Service Ownership Standards

Change Management is a set of processes and procedures that provide a systematic approach for managing changes to IT systems, services, and infrastructure to minimise business disruption.

Release management refers to the process of planning, designing, scheduling, testing, deploying, and controlling software releases.  

Why is this important?

Unmanaged change to services and systems can result in business disruption and unintended negative impacts to service users. Change management is an IT Service Management (ITSM) discipline that ensures changes are effectively introduced and negative impacts and disruption avoided.

This dimension ensures ongoing compliance of the Service with Cyber Security Policy and Standards.

Why is this important?

Cyber and regulatory compliance ensures the security of our information resources, and the privacy of our students and staff which are essential to UNSWs operations.

Provision of support and training materials for end user of the service or system; for example, administrative staff in faculties who use the system to perform their work  

Why is this important?

End user support, documentation and training enables staff to feel empowered and supported in their use of a service or system, so that they can get their jobs done effectively. 

This dimension involves the reviewing of service budgets and expenditure plans to ensure financial health; managing all costs and resources required to deliver and manage the service. Financial management and vendor management are closely aligned.

Why is this important?

Financial budget and resource management ensures that the resources required to operate the service are in place, including the budget to pay for essential third-party costs such as licensing and support.

An incident is an unplanned interruption or reduction in the quality of an IT service. Incident management is the process responsible for managing the lifecycle of all incidents. Incident management ensures that normal service operation is restored as quickly as possible and the business impact is minimised. This includes Major Incident Management and Post Incident Reviews. 

Why is this important?

The goal of Incident Management is to restore normal service operation as soon as possible and minimise the impact on business operations. If Incident Management is not performed, a service or system could remain unavailable for an extended period of time resulting in major business disruption and potential financial impacts.

This dimension ensures that data and information is managed in compliance with UNSW Data Governance Policies and Standards.

Why is this important?

Correct governance and legislative compliance of our data and information keeps our services, customers, staff and students safe.

At UNSW, the Configuration Management Database (CMDB) tool in our organisation's ITSM toolkit is called 'CA Service Desk', and is commonly referred to as CASD.

CASD holds information about services including service name (CI), description, service role assignments, incident and support assignment groups. All incidents, requests and changes need to be logged against this entry in the CMDB. 

Why is it important to keep service offering records up to date?

Up to date records ensures services and systems are holistically understood and that the right people can be contacted to resolve issues.

This dimension involves both the planning and execution of proactive ongoing preventative maintenance. This is required to keep technology components current so that it is within support and recommended security versions.

Why is this important?  

Preventative Maintenance reduces the risk system failure or security breaches as well as keeps software applications updated with the latest features.

Risk management is the identification, assessment and control of service risks 

Why is this important?

Risk enables UNSW and its controlled entities, through understanding uncertainty, complexity and their impacts on strategic objectives, to maximise opportunity, build resilience and enable insights that support effective decision making and governance.

Security Patching is the timely application of relevant updates or fixes to software systems to address known vulnerabilities or security weaknesses. 

Why is this important?

Scheduled and as-required security patching ensures that any vulnerabilities or weaknesses in services or systems are addressed so that we can keep our customers, users and university safe.

A collection of back-up and recovery procedures to be followed in the event of a disaster or damaging event that affects UNSW IT services.

Why is this important?

A tried and tested disaster recovery plan ensures that systems and services can be restored in the event of a major failure

The creation of the service lifecycle roadmap aligns with the vision of the Business Owner and defines the activities of the service from launch through to service improvement to service sunset  

Why is this important?

A clear and considered service lifecycle roadmap enables a future proof service vision that supports and delivers on business outcomes of a service, system or process

Service monitoring is the process of monitoring service performance, availability, and end-user experience to ensure it is functioning properly. Includes both automated technical monitoring as well as manual service performance and compliance against Service Level Agreements (SLAs).  

Why is this important?

Consistent Service Monitoring, Alerting and Reporting provides teams with an ability to identify potential issues with a service before they become an incident impacting users

The Service support model is captured in the Service Management Pack (SMP) and defines the key service attributes including service criticality, service level agreements, roles and support processes and groups responsible for the various technical parts of the service. 

Why is this important?

An up-to-date Service Support Model ensures seamless and accountable management of a service, system and all involved processes.  

Solution architecture captures the design of the application and any integrations. Technical and technical support documentation is typically contained in Confluence for technical support staff 

Why is this important?

Technical documentation ensure that teams can effectively support a system and introduce change efficiently

User Access Management is the process by which users are added and removed and what access they have within the system (to data and functions)  

Why is this important?

User Access Management ensures that we are compliant with privacy legislation, and we manage risk associated with inappropriate access to data and functions within a system.

This dimension covers the management of third-party suppliers that contribute to the delivery of the service and monitoring their performance. Renewal of contracts – for example, software licensing, managed services. 

Why is this important?

Correct management ensures that third-party suppliers essential to the delivery of the service are appropriately managed so that the service is effective.