l o y a b i l i t y

Monitor - the organization’s performance is monitored by the governing

body on a continual basis. It monitors the performance of the organization,
its practices, processes, services & products. By monitoring, the governing
body ensures that the performance of the organization is as per the set
directions and complying to defined policies.

It evaluates, directs and monitors all the organization’s activities, including

those of IT service management. COBIT being the framework which is well
acknowledged and adopted, mentions the following processes, which are
called as EDM Processes

• Ensure Governance Framework Setting and Maintenance.

• Ensure Benefits Delivery.
• Ensure Risk Optimisation.
• Ensure Resource Optimisation.
• Ensure Stakeholder Transparency.

The objective of these processes is provided below;

1. The process, “Ensure Governance Framework Setting and Maintenance”

ensures;

• Providing a consistent and integrated approach which is aligned with

the enterprise governance approach.
• Enabling the IT-related decisions aligned with the enterprise’s
strategies and objectives.
• Overseeing the IT-related processes to ensure its effectiveness and
efficiency.
• Improving and confirming compliance with legal and regulatory
requirements.

P a g e | 138
 P a t h w a y t o
E m p l o y a b i l i t y

• Meeting the governance requirements for board members.

2. The process, “Ensure Benefits Delivery” ensures;

• Securing an optimal value from IT-enabled initiatives, IT services and

Service assets.
• Delivering cost effective and efficient services.
• Supporting business needs by providing the right visibility of costs
which are reliable and accurate to support business needs effectively
and efficiently.

3. The process, “Ensure Risk Optimisation” ensures;

• Ensuring optimization of risk by considering risk tolerances and risk

appetite of organization so that IT-related enterprise risk does not
exceed beyond those.
• Identification and management of the impact to enterprise value
due to IT Risk
• Minimizing the compliance failures.

4. The process, “Ensure Resource Optimisation” ensures;

• The resource requirements of an enterprise are fulfilled optimally.

• Optimization of IT costs.
• Increasing the likelihood of benefit realisation
• Ensuring the readiness for future change.

P a g e | 139
 P a t h w a y t o
E m p l o y a b i l i t y

5. The process, “Ensure Stakeholder Transparency” ensures;

• Timely and effective stakeholder communication.

• Ensuring identification of improvement and enhancing performance
and reporting.
• Aligning IT-related objectives and strategies with the enterprise’s
strategy

Governance in the SVS

As Service Value System has multiple components in it and is applied to the

entire organization at all levels for one or more products or services.
Governance performs at various different layers of the organization. An
effective governance throughout the lifecycle i.e. service value system
requires effective delegation across different layers.

While delegating the organization should retain and ensure alignment with
the directions, objectives, goals, vision, priorities of the organization.

P a g e | 140
 P a t h w a y t o
E m p l o y a b i l i t y

Defining and adopting the specific set of principles are necessary for every
organization. One of the options is to adopt the principles defined in the
best practices like ITIL4. The specific set of principles and guidelines
adapted and adopted across the governing body should have the visibility
of values, outcomes, outputs, activities and metrics for measuring at all
levels aligning to the value of the organization and its stakeholders.

P a g e | 141
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.9 THE SERVICE VALUE CHAIN, ITS

INPUTS AND OUTPUTS, AND ITS ROLE IN
SUPPORTING VALUE STREAMS
The Service value chain (SVC) is the core part of Service value system (SVS)
which has all the key activities, which are required to be performed for
accomplishing the service value, through the service results (outputs) &
outcomes. The service value chain is flexible enough to be adapted to
multiple approaches, including DevOps and centralized IT, to address the
need for multimodal service management. The adaptability of the value
chain enables organizations to react to changing demands from their
stakeholders in the most effective and efficient ways.

The six service value chain activities are;

P a g e | 142
 P a t h w a y t o
E m p l o y a b i l i t y

• Plan
• Improve
• Engage
• Design & Transition
• Obtain / Build
• Deliver & Support
Organization sustenance and success depends upon the way it responds
to different scenarios. Establishing a service value stream by establishing the
specific combination of activities and practices for the specific situation is
very important. The value stream has to be defined and designed to suit
the specific scenario, and has to provide a complete guidance to the roles,
practices & activities required to address the needs of the initiative or for
resolving an issue (or issues).

The different combinations of the various practices defined with certain

specific set of activities are performed throughout the service value chain.
ITIL®4 defines 34 practices, which are classified as General management
practices, Service Management practices and Technical Management
practices. The activities are performed by in-house & third-party resources
with specific skills & capabilities (skills & competencies) for the practices
defined to accomplish the value.

For example, the value chain activity, “engage”, might draw upon the
practices like service relationship management, service desk
management, service request management and (or) supplier
management etc., for responding to the varying demands for services &
products which would support in making the right decisions by collecting
right information from various stakeholders.

P a g e | 143
 P a t h w a y t o
E m p l o y a b i l i t y

An Example: HR Management Services

A HR Management of an organization will have to establish the value chain

across various services provided by them like Employee engagement,
Training & Development, Career Management, Employee Retention,
Conflict Management, Claims Management etc. Assume a scenario,
where the organization has decided to introduce an intranet application
which would consolidate and provide all the service through this portal.

This requires development and management of an application which

involves conceptualization, business analysis, development, release, and
support. The organization has to develop a number of practices which are
supported with specialized resources and techniques.

This would involve:

• The development of the HR application starts with initial engagement

with various stakeholders in the organization, then proceed to
business analysis, prototyping, drawing up the plans, development,
testing, and eventually to release and support. That is, Engage,

P a g e | 144
 P a t h w a y t o
E m p l o y a b i l i t y

Design & Transition, obtain & build and deliver activities of service
value chain.
• Further while the application is live and employees start using the
application, it is required to deliver & support to sustain & improve the
performance of the HR application.
• While the application is released and deployed, it is used by
employees. It is also important to plan and improve the HR services
continually.
The establishment of value streams happens through the combination of
practices and value chain activities in various ways. This has to be improved
by improving utility and warranty of products and services and by
increasing the potential value for the consumers and the organization.

Further, it is very important for the organization to be able to adapt to the

changing circumstances. This would involve changing the utility & warranty
aspects of products & services by which organization can always align and
fulfil the customer requirements in the modern dynamic world.

SVC Activities

The SVC activities working together, in unison establish the service value stream.
Each of the SVC activities ensures a unique contribution and complements every
other service value chain activity. They establish a specific combination of activities,
process, and practices and involve various different types of resources. Each activity
has specific objectives, and these objectives align to value stream enablement. All
the activities have specific set of inputs and specific set of outputs.

The SVC activities are Plan, Improve, Engage, Design & Transition,
Obtain/Build and Deliver & Support.

P a g e | 145
 P a t h w a y t o
E m p l o y a b i l i t y

1. Plan

The service or products being delivered by an organization would have an

intended purpose and address specific objectives. This would be always in
alignment to the vision and direction of the organization, as established by
the governing body of an organization. The plan value chain activity has
to ensure the right understanding of the vision, its current status, and
improvement for all the four dimensions and all products and services
across the organization.

The inputs and outputs for the activities come from (& go to) other value
chain activities like engage, improve, design and transition, obtain/build
and governing body.

Input:

• Governing body provides policy, requirement and constraint (For

example: The applicable policies for HR services, which are to be
followed by the employees of the organization)
• The details of demand, opportunity, third-party service components
form engage (For example: Demand can be expressed like, number
of employees using the intranet portal, opportunity can be
improvement which can be brought into the organization by using
portal services, third-party service can be internet services, hosting
services etc.)
• Improvement initiatives, value chain performance information, plans,
improvement status are provided by improve (For Example: Plan for
improving the production by saving time used to submit claims, give
the uniform experience across the employee community, providing
opportunity by creating a learning module as part of HR Portal etc.)

P a g e | 146
 P a t h w a y t o
E m p l o y a b i l i t y

• Details about new or changed services or products are provided by

design & transition, obtain/build activities (For Example: Details like
currently running processes and practices, tools used for HR services
are captured, and used to understand the details of newly defined
services or products or improvements for HR services)

Output:

• Strategic, tactical, and operational plans (Here the strategic plan

would be to improve the efficiency and effectiveness of the
organization as a whole, tactical at service level and operation at
transaction level)
• Portfolio decisions for design and transition (Defined list of services
which can be availed through the HR service portal and their design
and transition blueprints)
• Architectures and policies for design and transition (Defined list of
architecture or solution, technological, MIS and tools, processes,
measurement methods and metrics etc., for HR service portal)
• Improvement opportunities (Identified list of improvements which are
addressed through the new solution i.e. HR service portal)
• Contract and agreement requirements for engage. (The defined list
of contract and agreements needed to establish the HR portal
services like Under-pinning contracts, for the service provided by
external suppliers like internet service providers, AMC services, hosting
services etc.)

2. Improve

All the services / products perform at certain levels and they should be
improved on a continual basis. Improvement is not one folded, it is multi-

P a g e | 147
 P a t h w a y t o
E m p l o y a b i l i t y

folded. That is, improving the processes, practices, services, products,

individual skills etc.are essential. This needs consideration of all the four
dimensions of the service management.

The inputs and outputs for the activities come from (& go to) other value
chain activities like engage, design and transition, obtain/build, deliver &
support and all the value chain activities.

Input:

• Information and knowledge about product and service performance

from deliver and support (While the HR Portal services are provided
and availed by employees, the performance of the services has to
be monitored and measured, which reveals & provides insights
towards opportunities to improve)
• Feedback from stakeholders through engage (Engaging with
stakeholders like employees of the organization who are using the HR
Service portal, employers who have invested etc.), can help in
understanding the contribution or achievement of the intended
objectives and further improvising it. The feedback from stakeholders
shall also involve sharing the opportunities for improvement.
• Performance information and improvement opportunities provided
by all value chain activities (As the service progresses through the
service life cycle, the coordination among the various activities,
processes, practices etc., would provide the information about the
improvements required. For example: if the submission of a request
done by an employee is taking a certain amount of time and one of
the reasons for it is filling the template while raising the request, then
this is an opportunity to improve the process by optimizing the number

P a g e | 148
 P a t h w a y t o
E m p l o y a b i l i t y

of inputs required and ensuring the reduction in time to submit the

request.)
• Knowledge and information about third-party service components
from engage. (The performance measurement of an internet service
used to access the HR Portal services would help in optimizing or
increasing the internet service bandwidth to enhance the service
experience seamlessly.)

Output:

• The improvement opportunities / initiatives identified and the plans to

accomplish those improvements with prioritization considering all the
value chain activities
• Evaluating, producing & sharing the performance of value chain
activities
• Producing and sharing the improvement status reports of all the value
chain activities
• Provide the service performance information for value chain activities
like design and transition.

3. Engage

The service can be termed as successful, when the stakeholders realize the
value. Value is always defined in customer perspective. However, the need
of all the stakeholders cannot be ignored. The value realization is critical
and only then the utility & warranty defined would make sense.

While the services are consumed, one has to establish a mechanism to

become aware about the service value creation and acknowledgement
of value realization. To accomplish this, it is very essential to engage with

P a g e | 149
 P a t h w a y t o
E m p l o y a b i l i t y

the stakeholders continually i.e. customer, consumers, suppliers, team etc.

This will help in obtaining a good understanding of the needs of
stakeholders, and will create transparency and establish a good
relationship with the stakeholders.

Input:

• The entire list of portfolios of product and service, provided by plans

like claims services, skill enhancement, employee engagement,
leave and attendance management, medical claims etc.for the HR
portal service depicted earlier.
• The details of demand identified and assessed for services and
products provided by internal and external customers like employees,
management, HR executives etc. Identifying services regularly
availed by users of the services (like leave), and those availed
occasionally (medical claim) etc.
• The detailed list of requirements provided by customers which have
to be fulfilled by services and products. For example, in the instance
of the HR portal services, the list of improvements identified and
agreed upon. Feedback on current performance of the services and
identified opportunities for improvement etc.
• Occurrence of incidents (i.e. failure of services or service component)
and how quickly the restoration of services happened over a period
of time and incident resolution performance etc., so that employees
can continue to use the HR portal services.
• Information on the completion of user support tasks from delivery and
support i.e. incidents, user queries, access requirements, information
of delivered services etc.

P a g e | 150
 P a t h w a y t o
E m p l o y a b i l i t y

• Engaging with partners and suppliers and evaluating their

performance through the established cooperation and obtaining
feedback, contract and agreement etc.
• Capturing the knowledge and information about the new and
changed products and services from design and transition, and
obtain/build, deliver and support, about third-party service
components from suppliers and partners etc., and producing the
improvement status report on a continual basis.

Output:

• A consolidated view of the demands and opportunities for the

product or services requirements throughout the value chain
activities i.e. design and transition, deliver and support, obtain and
build which comprises of requirements of products & services, tasks
for user support, request for change supported through contracts and
agreement established with partners and suppliers respectively.
• The captured knowledge and information about third-party service
components which contributes to all of the value chain activities
across the service life cycle.
• Reports depicting the service performance throughout the service
value chain.

4. Design & Transition

The design and transition activity of service value chain ensures, meeting
the objectives and expectations of the stakeholders by designing and
transitioning the service & products as per the required cost, quality & time
aspects. Design and transition have to consider all the four dimensions of
the products & services i.e. people & organization, Information &

P a g e | 151
 P a t h w a y t o
E m p l o y a b i l i t y

Technology, value stream & process and partners & suppliers.

Releasing the services & products to market in time is a very important

factor to ensure the utilization of the services and products. In our example
of HR portal services, if there is a delay in introducing the portal services, the
value realization will delay. Further, the required quality aspects like
products features, functionalities, and performance has to meet the
defined expectations and has to be produced within the defined budget.
Design and transition have to justify the total cost of ownership.

The inputs and outputs for the activities comes from (& goes to) other value
chain activities like engage, obtain/build, deliver & support, partners &
supplier and all the improvement initiatives.

Input:

• The decision captured in the plan for portfolios of services and

products, which provides policies, architectures, service requirements,
improvement initiatives etc.
• The details of the products performance status reported (both for
improvement, change implemented & performance of product in
production environment) etc.
• Performance of the services & products supplied from the partner &
suppliers, their knowledge & information.

Output:

• Definition of all the requirements and specifications for obtain/build

• All the contract and agreement like Service Level Agreement,
Operation Level Agreements

P a g e | 152
 P a t h w a y t o
E m p l o y a b i l i t y

o Underpinning contracts capturing the requirements which may

be needed for effective engagement.
o Releasing the new and changed services & products delivery
and support, their knowledge & information.
• Information required for improvement of performance through
identified improvement opportunities and current performance
information.

5. Obtain / Build

The obtain/build activity of service value chain focuses on acquiring the

resources required to build the services, build them (configure and
implement), integrate, test and confirm the performance, which has to be
in line with the specification established in architectures (i.e. solution
architecture, technology architecture, requirements established etc.)

As part of obtain/build, all the components acquired are tested at

component level first and at the next level of integration till the service or
product achieves the requirements.

The inputs and outputs for the activities come from (& go to) other value
chain activities like engage, design & transition, deliver & support, partners
& supplier and all the improvement initiatives.

Input:

• The detailed architectures and policies, contracts/agreements with

partners & suppliers (both internal & external to organization), goods
and services supplied, requirements and specifications, initiatives
taken for improvement & their status

P a g e | 153
 P a t h w a y t o
E m p l o y a b i l i t y

• Further, proposed changes, change requests raised to improve the

performance or modify the features of the services or products
• The detailed knowledge & information about new or changed
services & products and the third-party service components supplied
from supplier or partner.

Output:

• Service & service components for design & transition and deliver &
support
• The detailed information & knowledge about the new or changed
services & service components
• The contract & agreement requirements for effective service
engagement
• Information about the performance and identified opportunities for
improvement of service & products

6. Deliver & Support

The value chain activity delivers and supports focus on delivering the
services or products to the customers and ensures that they are supported
throughout their lifecycle. It is essential to ensure that customers realize the
value required. Here all the service actions performed have to be focused
towards providing the uniform customer experience and also seek the
opportunities for improvements continually.

Input:

• The new and changed services & products, contracts and

agreements, service components.

P a g e | 154
 P a t h w a y t o
E m p l o y a b i l i t y

• Improvement initiatives, plans and improvement status reports

• All the user support tasks, information & knowledge about the new or
changed services, third party services & service components

Output:

1. The delivered services (& their information) to customers & consumers

2. Information & knowledge about the performance of service or
products, about the completion of user support tasks for engage,
identified opportunities for improvements etc.

P a g e | 155
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.10 THE 4 DIMENSIONS OF SERVICE

MANAGEMENT

The organization’s focus is on accomplishing its objectives continuously. The

environment where it exists brings in a lot of dynamics which are to be
considered for the organization to become more effective. The various
aspects of service management and achievement of service objective will
not happen in isolation. Its success is based on how each of these are
working in unison.

For example: In incident management practices, the objective is to ensure

the quick resolution of the incident and improve the availability of service.
Here it involves identification of incident, logging an incident, resolving an
incident. Assume the scenario of HR portal services. If the portal services
performance degrades or the portal is not accessible by users, it can be
termed as an incident. In this scenario, identification of incident happens
through users using the services. User calls service desk to log incident and
service desk executives logs the incident, coordinates and gets the
resolution. While doing so, the service desk executive uses telephone (or
physical or digital) & email for communication, a service desk tool for
logging incident, an established process for incident management, tools
for communication & reporting etc.

In the above example, the existence of multiple dynamics and dimensions

is revealed to us. That is people, technology (tools), processes, Information
etc. which are essential for success of an incident management. In a way,

P a g e | 156
 P a t h w a y t o
E m p l o y a b i l i t y

for doing anything, the involvement of multiple dimensions is to be

considered.

ITIL®4 depicts the four-dimension model which comprises of;

The four dimensions relating to the example of HR Portal services would be:

HR Function, entire organization &

Organizations and people
employees

HR Portal, Services, Network (LAN /

Information and technology
WAN) etc.

P a g e | 157
 P a t h w a y t o
E m p l o y a b i l i t y

IT Function (Internal), An external

Partners and suppliers
organization

supplying server / router etc.

Value streams and processes All the HR value stream activities
mentioned above

in section “service value chain”, processes like claim reimbursement, leave

management etc.

The four dimensions are influenced by many factors which are beyond the
control of Service value systems (SVS). That is, Political, Economic, Social,
Technological, Legal and Environmental (PESTLE).

The PESTLE factors for HR Portal example can be;

He political scenario of the region where the

organization is doing the business, influences the
Political
consideration to be made by organization. For ex:
minimum wages act etc.-

The organization’s economic condition in terms of

Economical investment, revenue, costs, currency etc., which are
essential for the organization to sustain and grow

P a g e | 158
 P a t h w a y t o
E m p l o y a b i l i t y

The social environment includes the belief system with

Social certai value, norms & practices of that region and
culture established in the organization.

Technical environments are those in

which organizations produce a product or service that
Technological
is exchanged in a market such that they are rewarded
for effective and efficient performance

The legal environment of business refers to taxation,

Legal regulation of commerce, regulation of competition,
contract binding, legislation and labour regulation etc.

The environment refers to the environment internal and

external to the organization. Internal refers to policy
control,culture within the organization. Similarly,
Environmental
external environment refers to legal, social, climatic
conditions of the location or region where the
organization is operating

1. ORGANIZATIONS AND PEOPLE

The people and the structure of the organization mainly support the vision
and direction of the organization. With the evolving environment,

P a g e | 159
 P a t h w a y t o
E m p l o y a b i l i t y

technology, capability of the individuals there is a lot of transformation in

the structure, size and complexity of the organization.

Organization structure evolves to suit the evolving scenarios of the

organization. The roles & responsibilities, the authority & accountabilities,
collaboration and communication, technology enablement, processes,
practices, policies all of these contribute to the evolution of the
organization structure.

Modern organizations are more and more technologically enabled and

require people with technological capabilities. However, aspects of their
individual traits like ability to communicate, collaborate, manage etc .are
also important factors to look into.

A structure which is established formally for an organization may not be

able to provide the required effectiveness and efficiency. It needs
continual transformation, with evolving culture with continued alignment to
business objectives, continual grooming of skills and capabilities, people
motivation etc.

2. INFORMATION AND TECHNOLOGY

Information refers to processed data with specific context. For example,

the dump of incident for certain period (ex: a month) will be processed to
form the information which will be interpreted to make sense of it, i.e. How
many incidents logged, closed, pending etc. Information further leads to
knowledge which is necessary for managing the services, and identifying
the technology used to create and deliver the services. In relation to
information consideration, organization should look at;

• the information which is processed & managed

P a g e | 160
 P a t h w a y t o
E m p l o y a b i l i t y

• the information and knowledge required to deliver and support the

services
• the details about the way, the information and knowledge are
protected, managed, archived, and disposed of.

For a given IT service the information is created and managed. Further it is

used during building, delivering and supporting (i.e. provisioning,
consuming and measuring). The involvement of technology to process the
data & information is crucial in modern organizational environment, to
meet the drastic changing needs of consumers and customers. The
involvement of technology results in increased efficiency and effectiveness
of the organization.

The technology presence is seen in automation, trend analysis, process &

workflow management, knowledge management, establishing the
communication management systems, collaboration of people
geographically dispersed.

In the modern technology environment more & more emphasis is laid on

micro services, cloud computing, artificial intelligence, IOT, mobile apps,
cognitive technologies, machine learning, deep learning, what not...!
Trends change very quickly and organizations have to realize and adapt to
these scenarios.

Information management is the primary consideration for enabling value

to the customers, and hence consideration of right information is very
crucial. For example, the information consideration like employees’ details,
their employment status, salary, position etc., would be the primary
information consideration while providing HR services. Further this

P a g e | 161
 P a t h w a y t o
E m p l o y a b i l i t y

information has to be protected from unauthorized access, while also

making it available for authorized access as and when needed.

In the modern business environment, the existence of IT is a default and

finding a business organization with no such enablement is non-existent,
which means there is high dependency on IT. Technology considerations
are made throughout the value stream right from the conceptualization,
planning, designing, transitioning, and operation of service or product.

However, it is essential to consider the right technology components which

are compatible with current technology environments, comply with
regulatory/compliance needs, establishing information security needs,
scalability, automation, enabling communication and collaboration etc.

Culture of the organization towards embracing the technology plays a very

important role. People’s ability & skills to handle technology and its
dynamics by acquiring the right skills through self-grooming on continual
basis is very essential.

3. PARTNERS AND SUPPLIERS

The importance of engaging with partners and suppliers to ensure the

success of service management and its dynamics are deliberated in the
partner & suppliers dimension of ITIL®4. It is evident through the service
relationship model depicted earlier.

The partners and suppliers would be involved across the entire value stream
i.e., for designing developing, delivering, supporting and improving the
product or services continually. The relationship established by an
organization with the partner & supplier would be to get the specific service

P a g e | 162
 P a t h w a y t o
E m p l o y a b i l i t y

or product which would complement the service objective and value

creation to the customer of the organization.

This requires establishment of a contract depicting the responsibilities of the

supplier or partner, delineation of duties involved, organization and their
deliverables.

Service Integration and management is one of the methods the

organizations can use to address the partners and supplier dimension,
which involves the establishment of an integrator who would establish the
service relationships for effective communication and collaboration.

The effectiveness of an organization depends on the competencies

demonstrated. To ensure better efficiency and effectiveness, organizations
would focus on their core competencies and on board a partner or supplier
to provide the product/services/resources to complement the ultimate
objective, which would be beneficial instead of doing it on their own. The
various factors influencing this decision would be strategic, culture,
resource availability, capability, constraints (both internal and external),
cost, demand for service etc.

The consideration of involving the right partner & suppliers are to be made
with due care. The culture, the ability of the partner/supplier to understand
the service dynamics and aligning to it is very critical to have a successful
partnership with mutual benefit.

4. VALUE STREAMS AND PROCESSES

Value streams and processes focus mainly on those areas which ensure
integration and coordination of various actions and parts which contribute
towards better value creation for the organization. This dimension is more

P a g e | 163
 P a t h w a y t o
E m p l o y a b i l i t y

concerned about the way the organization has organized the activities or
processes and how it enables and ensures the value creation across all
stakeholders.

The value stream is defined as, series of steps that an organization uses to
create and deliver products and services to a service consumer. A value
stream is a combination of the organization’s value chain activities

An organization should structure its product or services, keeping the value

stream in mind. One should have a clear picture of what is delivered, how
it is delivered, and how to improve those on a continual basis. This requires
identification and understanding of the value stream & having the overall
picture. Further organization should continually assess and understand the
as-is state of the organization scenarios, constraints, the contributors to
waste etc. It may involve people, processes, products, partners/suppliers,
information etc.

In addition to this, it is important to understand how modern technology

can be involved in order to improve the efficiency and effectiveness of the
organization and enhance the user experience.

VALUE STREAM – FLOW FROM PROCESS TO PROCESS

P a g e | 164
 P a t h w a y t o
E m p l o y a b i l i t y

By definition, “A set of interrelated or interacting activities that transform

inputs into outputs”. A process takes one or more defined inputs and turns
them into defined outputs. Processes define the sequence of actions and
their dependencies”.

Processes articulate what has to be done to accomplish an objective. A

well-defined process will ensure the improvement of the productivity within
and across the organization. A process comprises of well-defined,
procedures, activities, work-instructions, templates, roles & responsibilities.

A well-defined process, needs a specific input and delivers specific output.

Every process needs a trigger to start. Process enablers are the resources
with capabilities which are required to do the activity of processes. The
output of the processes is measured with specific metrics. This needs
establishment of critical success factors and key performance indicators.

The feedback taken from the output of the process helps in further
analysing the process performance. Process control plays a vital role in
ensuring the process performance, compliance and improvement. The
process control is accomplished through process owner, audit,
documentation etc.

P a g e | 165
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.11 MANAGEMENT PRACTICES

We are referring to ITIL®4 standard, which defines 34 management

practices to adopt the modern organization dynamics. It considers all the
dynamics of the current organization scenarios like innovation, speed to
market, responding to the market dynamics quickly, scaling resources
dynamically etc.

This needs appropriate management practices for services, projects,

products, design, transition, build, test, delivery, support by adapting and
adopting to drastic changing scenarios. IT Service management defined in
ITIL®4 considers the concepts defined in DevOps, Agile, Lean.

High-velocity service delivery is the need of the modern business (& service)
environment which influences all the practices of a service provider by;

• Focusing on fast delivery of IT services; both new and changed; in

time
• Establishing the mechanism to analyse the feedback on
performance of IT service continually throughout its lifecycle
• Adopting the concepts of agility for continual and fast improvement
in IT services, by processing the feedback quickly and timely.
• Visualizing and defining an end-to-end approach (i.e. entire service
lifecycle, from ideation, through creation and delivery, to
consumption of services)
• Integrating the product and service management practices
• Digitalizing the IT infrastructure by adopting the modern technology
practices like cloud computing, microservices, containerization etc.

P a g e | 166
 P a t h w a y t o
E m p l o y a b i l i t y

• Seeking opportunities (continually) to enable automation across the

service delivery value chain.
•

• These require enabling the organization for adoption of a product-

based organizational structure, defining flexible architecture,
adoption of latest technology practices like cloud computing,
microservices, agile way of doing project management, financial
management, adaptive risk management, human centred design
etc.

The management practices can be defined as a set of organizational

resources designed for performing work or accomplishing an objective. The
management practices are segregated into three parts. They are;

• General management practices (14) which are applicable across

the organization for the success of business and services provided by
the organization.
• Service management practices (17) which are applicable for specific
services being developed, deployed, delivered and supported in an
organization environment.
• Technical management practices (3) have been adapted from
technology management domains for service management
purposes by expanding or shifting their focus from technology
solutions to IT services.

P a g e | 167
 P a t h w a y t o
E m p l o y a b i l i t y

General Management Service Management Technical Management

Practices(14) Practices(17) Practices (3)
Architecture
Availability management Deployment management
management
Infrastructure and platform
Continual improvement Business analysis
Management
Capacity and
Information security Software development and
performance
management Management
management
Knowledge management Change control
Measurement and
Incident management
reporting
Organizational change
IT asset management
management
Monitoring and event
Portfolio management
management
Project management Project management
Relationship management Release management
Service catalogue
Risk management
management
Service financial Service configuration
management management
Service continuity
Strategy management
management
Supplier management Service design
Workforce and talent
Service desk
management
Service level management
Service request
management
Service validation and
testing

P a g e | 168
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.12 CONTINUOUS IMPROVEMENT MODEL

Continual improvement of services focuses on improvement by increasing

the efficiency, maximizing the effectiveness and optimising the cost of
services, resources and the underlying IT service management practices.
The can be ensured through identification of improvement opportunities
continually, throughout the lifecycle of a service & service value chain.

The primary objective is to continually align and re-align IT services to the

changing business needs/demand, by identification and implementation
of improvements to IT services that support business processes. Continual
improvement should look at improving process effectiveness, efficiency
and cost effectiveness.

Steps of the continual improvement model

The continual improvement uses the continual improvement model

depicted below, which provides the required approach for continual
improvement, which applies to SVS in entirety.

P a g e | 169
 P a t h w a y t o
E m p l o y a b i l i t y

1. What is the vision?

The vision of the organization has to be understood i.e. high-level direction,
organization context, role of stakeholders, expected value etc.

For example, organization has the vision to achieve 95% minimum customer
satisfaction.

2. Where are we now?

This step focuses on conducting the assessment to understand the current
performance and achievement of services.

For example, for assessing and understanding the customer satisfaction

score, let us assume the current satisfaction level is 80%

3. Where do we want to be?

P a g e | 170
 P a t h w a y t o
E m p l o y a b i l i t y

This step focuses on the analyzing the findings from previous step “where
are we now” and sets the target for improvement in immediate next
succession.

For example, the immediate next target for improving the customer
satisfaction level is 85%

4. How do we get there?

This step focuses on defining the required action to be taken to improve the
target set by “where do we want to be” step

For example: defining the approach / plan for achieving the 85% for
customer satisfaction by considering all the factors which are required to
achieve 85%

5. Take action
This step focuses on executing the proposed plan from step “how do we
get there” and implementing all those actions planned.

For example, implementing the plan defined to achieve 85% customer

satisfaction

6. Did we get there?

This step focuses on checking if the action taken resulted in achievement
of the target set by, “where do we wanted to be”

For example: check if the customer satisfaction is increased to 85%

P a g e | 171
 P a t h w a y t o
E m p l o y a b i l i t y

7. How to keep the momentum going?

This activity stresses on continuing the actions required for continual
improvement irrespective of the achievement found in “did we get there”
step. i.e. If it achieved the target, continue doing to improve further, if it did
not improve, keep putting efforts to improve.

For example, if 85% target is achieved move forward and set the next
target, if not check on required action to reach 85%

Continual improvement and the guiding principles

The continual improvement of a service & service performance should

focus on ensuring significant benefits to business, by applying the guiding
principles defined in ITIL® effectively. All the steps defined in continual
improvement model are significantly important and they should consider
all seven principles, in every initiative of improvements.

The seven principles defined in ITIL®4 are followed while performing every
step of the continual improvement model so that there are increased
chances of becoming successful, for overall improvement of the services.

The table below outlines the steps of continual improvement model & each
of the guiding principles is particularly relevant to them. However, all
principles are applicable to all steps at some level, it highlights the most
important (primarily) principles considered in the continual improvement
model.

Note: “Y” in the below table refers to “Yes – Applicable”

P a g e | 172
 P a t h w a y t o
E m p l o y a b i l i t y

Start Progress Collaborate Keep it

Focus Think and Optimize
Where iteratively And simple
on work and
you with Promote and
value holistically automate
are feedback Visibility practice
What is the
Y Y Y
vision

Where are
Y Y
we now

Where do
we want to Y Y Y Y
be

How do we
Y Y
get there

Take
Y Y Y
action

Did we get
Y Y Y
There

How to
keep the
Y Y Y Y
momentum
Going

P a g e | 173
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.13 ITSM SOFTWARE TYPES - SERVICE

DESKS, HELP DESKS, APPLICATION AND
SERVER MONITORS
IT Service Management (ITSM) is at the heart of Infrastructure and
Operations (I&O). As IT continues to evolve, organizations are transforming
their traditional ITSM methods and frameworks. You need to embrace lean
and agile models for managing end-to-end IT processes and delivering
quality services to meet the rising customer expectations.

Nowadays, the role of IT in the core business strategy is defined in the

following aspects:

• The value and experience IT as a service delivers to end-customers

• Significant shift towards better time-to-market, improved service

quality, and business resource optimization

• Strategic approach to drive innovation, operational excellence, and

cost savings

• Streamlining of IT processes, service deliveries, and customer support

With the focus on delivering value for money to customers, the service desk
has emerged to be the backbone of ITSM. Encompassing various ITSM
activities and support operations for the enablement of IT as a service, the
service desk is now a vital component of the IT ecosystem.

The three main factors that are driving the transformation of the service
desk includes —enterprise service management (ESM), collaboration, and
intelligent service management.

P a g e | 174
 P a t h w a y t o
E m p l o y a b i l i t y

Types of ITSM Software’s

ITSM tools help infrastructure and operations (I&O) organizations manage

the consumption of IT services, the infrastructure that supports the IT services
and the IT organization’s responsibility in delivering these services. These are
most heavily used by IT service desks and IT service delivery functions to
support the tasks and workflows for processes including incident, request,
problem, change, service level, knowledge and configuration
management.

Following are the categories of Tools IT teams can use to instantly improve
their ITSM:

1. Service desks are essentially communication centers, providing a

single point of contact between a business and its customers or
employees. Their primary purpose is to streamline communication—
both internally and externally.
2. Help desks fall into a similar category. They’re designed to help
companies resolve customer issues by automating complaint
resolution practices. This software generally works around a business’s
ticket management processes. A good help desk tool can greatly
improve the rate at which incidents are resolved, both for customers
and for employees.
3. Application and server monitors are designed to monitor and
manage the performance of application dependencies, transaction
times, and overall user experiences.

P a g e | 175
 P a t h w a y t o
E m p l o y a b i l i t y

1.2.14 SETUP & CONFIGURE - TOOLS &

ACCELERATORS

Commonly used ITSM Software’s

1. Service Desk

SolarWinds Service Desk (formerly known as Samanage) is cloud-based

ITSM software as reliable as it is robust. It has a slew of features, from change
management tracking to self-generating knowledge bases, which can be
beneficial to IT teams. Additionally, SD allows users to manage service
tickets and company assets from any smartphone or tablet. This makes it
an ideal tool for device-heavy environments, or for employees working
remotely.

This is the most recommend solution for any business. SolarWinds Service
Desk, is a high-quality product offering a range of capabilities to support a
robust ITSM framework.

P a g e | 176
 P a t h w a y t o
E m p l o y a b i l i t y

2. Web Help Desk (WHD)

While Service Desk is a cloud-based tool, SolarWinds Web Help Desk is built
to be an on-premises solution. Compared to Service Desk, WHD is a little
more minimalistic, but still gives you access to some powerful help desk
ticketing functionalities. Many businesses use WHD as a bona fide ticket-
managing utility, but it can also function as a highly efficient asset manager
as well.

From a feature standpoint, they both include the following utilities: a

knowledge base, ticketing, service portals, asset management, change
management, and problem management. However, WHD doesn’t offer
multiple language localization, release management, configuration
management database software, or a service catalog.

3. Zabbix

Zabbix is a popular open-source IT server monitoring tool. It stands out from

other open-source ITSM tools because there’s no separate version for its

P a g e | 177
 P a t h w a y t o
E m p l o y a b i l i t y

commercial use—the whole product is open source and freely available.

This makes it particularly good for configuration change management.

With Zabbix, you’re able to monitor almost anything. This includes network,
server, cloud, application, and more. Zabbix has been designed to be as
versatile as possible, and it even takes into account the needs of specific
industries—the tool makes reference to retail, energy, banking, aerospace,
finance, education, government, marketing, health care, IT, and
telecommunications. Zabbix considers how its platform could be best
utilized by each of these industries, discussing the proven benefits and uses.

4. SolarWinds Server & Application Monitor (SAM)

SolarWinds has a large portfolio of monitoring products, of which its Server

& Application Monitor is one. SAM is a state-of-the-art ITSM tool with the
capability to monitor over 1,000 applications at a time.

P a g e | 178
 P a t h w a y t o
E m p l o y a b i l i t y

Majority of organizations use cloud infrastructure alongside physical servers

and one of SAM’s premier benefits is it can be used to track and monitor
applications deployed in the cloud on Amazon Web Services or Microsoft
Azure. It’s also easy to use—you can get it set up in minutes, and can
customize the dashboard, dependencies, and alerts to fit your environment
and requirements.

5. Atlassian Jira Service Desk

Jira Service Desk, by Atlassian, is both a cloud-based and on-premises IT

service management solution. It’s best known for its efficient self-service
feature—customers are able to self-resolve tickets and queries by
accessing its knowledge base, making it customer-friendly.

This an affordable solution with completely transparent pricing, which is

refreshing. You can get up and running quickly, with codeless configuration
and setup. If you’re looking for a solution functioning well out of the box,

P a g e | 179
 P a t h w a y t o
E m p l o y a b i l i t y

then this might be for you; the system is ready to go almost instantly, and
after installing you can adapt it to suit your needs.

6. Zendesk Suite

Zendesk has a cloud-based help desk management solution offering

customizable tools to build a customer service portal, a knowledge base,
and online communities. Its best feature is without a doubt the live chat,
which is deployed through a centralized console letting users
communicate with their customers more easily.

Zendesk Suite is a widely used tool among companies offering subscription

services. It’s an easy-to-use program boasting maximum functionality, and
it considers multi-channel interaction capacity to be of the highest
importance. Customers can submit queries to the help desk element via
email, chat, a range of social media channels, and phone. All these
communications are contained in a centralized, unified console, which
makes the agent’s experience of replying to queries organized and
efficient. Agents don’t have to move between platforms to see customer

P a g e | 180
 P a t h w a y t o
E m p l o y a b i l i t y

inquiries, and the chance of any customer ticket being overlooked is

significantly reduced.

7. ManageEngine ServiceDesk Plus

ManageEngine ServiceDesk Plus offers more than a simple help desk utility.
It’s also an effective ITSM tool, with functions specifically designed for
Information Technology Infrastructure Library (ITIL) service operations. It
manages change requests, SLAs, contracts for maintenance, software
licenses, availability, and configuration. All of this revolves around the help
desk utility but is no less crucial to the overall efficiency and scope of
ServiceDesk Plus.

Like any competitive ITSM software with help desk functionalities,

ServiceDesk Plus features utilities designed to make submitting queries
simple and fast. Tickets can be raised by customers via telephone, email,
or web form. They’re then given to agents automatically, as determined by
your personal settings and customizations. If you want tickets of a certain

P a g e | 181
 P a t h w a y t o
E m p l o y a b i l i t y

nature to be assigned to a specific group or specialist technician, this is

something you can do from within the console. You can also define rules,
which allow you to categorize tickets, specifying user group, department,
or faulty equipment. By combining these settings and customizations, you
can achieve a largely automated workflow, reducing required manual
interference significantly.

8. Freshworks Freshservice

Freshservice covers incident management, asset management, change

management, release management utilities, and a service catalog. This
tool is easy to use and quick to set up. There’s no training required, and it
can be personalized to suit both IT and non-IT requirements.

Freshservice offers multi-channel support, meaning you can automate tasks

and respond to queries originating from email, self-service portal, chat,
phone, and face-to-face correspondences—all from one unified platform.
One of the best things about this tool, in my view, is it takes into
consideration agent engagement: Freshservice makes responding to
queries engaging, gamifying the experience, so agents enjoy it. After all,
happy agents are more productive. It’s simple thing other providers often
overlook, but it makes a big difference in terms of agent efficiency.

P a g e | 182
 P a t h w a y t o
E m p l o y a b i l i t y

P a g e | 183
 P a t h w a y t o
E m p l o y a b i l i t y

EARN YOUR CERTIFICATE OF

KNOWLEDGE (COK)

We congratulate you on your course completion and thank you again for your trust on us.

About End-of-Course Assessment

This assessment is conducted using an objective type and multiple-choice
questions pattern, which requires a student to demonstrate knowledge on
subject-related specifics in courseware. The purpose of this assessment
examination is to make a final review of the topics covered and assessment
of student's knowledge of the subject.

Examination pattern
The difficulty level of this Assessment Examination is in-line to the commonly
used standards by the global accreditation bodies in similar examinations
streams.

Use the exam access codes shared at the time of enrolment of this course to move ahead.
In order to earn the Certificate of Knowledge (CoK) for this course, you
need to appear for an objective type Examination of 60 minutes duration
and 40 questions. You need to correctly answer at least 60% of the
questions to pass the Examination.

The students who have thoroughly studied the courseware have better
learning outcomes and they can successfully clear the CoK Examination.
This also suggests that the positive effects may be cumulative and these
students have much higher chances of advancing their career to obtain
the global certification in the same space.

We wish you the best of luck for your CoK examination!

P a g e | 184
 P a t h w a y t o
E m p l o y a b i l i t y

NEXT STEPS IN PURSUIT OF YOUR

PERSONAL GROWTH
VVnT acknowledges and congratulates you for decision of choosing
career advancement journey with us. Taking the time to pick up this
program and study it suggests that you truly do want to do something
different.

Certainly, you want to change or improve your career or increase your

level of flexibility and independence, or you want to simply have much
security and more available options in life and business.

You can be more successful in your career by putting your lessons learnt
into work. One of the other effective ways of perfecting these disciplines is
to help others attain success and implement these actions themselves.
When people with common goals and motivations come together, they
tend to learn faster and become a support system for one another. So,
assemble into group of like-minded people and discuss this program.
Expand your group to include other like-minded people. Help one another
to apply and commit to using the actions, hold one another accountable
to these commitments. This is the fun game that you would love to play.

Follow the guidance available in subsequent sections to plan for your

Career advancement.

P a g e | 185
 P a t h w a y t o
E m p l o y a b i l i t y

HAVE A STRATEGY TO ADVANCE YOUR

CAREER IN IT SUPPORT SERVICE

Career path as IT Systems Support Specialists

IT Systems Support Specialists are responsible for analyzing, troubleshooting

and evaluating technology issues. This role may support internal clients,
helping to keep employees productive, or external customers of a
company, helping them via the telephone or webchat. Some specialists
are tasked with giving instructions to customers on how to use business-
specific programs or working with other technicians to resolve problems.
Other specialists may be responsible for answering simpler questions from
nonbusiness customers, like reestablishing internet connections or
troubleshooting household IT products like Wi-Fi routers.

Following skills are required for successful job in IT Systems Support function

Beginner level

• Make data easily accessible to those who need it

• Pay attention to customers’ descriptions of computer problems
• Ask questions to properly diagnose the problem
• Walk customers through the recommended problem-solving steps
• Set up or repair computer equipment and related devices
• Train users to work with new computer hardware or software
• Document changes, revisions and problems
• Provide other team members and managers information

Intermediate level

• Set up or repair computer equipment and related devices

• Maintain system capabilities by testing existing equipment and
programs

P a g e | 186
 P a t h w a y t o
E m p l o y a b i l i t y

• Try out new systems and software

• Document changes, revisions and problems
• Train users on proper use of hardware and software
• Clearly communicate the understanding of the proper use of
technology to team
• Manage and train beginner specialists

Advanced level

• Set up or repair computer equipment and related devices

• Manage system capabilities
• Explore new systems, software and processes
• Train users inside and outside of the IT department on proper use of
hardware and software
• Project manage ongoing issues
• Clearly communicate changes in policies to organization
management
• Manage and train team

Career progression may lead to midlevel networking, systems, analyst,

development or project roles.

Career path as IT Networking Specialist

IT Networking Specialist analyze, troubleshoot and evaluate computer

network problems. More advanced IT pros may be responsible for building
and designing communication networks as well. They play an important
role in maintaining an organization’s network and keeping them safe and
secure through both hardware configuration and end-user training.
Network specialists and administrators are responsible for day-to-day
operations and network architects and engineers design and build local
area networks (LANs), wide area networks (WANs), and Intranets.
Depending on the size of the company, these roles may be combined.

Following skills are required for successful job in IT Networking function

P a g e | 187
 P a t h w a y t o
E m p l o y a b i l i t y

Beginner level

• Make data easily accessible to those who need it

• Connect devices to the network and ensure they function properly
and securely
• Ensure a secure transfer of data over internal and external networks
• Back up network data
• Evaluate and optimize network performance
• Document network support activities
• Provide end-user support

Intermediate level

• Configure security settings to ensure the right people can get in and
the wrong ones cannot
• Analyze and report security breaches or attempted breaches
• Troubleshoot the network to identify connectivity issues using
diagnostic tools
• Configure WAN or LAN routers or related equipment
• Document network support activities
• Provide end-user support
• Manage and train beginner networking professionals

Advanced level

• Design, deploy, manage and troubleshoot networks

• Analyze network traffic and predict growth to determine future
needs
• Present plans to leadership
• Understand cybersecurity and how it affects networks
• Stay up-to-date on the latest technologies to determine the best
options for the organization
• Provide end-user support
• Manage and train team

P a g e | 188
 P a t h w a y t o
E m p l o y a b i l i t y

Career progression may lead to senior level networking, systems, analyst,

development or project roles.

You can further advance your career to take up new roles like

1. Information Security / Cybersecurity Professionals – They detect

cyberthreats and implement changes to protect an organization. A
security operations center (SOC) team likely has several tiers of
cybersecurity professionals that are responsible for monitoring,
directing, containing and remediating IT threats. Information Security
Professionals may be tasked with anything from installing, administering
and troubleshooting security solutions to writing up security policies and
training documents for colleagues. While other job roles are responsible
for specific part of the overall system, Information Security Professionals
must be able to take a step back and see the big picture to keep it
secure from threats.

Following skills are required for successful job in Information Security

function

Beginner level

• Scan and assess network for vulnerabilities

• Monitor network traffic for unusual activity
• Investigate a violation when a breach occurs
• Install and use software to protect sensitive information
• Prepare reports that document security breaches
• Research new security technology
• Help end-users when they need to install or learn about new
products and procedures

Intermediate level

• Manage and configure tools to monitor network activity

• Conduct penetration testing

P a g e | 189
 P a t h w a y t o
E m p l o y a b i l i t y

• Analyze reports from tools to identify unusual network behavior

• Plan and recommend changes to increase the security of the
network
• Apply security patches to protect the network
• Help end-users when they need to install or learn about new
products and procedures
• Train beginner cybersecurity professionals

Advanced level

• Manage and configure tools to monitor network activity

• Research the latest IT security trends
• Develop security standards and best practices for the
organization
• Recommend security enhancements to management or senior
staff
• Develop and update business continuity and disaster recovery
protocols
• Help end-users when they need to install or learn about new
products and procedures
• Manage and train team

2. Database Specialists – They are tasked with overseeing the

development of new databases, monitoring database performance
and interpreting raw data and turning it into usable feedback and
applications. A Database Specialist knows what all the numbers and
patterns mean and can communicate the findings in layman’s terms. In
addition to drawing meaning from raw data, these individuals are also
charged with collecting and cleaning up the data ensuring that the
information is accurate and without error. Some Database
Administrators specialize in specific systems or applications. Making sure
confidential information is secure and available to those who need it is
a top priority of Database Specialists.

Following skills are required for successful job in Database Specialist

function

P a g e | 190
 P a t h w a y t o
E m p l o y a b i l i t y

Beginner level

• Ensure that organizational data is secure

• Back up and restore data to prevent data loss
• Identify user needs to create and administer databases
• Make and test modifications to database structure when needed
• Maintain databases and update permissions
• Merge old databases into new ones
• Analyze data to identify patterns and trends

Intermediate level

• Ensure that organizational data is secure

• Back up and restore data to prevent data loss
• Identify user needs to create and administer databases
• Make and test modifications to database structure when needed
• Maintain databases and update permissions
• Merge old databases into new ones
• Analyze data to identify patterns and trends

Advanced level

• Analyze data to identify patterns and trends

• Create and use models and algorithms to organize and interpret
big data
• Work with a variety of programming languages
• Understand how to read and use the command line, which may
include Linux
• Keep up with new techniques and trends in analysis
• Share findings with stakeholders in an uncomplicated way
• Manage and train team

3. Software and Web Developers – They are the creative minds behind
computer programs and websites. Some Software Developers develop
the applications that allow people to do specific tasks on computers or
devices, while others develop the underlying systems that run the

P a g e | 191
 P a t h w a y t o
E m p l o y a b i l i t y

devices or control the networks. Software Developers must identify the

core functionalities that users need. Web Developers are responsible for
the both the design and look of the site as well as the site’s technical
aspects such as performance and capacity which are metrics of a
website’s speed and traffic. Both roles require customer facing skills to
determine client wants and needs.

Following skills are required for successful job in Software and Web
Development function

Beginner level

• Meet with internal and external clients to discuss needs

• Work with team members to determine website/application
layout
• Design, test and develop software/website to meet those needs
• Write code for the website or design pieces of an application
• Monitor website/application traffic and feedback
• Document aspect of website/application as a reference for
maintenance/upgrades
• Recommend upgrades to customers

Intermediate level

• Meet with internal and external clients to discuss needs

• Design, test and develop software/website to meet those needs
• Write code for the website or design pieces of an application
• Create a variety of models and diagrams that show
programmers application needs
• Ensure that a program/website continues to function through
maintenance and testing
• Collaborate with others to produce optimum software
• Train beginner developers

Advanced level

• Meet with internal and external clients to discuss needs

• Design, test and develop software/website to meet those needs

P a g e | 192
 P a t h w a y t o
E m p l o y a b i l i t y

• Oversee development of websites or applications

• Create reports to communicate the functionality of websites or
applications
• Collaborate with others to produce optimum software
• Recommend upgrades to management and/or customers
• Manage and train team

P a g e | 193
 P a t h w a y t o
E m p l o y a b i l i t y

INCORPORATE SPECIALIZED SKILLS IN

IT SERVICE MANAGEMENT

In the current scenario, the role of an IT Service Manager is essential to any

business that relies on an IT system – and many businesses obviously involve
IT. Hence if you move ahead with career in this field, you will have a diverse
range of options and industries to choose from.

Roles in this sector are challenging with a multitude of responsibilities and

functions. For instance, if you are hired for the position of a Service Level
Manager, you would have accountability for all aspects of the company’s
IT services including responsibility for the delivery of IT services as per
business requirements.

The career path IT Service Management are categorized below:

• Project Management
• Service Strategy and Design
• Service Transition
• Service Operation

Key actions that will help you organize your IT career growth efforts:

P a g e | 194
 P a t h w a y t o
E m p l o y a b i l i t y

IT Service Management roles are varied. Some require technical

knowledge, whilst some focus more on the business side. However, it is an
easy field to enter, provided you start small and get the right qualifications
and experience.

It goes without saying that IT Service Management will evolve as the IT world
moves towards increased automation and advanced technology. There’ll
be new tools and skills to learn, plus new processes to adapt to. It is
therefore wise for current/aspiring ITSM professionals to prepare for these
changes.

With the new technology advancements, there is higher demand of risk

management skills and knowledge of automation tools. Critical thinking
and creative skills have become more desirable as automation and AI free
up people’s time. As cyber-attacks also continue to be a threat, making
cyber resilience skills highly desirable too. To cope with these changes,
many organisations are adopting DevOps. This approach advocates closer
collaboration between IT services and IT development teams, along with
continuous delivery and the use of automation tools. This all enables
DevOps organisations to deliver high-quality IT solutions quickly, which
keeps the customer happy and leads to increased revenue.

P a g e | 195
 P a t h w a y t o
E m p l o y a b i l i t y

KEEP UP WITH THE LATEST INDUSTRY

TRENDS

Analyse and explore the areas in Trends

• Artificial Intelligence
• Big Data Analytics
• Blockchain
• Cloud Computing Solutions

Artificial Intelligence

Automation of services has picked up its fastest pace by now, giving users
the much-needed facility to fulfill their regular tasks. Wo can delve into the
subject a little more to figure out how AI-powered customer service can
possibly help customer support agents online. AI assisted responses can
potentially replace the need for human agents completely, due to its two
major capabilities - Machine learning and Natural language processing
(NLP).

Some of the use cases includes:

• AI for B2C customer service

• AI-powered, customized, real-time messaging bot services
• AI for intelligent assistance and pre-emptive recommendations
• AI controlled Multi channels for parallel support system
• AI machine learning for extra assistance to customers and service
agents
• AI for precise predictions and insights to customer experience
• AI robot for uninterrupted service assurance

P a g e | 196
 P a t h w a y t o
E m p l o y a b i l i t y

Big Data Analytics

Big Data is everywhere and there is almost an urgent need to collect and
preserve whatever data is being generated, for the fear of missing out on
something important. There is a huge amount of data floating around.
What we do with it is all that matters right now. This is why Big Data Analytics
is in the frontiers of IT. Big Data Analytics has become crucial as it aids in
improving business, decision makings and providing the biggest edge over
the competitors. This applies for organizations as well as professionals in the
Analytics domain.

Some of the use cases includes:

• Prescriptive Analytics on the Big Data environment.

• Predictive Analytics on the Big Data environment.
• Descriptive Analytics on the Big Data environment.

P a g e | 197
 P a t h w a y t o
E m p l o y a b i l i t y

Blockchain

Blockchain is the latest version of distributed ledger technology (DLT) that

helps people do business with each other by tracking who owns what. For
people to do business with one another, we need - Trust, Transparency and
Auditability/verifiability. Blockchain ensures the decentralized nature of the
technology and works without involving third-party/central authority. As
technology is booming, it has started attracting public attention. Many of
the industries, including finance, supply chain, gaming, healthcare, and
others, have started adopting blockchain solutions to secure their place in
the changing times. Organizations and enterprises are implementing this
technology to stay ahead of their competitors.

Some of the use cases includes:

• Secure sharing of medical data.

• NFT marketplaces.
• Music royalties tracking.
• Cross-border payments.
• Real-time IoT operating systems.
• Personal identity security.
• Anti-money laundering tracking system.
• Supply chain and logistics monitoring.

Cloud Computing Solutions

More and more businesses are beginning to turn to cloud computing

solutions, simply because the cloud stores your information as an additional
form of backup and allows you to access your business anytime, anywhere.
Utilizing the cloud is fast, easy and extremely user-friendly. Cloud
computing solutions offer an abundance of benefits to users. They are able
to improve their efficiency while reducing overhead costs. Cloud
computing is used by different technology companies to access IT

P a g e | 198
 P a t h w a y t o
E m p l o y a b i l i t y

infrastructure, software and hardware resources that are stored in high-end

server computers and networks.

Some of the use cases includes:

• Office 365
• Application Hosting
• Virtualization Support
• Virtual Server Support

P a g e | 199
 P a t h w a y t o
E m p l o y a b i l i t y

TOOLS AND ACCELERATORS FOR IT

SUPPORT & SERVICES
IT service management tools help regulate how IT services are delivered
within a company based on its budgets, people, processes, environment
and outcomes. The tools help better support the production environment.
It facilitates tasks and workflows associated with the management and
delivery of quality IT services.

You need to invest time in learning new tools and accelerators. There are
certain things to keep in mind when selecting an ITSM tool.

1. It is preferred if you don’t straight away start with a list of the available
IT service management tools. The most crucial step is to assess what
is required for your business and then make purchases catering to
your needs.
2. It is better to aim for a single corporate IT service management tool.
The consistency of the ITSM process should be taken into
consideration. It has to be made sure that it adds to the technology
management overhead; otherwise, it’s just a waste of money.
3. It is essential to differentiate between tools that are must-haves and
tools that are the tie to have. Adequate tools need to be the ones
that help progress your work.
4. The integration with IT and business should not be taken into
consideration.
5. Scoring IT service management tool vendors beyond the offered tool
functionality is also significant.
6. Weighing your requirements correctly and adequately, is also vital.
7. Let the primary users of the tool play a vital role in the selection of the
device since it’s for them to use, and they might know what would
suit the best.
8. The relationship between the ITSM tool vendor is also an essential
factor to consider for purchasing an ITSM tool.

P a g e | 200
 P a t h w a y t o
E m p l o y a b i l i t y

STANDARDS AND ITSM MATURITY

ASSESSMENT MODELS

ITSM Related standards and frameworks

P a g e | 201
 P a t h w a y t o
E m p l o y a b i l i t y

P a g e | 202
 P a t h w a y t o
E m p l o y a b i l i t y

Maturity models summary

While there are lots of maturity rating methods out there, the most common
ones include:

• CMMI
Capability Maturity Model Integration (CMMI) is targeted to be used
alongside companies process improvement initiatives. This especially
when there is need to review the process of developing and
improving the software product. Another enhanced version of the
CMM is the Capability Maturity Model Integration for Services (CMMI
SVC).

• COBIT
The main focus of COBIT is to view IT Service Management from the
IT governance perspective. It provides accordingly control
objectives, roles, and responsibilities with relevant IT Service
Management process metrics. An enhanced version of this is the
COBIT Process Assessment Model (PAM).

• The AXELOS ITIL maturity model

AXELOS was developed in year 2013 based on the previously
described ITIL Process Maturity Framework (PMF). The re-
development was due to the release of ITIL version 3 and its process-
oriented model. At the same time, it was renamed as Axelos but also
the term ITIL Maturity model is widely used. With the ITIL 3 this maturity
model considers the ITIL service lifecycle and its processes and
functions.

P a g e | 203
 P a t h w a y t o
E m p l o y a b i l i t y

ACQUIRE GLOBAL CERTIFICATIONS

AND SPECIALIZATIONS
IT Service Management (ITSM) certifications are for professionals looking to
improve information systems processes, minimizing disruptions to the
business and delivering further customer value. Offering a robust portfolio
of training and certifications on ITSM best practices comprising of support
center, problem and incident management, IT governance, and
knowledge management techniques and frameworks.

There are a wide variety of ITSM certifications available, whether you are
new to the scene entirely or are looking to enhance your current skill set.

ITIL Foundation

The ITIL 4 Foundation certification is designed an introduction to ITIL 4,

enabling candidates to look at ITSM through an end-to-end operating
model for the creation, delivery and continual improvement of tech-
enabled products and services.

CompTIA A+

The CompTIA A+ certification is an industry standard for new professionals

interested in starting a career in IT. This certification verifies that the
candidate is able to support today’s core technologies such as security,
cloud, data management, and more.

CompTIA Network+

The CompTIA Network+ certification is for individuals looking to develop a

career in IT infrastructure involving troubleshooting, configuring, and

P a g e | 204
 P a t h w a y t o
E m p l o y a b i l i t y

managing networks. The certification ensures that the candidate is able to

use devices to create resilient networks and can implement security,
standards, and protocols on them.

COBIT Foundation Certification

This certification ensures that the IT professional has extensive knowledge

of and experience with enablers for governance and management of
enterprise IT.

P a g e | 205