Sarbanes-Oxley (SOX)

US law that regulates financial practice and corporate governance.

scalability

The ability of an IT service, process, configuration item etc. to perform its agreed function when the workload or scope changes.

scope

The boundary or extent to which a process, procedure, certification, contract etc. applies. For example, the scope of change management may include all live IT services and related configuration items; the scope of an ISO/IEC 20000 certificate may include all IT services delivered out of a named data centre.

second-line support

(ITIL Service Operation) The second level in a hierarchy of support groups involved in the resolution of incidents and investigation of problems. Each level contains more specialist skills, or has more time or other resources.

security

See information security management.

security management

See information security management.

security management information system (SMIS)

(ITIL Service Design) A set of tools, data and information that is used to support information security management. The security management information system is part of the information security management system. See also service knowledge management system.

security policy

See information security policy.

separation of concerns (SoC)

An approach to designing a solution or IT service that divides the problem into pieces that can be solved independently. This approach separates what is to be done from how it is to be done.

server

(ITIL Service Operation) A computer that is connected to a network and provides software functions that are used by other computers.

service

A means of delivering value to customers by facilitating outcomes customers want to achieve without the ownership of specific costs and risks. The term 'service' is sometimes used as a synonym for core service, IT service or service package. See also utility; warranty.

service acceptance criteria (SAC)

(ITIL Service Transition) A set of criteria used to ensure that an IT service meets its functionality and quality requirements and that the IT service provider is ready to operate the new IT service when it has been deployed. See also acceptance.

service analytics

(ITIL Service Strategy) A technique used in the assessment of the business impact of incidents. Service analytics models the dependencies between configuration items, and the dependencies of IT services on configuration items.

service asset

Any resource or capability of a service provider. See also asset.

service asset and configuration management (SACM)

(ITIL Service Transition) The process responsible for ensuring that the assets required to deliver services are properly controlled, and that accurate and reliable information about those assets is available when and where it is needed. This information includes details of how the assets have been configured and the relationships between assets. See also configuration management system.

service capacity management (SCM)

(ITIL Continual Service Improvement) (ITIL Service Design) The sub-process of capacity management responsible for understanding the performance and capacity of IT services. Information on the resources used by each IT service and the pattern of usage over time are collected, recorded and analysed for use in the capacity plan. See also business capacity management; component capacity management.

service catalogue

(ITIL Service Design) (ITIL Service Strategy) A database or structured document with information about all live IT services, including those available for deployment. The service catalogue is part of the service portfolio and contains information about two types of IT service: customer-facing services that are visible to the business; and supporting services required by the service provider to deliver customer-facing services. See also customer agreement portfolio; service catalogue management.

service catalogue management

(ITIL Service Design) The process responsible for providing and maintaining the service catalogue and for ensuring that it is available to those who are authorized to access it.

service change

See change.

service charter

(ITIL Service Design) (ITIL Service Strategy) A document that contains details of a new or changed service. New service introductions and significant service changes are documented in a charter and authorized by service portfolio management. Service charters are passed to the service design lifecycle stage where a new or modified service design package will be created. The term charter is also used to describe the act of authorizing the work required by each stage of the service lifecycle with respect to the new or changed service. See also change proposal; service portfolio; service catalogue.

service continuity management

See IT service continuity management.

service contract

(ITIL Service Strategy) A contract to deliver one or more IT services. The term is also used to mean any agreement to deliver IT services, whether this is a legal contract or a service level agreement. See also customer agreement portfolio.

service culture

A customer-oriented culture. The major objectives of a service culture are customer satisfaction and helping customers to achieve their business objectives.

service design

(ITIL Service Design) A stage in the lifecycle of a service. Service design includes the design of the services, governing practices, processes and policies required to realize the service provider's strategy and to facilitate the introduction of services into supported environments. Service design includes the following processes: design coordination, service catalogue management, service level management, availability management, capacity management, IT service continuity management, information security management, and supplier management. Although these processes are associated with service design, most processes have activities that take place across multiple stages of the service lifecycle. See also design.

service design package (SDP)

(ITIL Service Design) Document(s) defining all aspects of an IT service and its requirements through each stage of its lifecycle. A service design package is produced for each new IT service, major change or IT service retirement.

service desk

(ITIL Service Operation) The single point of contact between the service provider and the users. A typical service desk manages incidents and service requests, and also handles communication with the users.

service failure analysis (SFA)

(ITIL Service Design) A technique that identifies underlying causes of one or more IT service interruptions. Service failure analysis identifies opportunities to improve the IT service provider's processes and tools, and not just the IT infrastructure. It is a time-constrained, project-like activity, rather than an ongoing process of analysis.

service hours

(ITIL Service Design) An agreed time period when a particular IT service should be available. For example, 'Monday–Friday 08:00 to 17:00 except public holidays'. Service hours should be defined in a service level agreement.

service improvement plan (SIP)

(ITIL Continual Service Improvement) A formal plan to implement improvements to a process or IT service.

service knowledge management system (SKMS)

(ITIL Service Transition) A set of tools and databases that is used to manage knowledge, information and data. The service knowledge management system includes the configuration management system, as well as other databases and information systems. The service knowledge management system includes tools for collecting, storing, managing, updating, analysing and presenting all the knowledge, information and data that an IT service provider will need to manage the full lifecycle of IT services. See also knowledge management.

service level

Measured and reported achievement against one or more service level targets. The term is sometimes used informally to mean service level target.

service level agreement (SLA)

(ITIL Continual Service Improvement) (ITIL Service Design ) An agreement between an IT service provider and a customer. A service level agreement describes the IT service, documents service level targets, and specifies the responsibilities of the IT service provider and the customer. A single agreement may cover multiple IT services or multiple customers. See also operational level agreement.

service level management (SLM)

(ITIL Service Design) The process responsible for negotiating achievable service level agreements and ensuring that these are met. It is responsible for ensuring that all IT service management processes, operational level agreements and underpinning contracts are appropriate for the agreed service level targets. Service level management monitors and reports on service levels, holds regular service reviews with customers, and identifies required improvements.

service level package (SLP)

See service option.

service level requirement (SLR)

(ITIL Continual Service Improvement) (ITIL Service Design ) A customer requirement for an aspect of an IT service. Service level requirements are based on business objectives and used to negotiate agreed service level targets.

service level target

(ITIL Continual Service Improvement) (ITIL Service Design ) A commitment that is documented in a service level agreement. Service level targets are based on service level requirements, and are needed to ensure that the IT service is able to meet business objectives. They should be SMART, and are usually based on key performance indicators.

service lifecycle

An approach to IT service management that emphasizes the importance of coordination and control across the various functions, processes and systems necessary to manage the full lifecycle of IT services. The service lifecycle approach considers the strategy, design, transition, operation and continual improvement of IT services. Also known as service management lifecycle.

service maintenance objective (SMO)

(ITIL Service Operation) The expected time that a configuration item will be unavailable due to planned maintenance activity.

service management

A set of specialized organizational capabilities for providing value to customers in the form of services.

service management lifecycle

See service lifecycle.

service manager

A generic term for any manager within the service provider. Most commonly used to refer to a business relationship manager, a process manager or a senior manager with responsibility for IT services overall.

service model

(ITIL Service Strategy) A model that shows how service assets interact with customer assets to create value. Service models describe the structure of a service (how the configuration items fit together) and the dynamics of the service (activities, flow of resources and interactions). A service model can be used as a template or blueprint for multiple services.

service operation

(ITIL Service Operation) A stage in the lifecycle of a service. Service operation coordinates and carries out the activities and processes required to deliver and manage services at agreed levels to business users and customers. Service operation also manages the technology that is used to deliver and support services. Service operation includes the following processes: event management, incident management, request fulfilment, problem management, and access management. Service operation also includes the following functions: service desk, technical management, IT operations management, and application management. Although these processes and functions are associated with service operation, most processes and functions have activities that take place across multiple stages of the service lifecycle. See also operation.

service option

(ITIL Service Design) (ITIL Service Strategy) A choice of utility and warranty offered to customers by a core service or service package. Service options are sometimes referred to as service level packages.

service owner

(ITIL Service Strategy) A role responsible for managing one or more services throughout their entire lifecycle. Service owners are instrumental in the development of service strategy and are responsible for the content of the service portfolio. See also business relationship management.

service package

(ITIL Service Strategy) Two or more services that have been combined to offer a solution to a specific type of customer need or to underpin specific business outcomes. A service package can consist of a combination of core services, enabling services and enhancing services. A service package provides a specific level of utility and warranty. Customers may be offered a choice of utility and warranty through one or more service options. See also IT service.

service pipeline

(ITIL Service Strategy) A database or structured document listing all IT services that are under consideration or development, but are not yet available to customers. The service pipeline provides a business view of possible future IT services and is part of the service portfolio that is not normally published to customers.

service portfolio

(ITIL Service Strategy) The complete set of services that is managed by a service provider. The service portfolio is used to manage the entire lifecycle of all services, and includes three categories: service pipeline (proposed or in development), service catalogue (live or available for deployment), and retired services. See also customer agreement portfolio; service portfolio management.

service portfolio management (SPM)

(ITIL Service Strategy) The process responsible for managing the service portfolio. Service portfolio management ensures that the service provider has the right mix of services to meet required business outcomes at an appropriate level of investment. Service portfolio management considers services in terms of the business value that they provide.

service potential

(ITIL Service Strategy) The total possible value of the overall capabilities and resources of the IT service provider.

service provider

(ITIL Service Strategy) An organization supplying services to one or more internal customers or external customers. Service provider is often used as an abbreviation for IT service provider. See also Type I service provider; Type II service provider; Type III service provider.

service provider interface (SPI)

(ITIL Service Strategy) An interface between the IT service provider and a user, customer, business process or supplier. Analysis of service provider interfaces helps to coordinate end-to-end management of IT services.

service reporting

(ITIL Continual Service Improvement) Activities that produce and deliver reports of achievement and trends against service levels. The format, content and frequency of reports should be agreed with customers.

service request

(ITIL Service Operation) A formal request from a user for something to be provided – for example, a request for information or advice; to reset a password; or to install a workstation for a new user. Service requests are managed by the request fulfilment process, usually in conjunction with the service desk. Service requests may be linked to a request for change as part of fulfilling the request.

service sourcing

(ITIL Service Strategy) The strategy and approach for deciding whether to provide a service internally, to outsource it to an external service provider, or to combine the two approaches. Service sourcing also means the execution of this strategy. See also insourcing; internal service provider; outsourcing.

service transition

(ITIL Service Transition) A stage in the lifecycle of a service. Service transition ensures that new, modified or retired services meet the expectations of the business as documented in the service strategy and service design stages of the lifecycle. Service transition includes the following processes: transition planning and support, change management, service asset and configuration management, release and deployment management, service validation and testing, change evaluation, and knowledge management. Although these processes are associated with service transition, most processes have activities that take place across multiple stages of the service lifecycle. See also transition.

service validation and testing

(ITIL Service Transition) The process responsible for validation and testing of a new or changed IT service. Service validation and testing ensures that the IT service matches its design specification and will meet the needs of the business.

service valuation

(ITIL Service Strategy) A measurement of the total cost of delivering an IT service, and the total value to the business of that IT service. Service valuation is used to help the business and the IT service provider agree on the value of the IT service.

serviceability

(ITIL Continual Service Improvement) (ITIL Service Design) The ability of a third-party supplier to meet the terms of its contract. This contract will include agreed levels of reliability, maintainability and availability for a configuration item.

seven-step improvement process

(ITIL Continual Service Improvement) The process responsible for defining and managing the steps needed to identify, define, gather, process, analyse, present and implement improvements. The performance of the IT service provider is continually measured by this process and improvements are made to processes, IT services and IT infrastructure in order to increase efficiency, effectiveness and cost effectiveness. Opportunities for improvement are recorded and managed in the CSI register.

shared service unit

See Type II service provider.

shift

(ITIL Service Operation) A group or team of people who carry out a specific role for a fixed period of time. For example, there could be four shifts of IT operations control personnel to support an IT service that is used 24 hours a day.

simulation modelling

(ITIL Continual Service Improvement) (ITIL Service Design) A technique that creates a detailed model to predict the behaviour of an IT service or other configuration item. A simulation model is often created by using the actual configuration items that are being modelled with artificial workloads or transactions. They are used in capacity management when accurate results are important. A simulation model is sometimes called a performance benchmark. See also analytical modelling; modelling.

single point of contact

(ITIL Service Operation) Providing a single consistent way to communicate with an organization or business unit. For example, a single point of contact for an IT service provider is usually called a service desk.

single point of failure (SPOF)

(ITIL Service Design ) Any configuration item that can cause an incident when it fails, and for which a countermeasure has not been implemented. A single point of failure may be a person or a step in a process or activity, as well as a component of the IT infrastructure. See also failure.

SLAM chart

(ITIL Continual Service Improvement) A service level agreement monitoring chart is used to help monitor and report achievements against service level targets. A SLAM chart is typically colour-coded to show whether each agreed service level target has been met, missed or nearly missed during each of the previous 12 months.

SMART

(ITIL Continual Service Improvement) (ITIL Service Design) An acronym for helping to remember that targets in service level agreements and project plans should be specific, measurable, achievable, relevant and time-bound.

snapshot

(ITIL Continual Service Improvement) (ITIL Service Transition) The current state of a configuration item, process or any other set of data recorded at a specific point in time. Snapshots can be captured by discovery tools or by manual techniques such as an assessment. See also baseline; benchmark.

software asset management (SAM)

(ITIL Service Transition) The process responsible for tracking and reporting the use and ownership of software assets throughout their lifecycle. Software asset management is part of an overall service asset and configuration management process. This process is not described in detail within the core ITIL publications.

source

See service sourcing.

specification

A formal definition of requirements. A specification may be used to define technical or operational requirements, and may be internal or external. Many public standards consist of a code of practice and a specification. The specification defines the standard against which an organization can be audited.

stakeholder

A person who has an interest in an organization, project, IT service etc. Stakeholders may be interested in the activities, targets, resources or deliverables. Stakeholders may include customers, partners, employees, shareholders, owners etc. See also RACI.

Read more on Stakeholders and how to identify them.

Get a list of Stakeholders that you might have in a project or initiative.

standard

A mandatory requirement. Examples include ISO/IEC 20000 (an international standard), an internal security standard for Unix configuration, or a government standard for how financial records should be maintained. The term is also used to refer to a code of practice or specification published by a standards organization such as ISO or BSI. See also guideline.

standard change

(ITIL Service Transition) A pre-authorized change that is low risk, relatively common and follows a procedure or work instruction – for example, a password reset or provision of standard equipment to a new employee. Requests for change are not required to implement a standard change, and they are logged and tracked using a different mechanism, such as a service request. See also change model.

standard operating procedures (SOP)

(ITIL Service Operation) Procedures used by IT operations management.

standby

(ITIL Service Design) Used to refer to resources that are not required to deliver the live IT services, but are available to support IT service continuity plans. For example, a standby data centre may be maintained to support hot standby, warm standby or cold standby arrangements.

statement of requirements (SOR)

(ITIL Service Design) A document containing all requirements for a product purchase, or a new or changed IT service. See also terms of reference.

status

The name of a required field in many types of record. It shows the current stage in the lifecycle of the associated configuration item, incident, problem etc.

status accounting

(ITIL Service Transition) The activity responsible for recording and reporting the lifecycle of each configuration item.

storage management

(ITIL Service Operation) The process responsible for managing the storage and maintenance of data throughout its lifecycle.

strategic

(ITIL Service Strategy) The highest of three levels of planning and delivery (strategic, tactical, operational). Strategic activities include objective setting and long-term planning to achieve the overall vision.

strategic asset

(ITIL Service Strategy) Any asset that provides the basis for core competence, distinctive performance or sustainable competitive advantage, or which allows a business unit to participate in business opportunities. Part of service strategy is to identify how IT can be viewed as a strategic asset rather than an internal administrative function.

strategy

(ITIL Service Strategy) A strategic plan designed to achieve defined objectives.

strategy management for IT services

(ITIL Service Strategy) The process responsible for defining and maintaining an organization's perspective, position, plans and patterns with regard to its services and the management of those services. Once the strategy has been defined, strategy management for IT services is also responsible for ensuring that it achieves its intended business outcomes.

super user

(ITIL Service Operation) A user who helps other users, and assists in communication with the service desk or other parts of the IT service provider. Super users are often experts in the business processes supported by an IT service and will provide support for minor incidents and training.

supplier

(ITIL Service Design) (ITIL Service Strategy) A third party responsible for supplying goods or services that are required to deliver IT services. Examples of suppliers include commodity hardware and software vendors, network and telecom providers, and outsourcing organizations. See also supply chain; underpinning contract.

supplier and contract management information system (SCMIS)

(ITIL Service Design) A set of tools, data and information that is used to support supplier management. See also service knowledge management system.

supplier management

(ITIL Service Design) The process responsible for obtaining value for money from suppliers, ensuring that all contracts and agreements with suppliers support the needs of the business, and that all suppliers meet their contractual commitments. See also supplier and contract management information system.

supply chain

(ITIL Service Strategy) The activities in a value chain carried out by suppliers. A supply chain typically involves multiple suppliers, each adding value to the product or service. See also value network.

support group

(ITIL Service Operation) A group of people with technical skills. Support groups provide the technical support needed by all of the IT service management processes. See also technical management.

support hours

(ITIL Service Design) (ITIL Service Operation) The times or hours when support is available to the users. Typically these are the hours when the service desk is available. Support hours should be defined in a service level agreement, and may be different from service hours. For example, service hours may be 24 hours a day, but the support hours may be 07:00 to 19:00.

supporting service

(ITIL Service Design) An IT service that is not directly used by the business, but is required by the IT service provider to deliver customer-facing services (for example, a directory service or a backup service). Supporting services may also include IT services only used by the IT service provider. All live supporting services, including those available for deployment, are recorded in the service catalogue along with information about their relationships to customer-facing services and other CIs.

SWOT analysis

(ITIL Continual Service Improvement) A technique that reviews and analyses the internal strengths and weaknesses of an organization and the external opportunities and threats that it faces. SWOT stands for strengths, weaknesses, opportunities and threats.

system

A number of related things that work together to achieve an overall objective. For example:

• A computer system including hardware, software and applications
• A management system, including the framework of policy, processes, functions, standards, guidelines and tools that are planned and managed together – for example, a quality management system
• A database management system or operating system that includes many software modules which are designed to perform a set of related functions.

system management

The part of IT service management that focuses on the management of IT infrastructure rather than process.