Walid Nehme

What are the:

(a) costs,                (4 marks)
(b) benefits,           (8 marks)
(c) possible problems          (8 marks)

of implementing and running a Software Control and Distribution function based upon ITIL?

Guidelines

This is a specifically book question, since it asks for the benefits of an SC&D function based upon ITIL, not what you should do nowadays!

So, from the book:

a)    Costs

       The costs associated with SC&D include:

• staff costs;
• file storage costs - to accommodate the DSL, build environments, any additional test and live environments, and archive copies;
• the cost of computer and network resources for moving software into and out of the DSL, and for building, distributing and implementing software releases;
• the cost of software support tools (and the cost of any additional hardware needed to run these tools);
• initial time costs - for a short period it may take longer for changes to be implemented using the new SC&D system, but when staff become experienced the new procedures should take no longer, and may take less time, than the old methods.

1 mark for each cost given with some explanation of understanding - e.g. the ‘staff costs’ should explain what staff will cost extra because of the Introduction of the SC&D function, and what tools are being bought (this in formation Is In the book but Is not repeated in the costs section).

b)            Benefits

       This part of the book has a caveat, which is important, it could be given here or under the problems bit of the answer since its non implementation would be a problem to realising the benefits.

       The principal benefits of an SC&D function, when combined with effective configuration management, change management and operational acceptance testing functions, are:

• the software in live use is of good quality, because software releases are built properly, from software that has been subject to quality control and effective testing, and under proper change management control;
• software is released to the live environment in a way that minimises the chance of error, e.g. by use of an incorrect version;
• an organisation’s software assets, upon which the organisation may be heavily dependent, are properly and securely safeguarded;
• an ability to absorb high rates of change to the software on the live systems, effectively and without adversely affecting IT service quality - essential in today’s IT environment;
• the ability to build and control the software used at remote sites from a central location;
• the ability to maintain consistent software over a large number of locations, which leads to financial saving because support is made easier and more economic;
• reduced likelihood of there being illegal copies of software in use at any location;
• easier detection of wrong versions and unauthorised copies of software;
• reduced opportunities for unnoticed introduction of viruses or other malicious software.

       As the efficiency and effectiveness of SC&D grows, the productivity of IT Services staff is likely to increase. More importantly, productivity benefits are likely to be realised amongst end-users. Even a modest assumption of a 0.5% increase in end-user productivity attributed to software quality improvement resulting from SC&D, would indicate large savings.

½ mark for each ‘bald benefit’ given, with other marks being awarded for:
explanations of and expansions of the benefits that can be so expanded and explained; for the mention of the caveat at the beginning; the most significant financial benefit that would arise form improved software, that is given at the end of the book extract.

c)    Possible problems

       The following problems may be experienced when initiating and running a SC&D function.

• There may be some initial resistance from staff who are familiar with old procedures and who may not welcome change. To overcome this, the benefits of the new procedures must be carefully explained during the awareness campaign.
• Circumvention of the SC&D procedures may be attempted. This needs to be dealt with firmly, particularly where unauthorised PC software is introduced into the organisation as this is the most likely entry point for software viruses and other malicious software.
• Circumvention of SC&D, change and configuration management procedures to make urgent fixes should also be banned as the dangers involved are too great.
• There may be some reluctance to carry out a complete software build in the live environment instead of copying over software from the test environment. This is, however, essential unless the two environments are in every way identical - which is very unlikely.
• In the case of distributed systems, difficulties may be caused if new versions of software are not brought into use on time or as required. This problem can be avoided if central control facilities, automated if possible, are used, backed up by regular configuration audits.
• When the new procedures are implemented there may be a temptation to retrofit them, from the outset, to all software. This could be wasteful, and it is generally better to apply the procedures initially only to newly released software. At the point when the effort involved is considered justifiable - this is likely to occur only when the percentage of software not yet controlled under the new procedures is quite small (typically between 20% and 5%) - consideration should be given to retrofitting the new procedures to existing software.
• Some people (including IT Management) may regard the SC&D procedures as cumbersome and expensive.

       There are other problems that may be offered here by candidates, for example:

• lack of support by management, making it hard to get the funding required
• resistance from local staff administering their own local processing
• inadequate support from Configuration management, change management and other ITIL processes
• external pressures for urgent/untested/unapproved change

1 mark for each relevant and explained possible problem.