SIAM Foundation

Training Workshop
 NovelVista Learning Solutions Pvt Ltd
 Accredited Training Organization (ATO) & Approved Exam Center (AEC) to
conduct all levels of ITIL & Prince2 Examinations.
 Trained more than 25000+ professionals in India and other countries
 Conducts corporate and public trainings in following areas:
 ITIL Foundation, Intermediate, Expert, SIAM
 Project Management –PRINCE 2, PMP
 CSM – Certified Scrum Master
DevOps
 Cloud Computing Certification, AWS, Azire
 Lean-Six Sigma Certification
 COBIT 5 Certification
 Managing Successful Program (MSP)
 ISO 20000 & ISO 27002 Certification

2
Service Integration And Management
(SIAM) Foundation
Agenda
Course Objective

Part I - SIAM Body of Knowledge

1. General Introduction
2. SIAM Implementation Roadmap
3. SIAM Roles and Responsibilities
4. SIAM Challenges and Risks
5. SIAM and Other Practices

Part II - SIAM Process Guide

Exam Information

01/01/2017
Course Objectives
EXIN BCS SIAM® Foundation is a foundation level certification. It
validates a professional’s knowledge about bringing together multiple
service providers to strive for a common goal in order to support the
client organization’s agreed objectives for service delivery.

After completing this course the participant will have knowledge of and
be able to understand:
– SIAM terminology and the core principles
– SIAM benefits
– The challenges and risks of implementing SIAM
– SIAM implementation structures
– SIAM governance, tooling and data considerations
– Common processes used in a SIAM-ecosystem.
 Part I - SIAM Body of Knowledge

01/01/2017
 1. Introduction to Service
Integration and
Management
Weight: 15%
Managing Multiple Suppliers/Vendors –
Is it Easy?
Is it easy to manage multiple vendors?
What is the common issue that occurs when incidents occur?

8
 Watermelon Effect
SLA’s all Green Customer is Unhappy

9
Beware of Availability Dependency

10
What is Service Integration &
Management

 Service Integration and Management (SIAM) is a

management Methodology that can be applied in the
environment that includes Services sourced from a
number of Service Providers

11
SIAM is Important

In a time of continual business change it is essential that an organisation has a consistent,

shared vision, underpinned by a robust operating model..

“Service Integration And Management (SIAM) is a framework for managing multiple suppliers of
information technology services and integrating them to provide a single business-facing IT
organization.”

76% 21-100 31% 82%

Companies have
Companies have to improve
Average number Companies have
Integrated competencies to
of supplier per implemented
Service manage multi
company SIAM framework
Catalogue sourcing
successfully

Giant IT Service providers are building strong competencies to execute SIAM projects
13
 Customer Vision Vs SIAM Deliverables

End to End SLA On-time Delivery

SLA to BLA
Achievement for Cataloged items

Support to Digital Full cost

Business Agility
Transformation variability

TCO to TCC Charge Back Cost Optimization

14
Drivers, purposes and values for a SIAM approach
Drivers:
• Service satisfaction
• Service and Sourcing Landscape
• Operational Efficiencies
• External
• Commercial

• Purpose:
• obtain the benefits of multi-sourcing of services with the simplicity of single sourcing
• minimize the risks inherent in multi-sourced approaches
• masking the supply chain complexity from the consumers of the services
• allowing a customer organization to focus on the their business, rather than focusing
on service providers and technology
• enables the flexibility and innovation to support the pace of change demanded by
organizations

• Value from:
• Improved service quality
• Optimized costs and increased value
• Improved governance and control
• Improved flexibility and pace

01/01/2017
What’s New with SIAM?
 Many organizations now outsource almost all their IT
 And are transitioning from single vendor outsourcing
model to multiple-vendors model.
 Total outsource to multi-vendors is complicated.

 Arising from above

 Best practices specific to SIAM (and especially for
total-outsourced IT) are starting to be compiled
 Public
 Proprietary
 Service providers starting to offer SIAM function as a
dedicated service.
 ITSM tools catering better to SIAM functionality.

16
 SIAM vs ITIL

• SIAM is not replacement for ITIL

• Service Integration & Management is

effectively a means of implementing ITIL in a
multi-vendor supplier environment .

• SIAM Provides
• Governance,
• Integration,
• Assurance
• Co-ordination
to ensure that customer organization gets
maximum value from its Service Providers.

17
 Service Integrator Approaches
1 Single Supplier (Full E2E) Outsourcing 2 Client Organization act as an SI
Client Client
Business Business

Single Supplier
SI
SI
Outsourced Services/Suppliers

Application Application IT Service Application Application IT Service

Development Maintenance Infrastructure Desk Development Maintenance Infrastructure Desk

3 Lead Supplier act as an SI * 4 Outsourcing SI as a separate Supplier

Client Client Outsourced SI
Business Business SI

SI
Outsourced Services/Suppliers
Outsourced Services/Suppliers

Application Application IT Service Application Application IT Service

Development Maintenance Infrastructure Desk Development Maintenance Infrastructure Desk

01/01/2017
Model 1: Single Supplier (Full E2E) Outsourcing
Outsourced to ‘Single Provider’ to provide Infrastructure and SI services
PROS :
• Offers a platform for strategic partnership
underpinned by fewer yet effective and
business aligned SLAs
• Tighter tool integration and opportunities for
service improvements and automation
• Offers excellent opportunity for resource
optimization and collaboration

CONS :
• Knowledge of local business and business
services is extremely critical to success of this
model. There may be lead times for Service
provide to build local business knowledge
• The SI partner/role must be behaviourally
recognised by the other service providers

Key Highlights:
• This model acknowledges that infrastructure capabilities are critical to delivery an
effective service integration layer
• Strategic supplier with excellent capabilities in ITSM Process, Service
Management, Supplier & Contract Management and Infrastructure Services to
provide integrated ITSM capabilities
• Model offers selective retention of critical Service Strategy functions
Model 2: Client Organization act as SI
Customer Retains Service Management part of SI
PROS :

INHOUSE
RETAINED
• Maximum transparency and control over
services consumed and costs
• Better leverage in effectively managing
business users and business IT alignment
• Integrated IT Services experience

CONS :

OUTSOURCED
• Risk of adequate service integration and
integrated service delivery control carried
• Overheads of Supplier, Contract and Service
Level Mgmt
• Required continued investment in developing
and sustaining ITSM process capabilities as
‘core capabilities’

Key Highlights:
• Adopted by organizations with strong processes capabilities
• All service integration and management processes & structures retained including
tools framework
• Certain service mgmt functions outsourced i.e. ITSM process definition, service
desk, tools mgmt etc for cost efficiencies
Model 3: Lead Supplier Act as SI
Co-Sourced along with Service Provider
PROS :
• Greater management control with customer to
manage suppliers. dock-in and dock-out of
suppliers can be easily achieved with minimum
disruption to operations
• Centralised service information such as Asset
data, configurations, application details, costs
etc enabling better strategic planning.
• Online and automated reporting of service
performance, availability can be easily
implemented thus requiring smaller team to
deliver Service integration and governance

CONS :
• High dependence on underpinning
collaborative agreements/contracts and
segregation of responsibility
• The SI partner/role must be behaviourally
recognised by the other service providers
Key Highlights:
• Highly effective service management model that leverages specialist process and
tool capabilities of SI service provider, business proximity and service control of
customer organization and service operations capabilities of tower-services
service provider
• Can be deployed as a B-O-T model to achieve faster time to market
• *B-O-T – Build Operate Transfer
Model 4: Outsourced to SI as Separate Supplier

PROS :
• No CAPEX investment for service
management tools
• Service Management function is still managed
by a single vendor
• Centralised operational data available for
online reporting and strategic planning
• Benefits of outsourcing fully realised

CONS :
• Ownership of Service Management will be
with the SM supplier
• Limited flexibility to interface with business
and provide management at business services
• Potentially most expensive model of all, owing
to significant duplication between customer &
SIAM provider and SIAM provider & Tower
service provider orgs.

Key Highlights:
• Customer buys Service management service from a supplier
• The tools, processes and management would be provided by the supplier and
would charge monthly fee to the customer.
• Suppliers of each Service Delivery Tower would use this solution for delivery of
their services or would integrate their tools with the tools provided by Service
management supplier
 Key Characteristics of SIAM
• Build on and adopt ITIL & other Practices

• Simplifies Complexities of Multi-sourcing

• Provides the business with single point of visibility,

control and accountability for end to end services

• “One throat to choke”

23
 Scope for SIAM

Business and Retained IT Organization

Service integrator
SI Governance
Drive Processes, Collaboration and systems for optimal alignment of multiple service
providers, delivering “End to End” services to maximum business value

Service Vendor Transformation Program Risk & Compliance

Management Management Management Management Management

Maximize value Ensure future Safeguard

Ensure end to
from vendors by readiness by Drive alignment organization
end service
optimizing driving across programs from business
delivery to vendor base and achievement of and projects for risk through
support vendor target overall benefits adequate
business needs performance
architecture controls

Application Application IT End User Network

Service

Data Center Service

Towers

Development IT Operations
Maintenance Infrastructure Service Service
Tower Tower Tower-N
Tower Tower Tower Tower Tower
 Detailed Scope of SIAM

Business and Retained IT Organization

Service integrator
SI Governance

Service Vendor Transformation Program Risk & Compliance

Management Management Management Management Management
Procurement and Project/Program Risk and Compliance
Service Strategy Sourcing
Architecture management
portfolio management Management
Contract Identify and Access
Service Design Transformation Project Planing
Management management
Information Security
Service Transition Vendor Performance Innovation Benefits management
Management
Management
Organization Change Service Continuty
Service Operations Quality Assurance Management
Management
Billing and Invoicing
Continual Service Program Governance
Integrated Improvement and Reporting
Service Desk

Application Application End User

Service

It
Towers

IT Operations Data Center Network Service

Development Maintenance Infrastructure Service
Tower Tower Service Tower Tower-N
Tower Tower Tower Tower
 A customer with a light version of SIAM
Business and Retained IT Organization

SI Governance
Service integrator

Service Vendor Transformation Program Risk & Compliance

Management Management Management Management
Management
Procurement and Project/Program Risk and Compliance
Service Strategy Sourcing
Architecture management
portfolio management Management
Contract Identify and Access
Service Design Transformation Project Planing
Management management
Information Security
Service Transition Vendor Performance Innovation Benefits management
Management
Management
Organization Change Service Continuty
Service Operations Quality Assurance Management
Management
Billing and Invoicing
Continual Service Program Governance
Integrated Improvement and Reporting
Service Desk
Service
Towers

Application Application IT It End User Network

Data Center Service
Developmen Maintenanc Operations Infrastructur Service Service
Tower Tower-N
t Tower e Tower Tower e Tower Tower Tower
 A customer with a larger SIAM scope (Manufacturing)
Business and Retained IT Organization

SI Governance
Service integrator

Service Vendor Transformation Program Risk & Compliance

Management Management Management Management
Management
Procurement and Project/Program Risk and Compliance
Service Strategy Sourcing
Architecture management
portfolio management Management
Contract Identify and Access
Service Design Transformation Project Planning
Management management
Information Security
Service Transition Vendor Performance Innovation Benefits management
Management
Management
Organization Change Service Continuty
Service Operations Quality Assurance Management
Management
Billing and Invoicing
Continual Service Program Governance
Integrated Improvement and Reporting
Service Desk
Service
Towers

Application Application IT It End User Network

Data Center Service
Developmen Maintenanc Operations Infrastructur Service Service
Tower Tower-N
t Tower e Tower Tower e Tower Tower Tower
Summary
 Definition : “Service Integration And Management (SIAM) is a management
methodology that can be applied in an environment that includes services
sourced from a number of service providers.”

 Drivers:
 Service satisfaction
 Service and Sourcing Landscape
 Operational Efficiencies
 External
 Commercial

 Service Integration Approaches :

 Externally Sourced
 Internally Sources
 Hybrid
 Lead Supplier

01/01/2017
 2. SIAM Implementation
Roadmap
Weight: 20%
SIAM Implementation

Discovery Plan & Run &

Implement
& Strategy Build Improve
SIAM implementation key stages
SIAM Roadmap
4 iterative stages: • Checkpoints for each stage will
• Discovery and Strategy consider:
• Plan and Build • Actual outputs from the
• Implement stage against those intended
• Run and Improve • Risks
• Issues
• Elements for each stage are:
• Plan for either the next stage
• Objectives or roll back to a previous
• Triggers stage
• Inputs
• Activities
• Outputs

01/01/2017
Discovery and strategy
To initiate the SIAM transformation project, formulate
key strategies and mapping of the current situation to
determine next steps.
• Objectives
1. Establish the SIAM transition project
2. Establish a governance framework
3. Define the strategy and outline model for SIAM and the
services in scope
4. Analyze the current state of the organization, including skills,
services, service providers, tools and processes
5. Analyze the marketplace for potential service providers and
service integrators
• Triggers
• Business case to adopt SIAM.

01/01/2017
Discovery and strategy

Inputs Activities Outputs

• Enterprise, corporate, and 1. Establish the project • An established project
IT governance standards 2. Define strategic objectives • Strategic objectives
• Current business, 3. Define governance • Governance requirements
procurement and IT requirements and high-level and high-level SIAM
strategies framework governance framework
• Business requirements and 4. Define principles and policies • Defined principles and
constraints for roles and responsibilities policies for roles and
• Current organization, 5. Map the existing services and responsibilities
processes, products and sourcing environment • Map of existing services and
practices 6. Assess the organization’s sourcing environment
• Existing service provider current maturity and capability • Current maturity and
information, including 7. Understand the marketplace capability levels
existing contracts and 8. Define the strategy for SIAM • Market awareness
agreements and the outline SIAM-model • Approved outline business
• Understanding of market 9. Produce the outline business case for SIAM
forces and technology case • Strategy for SIAM
trends • Outline SIAM-model

01/01/2017
Plan and build
This stage builds on the outputs from the previous stage
to complete the design for SIAM and create the plans for
the transformation.
• Objectives
1. Complete the design of the SIAM-model, including the
services that are in scope
2. Obtain full approval for the SIAM-model
3. Appoint the service integrator and service providers
4. Commence organizational change management
• Triggers
• Completion of stage 1
• The organization confirms its intention to proceed with a
SIAM implementation.

01/01/2017
Plan and Build
Inputs Activities
• Governance requirements 1. Design the detailed SIAM-
and high level SIAM model
governance framework 2. Approve the full business
• Defined principles and case
policies for roles and 3. Commence organizational
responsibilities change management
• Map of existing services and 4. Appoint the service
sourcing environment integrator
• Current maturity and 5. Appoint service providers
capability levels 6. Plan for service provider
• Market awareness and service retirement
• Approved outline business 7. Review stage and
case for SIAM approve implementation
• Strategy for SIAM
• Outline SIAM-model
01/01/2017
Outputs
• Full design of the SIAM-
model including:
• Services, selected
SIAM structure,
Process models,
Practices, Structural
elements, etc.
• Approved business case
• Organizational change
management activities
• Service integrator
appointed
• Service providers appointed
• Plan for service provider
and service retirement
Implement

The objective of this stage is to manage the transition from the

organization’s ‘as is’ current state to the ‘to be’ desired future state,
the new SIAM model. At the end of this stage, the new SIAM model
will be in place and in use.
• Objectives
• To manage the transition of the previous ecosystem from the ‘as is’ current
state to the ‘to be’ desired future state, the new SIAM-model. At the end of
this stage, the new SIAM-model will be in place and in use.
• Triggers
• Completion of stage 2
• The end of an existing service providers contract
• An existing service provider ceasing to trade
• Organizational structure changes due to corporate restructure or takeover,
• …

01/01/2017
Implement
Inputs Activities Outputs

• All of the outputs 1. Selecting the implementation • The new SIAM-model that
from the Discovery approach is in place and operating
and Strategy and 2. Transition to the approved and supported by
Plan and Build SIAM-model appropriate contracts and
stages 3. Ongoing organizational agreements
change management

01/01/2017
Run and improve

• Doing the ‘business as Inputs Activities Outputs

usual’ and making
improvements • The SIAM- 1. Operate • Run outputs:
business as
• Objectives •
model
Process
governance
structural usual
• Manage the SIAM-model models elements outputs
• Manage day to day service • Performance 2. Performance including
delivery management management reports,
• Manage processes, teams and reporting and service data
and tools framework improvement and process
• Manage the continual • Collaboration 3. Operate data
improvement activities model for management • Improve
providers structural outputs:
• Triggers • Tooling elements information
• Completion of stage 3 strategy 4. Audit and used to
• If implement is phased: • Ongoing compliance evolve and
improvement 5. Reward continually
• Acceptance of elements of
delivery in an incremental framework 6. Ongoing improve the
way. change SIAM-model
management

01/01/2017
Summary
Service Integration Implementation Key Stages :
• Discovery and Strategy
• Plan and Build
• Implement
• Run and Improve

Checkpoints for each stage will consider:

• Actual outputs from the stage against those intended
• Risks
• Issues
• Plan for either the next stage or roll back to a previous stage

01/01/2017
 3. SIAM roles and
responsibilities
Weight: 10%
Customer Organization
Description The customer’s role within the SIAM-ecosystem is that of the commissioning organization. It also includes
the retained capabilities that carry out corporate governance of the SIAM-ecosystem.
 Strategic direction
 Enterprise architecture
 Policy and standards management
 Procurement
 Contract management
Typical  Demand management
Accountabilities  Financial and commercial management
 Service portfolio management
 Corporate risk management
 Governance, including governance of any external service integrator
 Accountability for program and project management

 Head of IT, Head of service, Service owner(s), Enterprise architect, Service architect, Board: CFO, CIO,
Typical Roles
CSO, etc.
 Defines and assures a core set of policies, standards, procedures and guidelines
 Develops and owns the IT strategy and strategy for SIAM that align with and support the business
strategy
 Develops and owns enterprise architecture, defines the technology, data and application roadmap,
defines the service scope for SIAM
 Provides overarching program and commercial management
Typical
 Assures and governs the service integrator
Responsibilities
 Manages the service provider relationships at an executive/commercial level
 Overall management of risk
 Resolves contractual disputes
 Owns business relationships and acts as “intelligent customer” function
 Defines end to end service budget

01/01/2017
Service Integrator
The service integrator layer of the SIAM-model is where end to end service governance, integration,
Description assurance and coordination are performed.

 End to end:
o service management, performance management, service reporting
Typical  Service governance and assurance
Accountabilities  Tracking value for money
 Continual service improvement

 Head of service integration, Service delivery manager(s), Service manager(s), Process owner(s), Process
manager(s), Service assurance manager(s), Performance manager(s), Security manager(s)
Typical Roles

 End to end service management across the service providers and the interface into the customer
organization
 Managing service provider relationships at an operational level
 Acting as the customer’s “agent”
o Managing end to end performance management of all service providers
o Coordination of the service providers:
Typical o Assuring service provider performance and service delivery
Responsibilities o Governing the service providers, as delegated y the customer organization
 Facilitating process forums
 Managing operational supply and demand for services and capacity
 Consolidated service reporting and Providing service communications
 Provision and management of an integrated service management toolset
 Managing the performance of service providers against contractual and service targets

01/01/2017
Service Provider
Description Within a SIAM-ecosystem, there are multiple service providers. Each service provider is responsible
for the delivery of one or more services, or service elements, to the customer. It is responsible for
managing the products and technology used to deliver its contracted or agreed services. The service
providers can be part of the customer organization or external to it.

Typical  Delivering services required by the customer to defined and agreed standards, policies and
Accountabilities architecture
 Exhibiting required behaviours for cooperation, collaboration, improvement and innovation
 Ensuring cross-service provider service management processes are followed
 Working collaboratively with suppliers and the service integrator to resolve issues, incidents and
problems, identify improvement opportunities and meet customer outcomes

Typical Roles  Service manager(s), Account manager(s), Process owner(s), Process manager(s), Technical staff,
Service management staff

Typical  Delivery of technology and products to deliver services, at agreed service levels and cost
Responsibilities  Integrating internal service management processes with the end to end service management
processes
 Adhering to: policies, standards and procedures defined by the customer and architectural design
standards
 Working collaboratively with the service integrator and other service providers
 Taking part in structural elements, including process forums

01/01/2017
SIAM Roles and Responsibilities
Structural elements
Strategic - Executive Boards
• Provide governance and
oversight
• Support establishment of a
SIAM culture
• Attendees are senior staff
with accountability for the
SIAM model
• Additionally each service
provider has an individual
executive board with the
customer and the service
integrator to all a service
provider to discuss
commercial performance
and sensitive issues.
01/01/2017
Tactical Boards
• Sits between the strategic
and operational boards.
• Forms part of the
preparation for the
operational board and can
be used to carry out
discussions before meeting
with the customer
• Identifies items for
escalation to the strategic
board
• Acts as a point of
escalation for operational
boards
Operational Boards
• The main operational
board convenes to discuss
and review low level
service performance
• Acts as an escalation point
for all other operational
boards and process forums
• Other operational boards
will be scheduled as
required to support
decision making; e.g. the
integrated change advisory
board.
• There will be other
Working Groups and
Forums referred to as
(such as Integrated CAB,
Knowledge Management
Forum)’ These working
groups, boards and
process forums span the
SIAM layers
• There are also generic
roles:
o Process owner
o process manager
o service owner
o service manager
Service Desk
• A ‘single source of truth’ - role
may vary
• The organization providing the
service desk will be treated and
managed as a service provider
• Close relationship between the
Integrator and the service desk is
required
• Sourcing options:
- Within the customer
organization; internal service
provider.
- Provided by the integrator
Externally sourced (unskilled >
skilled)
- Service desk for each service
provider; integrator provides a
consolidated ‘view’.
• SIAM skills needed
Summary
Service Integration Roles and Responsibilities
• Service Integrator
• Customer Organization
• Service Provider

01/01/2017
Set-up SIAM Governance

01/01/2017
 4. SIAM practices
Weight: 15%
SIAM Practices
• Definition of ‘practice’
“the actual application or use of an idea, belief, or method, as opposed to
theories relating to it.”
(source: Oxford English Dictionary © 2016 Oxford University Press)

• ‘Practices’ show how to apply SIAM to meet the challenges

of real world application
• Four SIAM practices
1. People practices
2. Process practices
3. Measurement practices
4. Technology practices

01/01/2017
People practices: Managing Cross-functional
Teams
• Definition: • Challenges:
“A cross-functional team is a group of • Conflicting objectives,
people with different functional expertise organizational strategies and
working toward a common goal. It may working practices
include people from finance, marketing,
operations, and human resources • Reluctance to share knowledge
departments. Typically, it includes employees • Lack of automation
from all levels of an organization.”
(Source: Wikipedia)

• Team members may from be • Practices:

virtual and from different • Roles and responsibilities (RACI)
organizations and SIAM layers. • Clear goals and objectives
These teams are referred to as
“structural elements” • Knowledge, data and information
• Communication
• Three types of structural • Toolset integration
element/cross functional team:
• Boards
• Process forums
• Working Groups (e.g. major
incident working group or
integrated CAB)

01/01/2017
Process Practices: Integrating Processes
across Service Providers

• Definition: • Challenges:
“a process is a documented, repeatable
approach to carrying out a series of
• Service providers do not
tasks or activities.” (source: SIAM BoK) integrate their
processes or share
• Practices: process details
• Focus on process • Gaps between process
outcomes activities
• Continual process • Time-consuming and
improvement manual reporting
• Establishing process • Poor relationships
forums between service
providers/blame culture
01/01/2017
Measurement Practices: Enable and
Report on End to End Services
• End to end service measurement • Practices:
refers to the ability to monitor an • Create a reporting
actual service, not just its framework
individual technical components
or providers. Effective • Make reports visual
measurement practices support • Use qualitative and
the reporting framework. quantitative measures
• Challenges: • Apply agile thinking
• Lack of strategic
requirements
• Reluctance to share
information
• Inability to map end to end
workflow
• Not measuring the correct
amount of data and
information

01/01/2017
Technology Practices: Creating a Tooling
Strategy
• A tooling strategy outlines the
requirements for a toolset/s
to support the SIAM-
ecosystem. It will include
functional and non-functional
requirements, the processes
that need to be supported,
standards for interfacing to
the toolset(s) and a roadmap
for future development.
• Challenges:
• Ineffective legacy tools
• Defining the toolset scope
• Non-compliant service
providers
• Lack of architecture
• Practices
• Technology strategy and
roadmap
• Industry standard
integration methods
• Ownership of data and
toolsets
• Ease of adding/removing
service providers
• Adopting a common data
dictionary

01/01/2017
SIAM ITSM Tool Interfaces

01/01/2017
SIAM ITSM Tool Interfaces… 2

01/01/2017
Summary
SIAM Practices
• People practices: Managing Cross-functional Teams
• Process Practices: Integrating Processes across Service Providers
• Measurement Practices: Enable and Report on End to End Services
• Technology Practices: Creating a Tooling Strategy

01/01/2017
 Selecting a SIAM Provider - Criteria
1. Neutrality – lack of conflict of interest
2. Experience in SIAM
3. SIAM governance/management framework
4. ITSM tool multi-vendor integration capability
5. Service Catalog/CMDB/Performance Monitoring multi-
vendor integration capability
6. Proven end-to-end service quality
7. Ability to maintain good collaborative working
relationship with multi-vendors
8. Ability to cater to handover to new SIAM provider at
end of contract period (i.e. minimal lock-in)

01/01/2017
 5. SIAM challenges, risks
and potential mitigations
Weight: 17.5%
9 common challenges within a SIAM ecosystem

1. Building Business case

2. Cultural Challenge
3. Behavioural Challenge
4. Level of Control and Ownership
5. Security
6. Measuring success
7. Trust
8. Commercials
9. Legacy Contract

01/01/2017
The common challenges within a SIAM
ecosystem
Building the business case
• The business case for SIAM should include:
• the expected benefits and costs
• the drivers that apply to the organization, drawn from
the five SIAM driver groups.
• Parties affected
• The customer that is creating the business case
• An external service integrator
• Roadmap stage affected
• Starting in Discovery and Strategy all the way through
the roadmap.
01/01/2017
The common challenges within a SIAM
ecosystem
Building the business case
Associated Risks
• No approval by the customer
organization’s executives
• Lack of allocated resources or support
from the executives
• No clear picture of the benefits
• The success of the program cannot be
measured (no benefits defined)
• Costs understated (not enough budget
available)
01/01/2017
Potential Mitigation
• Proper business case by skilled staff
• Execute all the activities in the roadmap
• Link the SIAM and customer’s high level
strategy and objectives
• Identify and address each of the
appropriate drivers
• Refine the business case (detail)
• Identify any current inefficient contracts
• Identifying good value contracts
• Use industry data/benchmarks
• Include the proposed SIAM structure and
SIAM-model
• Document the expected benefits
The common challenges within a SIAM
ecosystem
Cultural Change
• Cultural change is needed
• Transition to SIAM means a large program of change and
transformation. This includes:
• Internal role changes
• Building SIAM expertise and capabilities
• A new management style
• Empowerment of the service integrator
• Collaboration: different service providers means different
corporate cultures, but they need to work together to meet
customer outcomes.

01/01/2017
The common challenges within a SIAM
ecosystem
Cultural Change
Associated Risks Potential Mitigation
• Staff being moved between organizations: • Clear definition of the SIAM model and all
‘identity & loyalty’ associated roles and responsibilities (at all
levels)
• Change fatigue • Customer perspective
• Denial: keep using old processes and • ‘good’ change processes
procedures • Program management
• External expertise
• Contacting the customer instead of the
service integrator • Understanding of what needs to be retained
• Customer and service integrator perspective
• Changes disrupt the customer organization
• Governance structure(s)
• Service integrator and service provider
perspective
• Alignment of communication (plans)
• Service provider perspective
• Understanding the other organizations
• Commitment to collaboration

01/01/2017
The common challenges within a SIAM
ecosystem
Collaboration and Cooperation
• Collaboration and Cooperation in a SIAM-ecosystem is
different
• Competitors become ‘partners’
• Silos and blame culture need to be addressed
• New focus:
• Relationships (particularly cross-provider relationships
• governance controls
• pursuit of common goals
• Cultural considerations
• Fix first, argue later
• The service integrator is the voice of the customer
• Empowerment of the service integrator
• Create an environment that is focused on business outcomes
and the customer
01/01/2017
The common challenges within a SIAM
ecosystem
Culture, collaboration and cooperation
Associated Risks Potential Mitigation
• Service integrator’s perspective: • All parties:
• Service providers bypassing the • Create a ‘code of conduct’
service integrator
• Sign collaboration agreements
• Service provider’s perspective:
• ‘Fix first argue later’ being abused • Service integrator and ‘each’ service
and thus costing money provider
• Reluctance to collaborate
• OLA’s
• Lack of trust
• Internal service provider’s
perspective
• Reluctance to collaborate with
external parties
• No official contractual
imperatives

01/01/2017
The common challenges within a SIAM
ecosystem
Cultural Fit
• Different service providers means different
corporate cultures, but they need to work together
to meet customer outcomes.
• Parties affected
• Customer
• Service integrator
• Service providers
• Roadmap stage affected
• Starting in Plan and Build, the issues may/will increase
during the Implement stage, and may worsen during
Run and Improve.
01/01/2017
The common challenges within a SIAM
ecosystem
Cultural Fit
Associated Risks
• Service providers
• not working well together
• not interacting with processes
and procedures
• End to end service targets not
being met
• SIAM benefits not delivered to the
customer organization
• The service integrator not able to
fulfil their role
• Frustration (say A, do B)
01/01/2017
Potential Mitigation
• Be aware of the risk, identify and
intervene
• Assess cultural fit during
procurement and use this for
selection
• Encourage a culture of collaboration
• Use collaboration agreements
• Demonstrate correct behaviour
• Establishing SIAM structural
elements to build relationships and
reinforce culture
The common challenges within a SIAM
ecosystem
Behaviours
• When major organizational changes occur many
people ‘revert to old ways’
• This diminishes SIAM value
• Contractual clauses alone are not enough
• Parties affected
• Customer
• Service integrator
• Service providers
• Roadmap stage affected
• Typically during Run and Improve, but also during the
Implement stage.
01/01/2017
The common challenges within a SIAM
ecosystem
Behaviours
Associated Risks
• Service provider staff
circumventing the service
integrator
• Service providers not engaging
fully
• Service integrator perceived as
being biased
• Service integrator acts in a
dictatorial way
• Customer and service integrator
do not present a united front
• Relationships rely on specific
people, not procedures and roles
• Service levels not being met
01/01/2017
Potential Mitigation
• Continual reinforcement of correct
behaviour
• Customer and service integrator
provide a united front
• Ongoing training and creation of
awareness
• Behaviour reviews and audits
• Collaboration agreements
• Communications based on a plan
• Accountabilities taken serious
• Customer and service integrator being
realistic about what can be achieved
• SIAM structural elements
• Reward good behaviour!
The common challenges within a SIAM
ecosystem
Level of control and ownership
• The customer organization needs to consider how it
will balance the level of control it wants to have
over service provision, processes, tools and data
against the benefits.
• Parties affected
• Customer organization (mainly)
• Roadmap stage affected
• High level of control and ownership to be decided during
Discovery and Strategy (more detail added later).

01/01/2017
The common challenges within a SIAM
ecosystem
Level of control and ownership
Associated Risks
• Customer
• not prepared to relinquish
ownership of service activities and
processes
• relinquishes all control and
accountability
• Data at risk; level of control associated
with data too restrictive or not restrictive
enough
• Ownership of data is not defined
01/01/2017
Potential Mitigation
• Define a clear vision and select an
appropriate SIAM structure and SIAM-
model
• Ensure that the customer organization
understands the difference between
governance and management
• Implement clear policies for data, tooling
and processes
• Define ownership
The common challenges within a SIAM
ecosystem
Security
• SIAM means sharing of data and information about
services across multiple service providers. Security
by default and by design is needed.
• Parties affected
• Customer
• Service integrator
• Service providers
• Roadmap stage affected
• Initially during Plan and Build. If NOT addressed then it
will cause problems later.

01/01/2017
The common challenges within a SIAM
ecosystem
Security
Associated Risks
• Lack of
• Understanding of the customer
organization’s legislative and
regulatory responsibilities
• Education on the topic
• Understanding of criticality of
information
• No agreed approach to managing
information
• Inability to map dataflows and the end to
end service for security
• No mapping and allocation of security
roles and responsibilities
• Process inadequacies
01/01/2017
Potential Mitigation
• Clear security strategy and supporting
policies
• Use of other practices like COBIT®, etc. to
help identify information assets and
dataflows
• Design and implement end to end
security management
• Implement effective processes
• Identify and complete security activities
when adding and removing service
providers
• Create a schedule for audits and testing
• Encourage a culture of openness (no
blame culture)
• Establish a process forum for security
The common challenges within a SIAM
ecosystem
Measuring success
• To demonstrate the value of SIAM it must be
measured
• Parties affected
• Customer (needs to validate the results)
• Service integrator (needs to build end to end reports)
• Roadmap stage affected
• Run and Improve (actual measurements)
• Plan and Build (definition)

01/01/2017
The common challenges within a SIAM
ecosystem
Measuring success
Associated Risks Potential Mitigation
• Not aligned with the anticipated benefits • Create an effective reporting framework
from the business case
• Clearly define who, what, when, how and
• Not measuring: why
• the right things • Regular reviews of reports to confirm
• enough they are still fit for purpose
• Measuring too much • Use a mix of qualitative and quantitative
measures
• Not being able to measure services from
end to end

01/01/2017
The common challenges within a SIAM
ecosystem
Trust / eliminating micro-management
• Trust between all parties is essential in SIAM-
ecosystems and can lead to duplication and micro-
management.
• Parties affected
• Customer organization
• Service integrator
• Service providers
• Roadmap stage affected
• Run and Improve

01/01/2017
The common challenges within a SIAM
ecosystem
Trust / eliminating micro-management
Associated Risks Potential Mitigation
• Larger than needed retained customer • Careful design of the SIAM-model
organization
• Customer organization continuing its old • Adopt a phased approach to the
ways implementation of SIAM
• Process and service activities duplicated • Have regular communication and culture
• Customer wasting time and resources of improvement to identify and discuss
micro-managing and checking the work micro-management and duplication of
of the service integrator effort
• Service integrator wasting time and • Establishing effective structural elements
resources for extra, unnecessary reports
to support relationships and build trust
• Service providers continue direct
interaction with the customer
• Other risks related to micro management

01/01/2017
The common challenges within a SIAM
ecosystem
Commercial challenges
• The customer, the service integrator and the
service providers all need to feel they are getting
what they expect and are being treated fairly.
• Parties affected
• Customer
• Externally sourced service integrators
• Service providers
• Roadmap stage affected
• Entire roadmap!

01/01/2017
The common challenges within a SIAM
ecosystem
Commercial challenges
Associated Risks
• Unrealistic targets and service levels
• Lack of clearly defined boundaries
between service providers
• Service integrator manages the service
providers from a SIAM perspective but
without any direct contracts
• Service providers impose their own
contracts with unaligned targets
01/01/2017
Potential Mitigation
• Get the right skills and experience
involved
• Define service boundaries and service
interactions
• Contractual clause: the service integrator
is the managing agent
• Make sure targets and service levels flow
down and are apportioned across service
providers
• Ensure that penalties and service credits
can be calculated correctly
• Clear and unambiguous contracts
• Schedule regular contract reviews
The common challenges within a SIAM
ecosystem
Legacy contracts
• Two main challenges:
• Not fit for purpose
• Expiry
• Parties affected
• Customer
• Service integrator
• Existing and new service providers
• Roadmap stage affected
• All stages

01/01/2017
The common challenges within a SIAM
ecosystem
Legacy contracts
Associated Risks
• Increased service integrator workload
(integrate legacy contracts into the SIAM-
model)
• Gap in service if a legacy contract expires
before a new SIAM-based contract is in
place
• Additional customer costs (extensions to
or early release of existing contracts)
01/01/2017
Potential Mitigation
• Not fit for purpose
• Create timetable, share new SIAM
vision with providers,
renegotiate/amend, investigate
termination costs, contingency plan,
guide the design approach, issue
reporting
• Expiry
• Clear understanding of all contracts,
roadmap for the transition,
contingency plans, negotiate
extension options
Summary
Common Challenges with SIAM Ecosystem
• Building Business case
• Cultural Challenge
• Behavioural Challenge
• Level of Control and Ownership
• Security
• Measuring success
• Trust
• Commercials
• Legacy Contract

01/01/2017
 6. Service Integration and
Management and other
practices
Weight: 5%
SIAM and Other Practices

ITIL /  SIAM is builds on ITIL processes, practices and techniques and adapts them to work
effectively in multi service providers environment.
IS0
 IS0 20000 is consider at the Customer layer, Service integrator layer and Service Provider
20000 layer.

 Using techniques from Lean can help to increase delivered value and maximise
Lean efficiencies in a SIAM-model
 Every step in every process should be analysed.

 Governance and Management of information become complex due to multiple

stakeholders and suppliers. The control objectives and maturity model of COBIT can be
COBIT
particularly used to manage this complexity during the Discovery & Strategy and Plan &
Build phases on SIAM.

01/01/2017
SIAM and Other Practices

 Ownership and accountability

 Culture and sharing
DevOps
 Automation
 Continual Experimentation and Learning

 Individuals and Interactions over processes and tools

 Working services over comprehensive documentations
Agile  Collaborations over contract
 Responding to change over following plan

Other
Practices

01/01/2017
 Part II - SIAM Process Guide

01/01/2017
Process and SIAM Ecosystem

 SIAM Itself is not process; however to operate effectively it relies on number of

process.

 With SIAM ecosystem process are likely to be executed

a) Across different organizations in the same SIAM layer
b) Across Organizations in different SIAM layers

 Within SIAM model these processes requires adaptation and augmentation to

support integration and coordination between the different parties involved.
They also need the alignment to other parts of the SIAM including;
a) SIAM Practice
b) SIAM Layers
c) Governance Model
d) Structure element

01/01/2017
Common SIAM Consideration
 Complexity

 Who owns the End to End process?

 Toolset Consideration

 Data and Information consideration

a) Who owns the data?
b) Who owns the intellectual property on artefacts?
c) Is data and Information consistent?
d) How is access to Shared Data, Information and Tools controlled?
e) Who is responsible for process Improvement?
f) How will compliance and Assurance will be managed?

01/01/2017
Event Management
• Process Purpose
• Event management is the process by which events are
identified through the monitoring of technology components,
systems and services and, where appropriate, action is taken.

• SIAM considerations (examples)

• Organizational design should include this function
• The rules for managing event thresholds should be defined in
a policy
• Specific tools may be required
• Targets for event diagnosis and resolution should be common
across service providers
 Sample: general process information

Event Management
Metrics:
- Number of events by type
- Accuracy of event information by type
- Number of incident avoided
- Number of failures resolved

Inputs Activities Outputs

• Auto Generated Alerts
• User reports of system failures
• Record an Event • Event Data
• Diagnose and evaluate Event • Trend Report
• Create and associated incident if • Input into related process including
required and assigned it to incident Incident and Problem Management
management process
• Close the event
• Configure and tune the even
management tool

Roles:
- Operation Team
- Service Desk

01/01/2017
Incident Management

• Process Purpose
• Incident management records and manages service issues
(known as incidents) that are interrupting the availability of a
service. The process also manages events that are degrading
or could degrade service performance.
• SIAM considerations (examples)
• Needs to support prompt restoration of service
• Need for the definition of:
• Data and information standards
• Incident priorities and severities
• Roles and responsibilities
• Targets need to recognize time for referral between parties.
Risk: passing the hot potato on
• Geography and time zones
Incident Management
Metrics:
- Number of incidents (overall, by service etc.)
- Number of incident resolved at First point of
contact
- Incidents that needed to be reopened
- CSAT with Incident Management process
- Incidents that have been incorrectly
assigned

Inputs Activities Outputs

• Events • Incident Reporting • Incident Records
• User Reports • Incident Detection • Resolve Incidents
• Incident Categorization & • Incident Reports
Prioritization • Incident Metrics
• Record Creation
• Incident investigation
• Incident Resolution
• Confirmation of Resolution
• Record updated and closed
• Incident trend analysis

Roles:
- Incident Manager
- Service Desk
- Major Incident Manager
- Technical Staff
01/01/2017
Problem Management
• Process Purpose
• Problem management is responsible for managing the lifecycle of a
problem, which is defined as the unknown underlying cause of an
incident. It is also responsible for preventing incidents and
problems from occurring or recurring.

• SIAM considerations (examples)

• Getting all parties to take part in problem management working
groups and forums
• Coordinating problem investigation and resolution activities
• Encouraging and facilitating the sharing of data and information
• Aligning targets for problem resolution
• Creating and using common terminology, data and information
standards, etc.
Problem Management
Metrics:
- Problem Records per month
(Proactive & Reactive)
- Number of in progress problems
- Number of resolved problem
- Number of recurring incidents
when problem is in investigation

Inputs Activities Outputs

• Incident Records
• Configuration Management
Information
• Change Records
• Workarounds
• Review of Incident reported and • Problem Records
Trend Analysis • Problem Reviews
• Creating Problem Record • Resolved problems
• Categorizing and Prioritising • Workaround
problem records • Change Requests
• Identify and communicating • Service Improvement
workarounds • Knowledge Articles
• Identify and addressing RCA • Reports
• Proactively Identify and addressing
potential problem.

Roles:
- Problem Manager
- Technical Teams

01/01/2017
Change Management

• Process Purpose
• Change management enables changes to be made to services
with minimal amounts of disruption.
• Together with Release Management this process ensures that
consistent methods are used to assess, approve and deploy
changes.
• SIAM considerations (examples)
• The scope of the process needs a clear definition all through the
SIAM-ecosystem
• A change policy should clearly define common standards, roles
and parties involved, approval procedures, etc.
• If and when possible change approval should be delegated to
the providers (i.e. small and standard changes)
Release Management

• Process Purpose
• A release is a collection of one or more changes tested and deployed
together. Release management ensures that the integrity of the live
environment is protected and that the correct changes are deployed.
• Together with Change Management this process ensures that
consistent methods are used to assess, approve and deploy changes.
• SIAM considerations (examples)
• Release planning and implementation needs to consider all the affected
service providers, and the customer organization.
• Responsibilities for testing integration between services from different
service providers should be defined
• There should be a consistent format and method for communicating
information about releases
Change & Release Management
Metrics:
- Number of planned services
- Number of current services
- Number of retired services
- Commercial viability of services
- Number of portfolio opportunities

Inputs Activities Outputs

• Change Policy
• Release Policy
• Request for change
• Incident and problem related to
change
• Service Targets
• Test Results
• Configuration Information
• Change & Release Plans
• Analysis of Proposed changes
• Approving Changes
• Scheduling of changes
• Communication
• Packaging of release
• Scheduling of release
• Testing of release
• Implementation and Deployment
• Reviewing successful deployment
• Approved / Rejected Changes
• Change Schedule
• Change & Release Communication
• Release Plan
• Service Availability Plan
• Change Reviews

Roles:
- Change Requestor
- Change Manager
- Release Manager
- Test Manager
- Product Owner
- CAB Attendees

01/01/2017
Change & Release Management
Metrics:
- Number of planned services
- Number of current services
- Number of retired services
- Commercial viability of services
- Number of portfolio opportunities

Inputs Activities Outputs

• Customer strategy and
requirements
• Demand management data
• Service portfolio reviews
• Service catalogues
• Service contracts
• New and changed services
• Service portfolio
• Service portfolio reports
• Creating a service portfolio • Approved services
• Maintaining a service portfolio • Terminated services
• Reviewing a service portfolio
Roles:
- Service Portfolio Manager

01/01/2017
Configuration Management
• Process Purpose
• The purpose of configuration management is to identify, record,
maintain and assure data and information about configuration items
(CIs)
• SIAM considerations (examples)
• The scope of the service integrator’s CMDB must be clearly defined
• Contracts and agreements need to stipulate what data providers are
required to provide
• Each organization is responsible for maintaining its own CMDB
• Service providers need to share a subset of the data in their CMDB with
the service integrator and other service providers, to support delivery
of the end to end service. Responsibility needs clear definition
• A policy should be defined to describe all aspects with regard to data
shared across the SIAM-ecosystem
• Responsibilities for assessing and improving data quality and CMDB
accuracy should be defined
Service Level Management
• Process Purpose
• Service level management (SLM) ensures that service performance
meets agreed requirements. These requirements are set out as
service level targets in a contract or service agreement
• SIAM considerations (examples)
• The service integrator acts as the sole agent of the customer
• Clear definition of process scope (no overlap with processes like
supplier management, contract management, etc.) and contract
scope
• Clear service level agreements including breach thresholds,
escalation etc.
• The SIAM-model needs to reflect any service level targets that may
have been agreed before the service integrator was appointed
• Contingency approach in case a service provider fails to meet their
targets
Service Level Management
- Customer perception of service
- Service Level Achievement
Inputs
• Contracts
• Service Targets
• Service Provider Capability
• Service Performance Data
• Customer Feedback
01/01/2017
Metrics:
against targets
Activities Outputs
• Tracking performance against • Service Level Report
Service Level Targets • Trend Analysis
• Validating Service Reports from • Service Improvement
Service Providers Opportunities
• Producing and Publishing reports
of SLA against agreed targets
• Reviewing performance data to
identify improvement
opportunities
• Reviewing service performance for
ongoing alignment with business
requirement
Roles:
- Service level Manager
- Reporting Analyst
Capacity management
 SIAM manages business capacity
 Service providers manage component capacity
 SIAM and service providers jointly manage
service capacity
 SIAM maintains the model that maps forecast
demand to forecast provider service capacity

01/01/2017
Service Portfolio Management
• Process Purpose
• maintain information on all services, to provide the customer
organization with a better insight as to ongoing spend, and support
business decisions on future investment in products and services

• SIAM considerations (examples)

• Clear definition of all services, service providers, dependencies and
relationships between services, and service characteristics.
• The customer organization should own the service portfolio.
• Need for current information from all service providers.
• Consistent data and information standards for portfolio records.
• Alignment with the processes for introducing and retiring new
services and new service providers
 Service Portfolio Management
Metrics:
- Number of planned services
- Number of current services
- Number of retired services
- Commercial viability of services
- Number of portfolio opportunities

Inputs Activities Outputs

• Customer strategy and
requirements
• Demand management data
• Service portfolio reviews
• Service catalogues
• Service contracts
• New and changed services
• Service portfolio
• Service portfolio reports
• Creating a service portfolio • Approved services
• Maintaining a service portfolio • Terminated services
• Reviewing a service portfolio
Roles:
- Service Portfolio Manager

01/01/2017
Supplier Management

• Process Purpose
• The supplier management process defines the supplier
management policy and strategy, establishes a management
framework, and identifies and manages service providers, to deliver
value for money to the customer
• SIAM considerations (examples)
• Effective supplier management is critical to the success of any SIAM
implementation.
• Executed by the service integrator,
• Separate from Contract Management and SLM
• Manages provider performance
• Needs a policy
• Supplier forums can assist in creating a collaborative culture
Supplier Management
Metrics:
- Number of planned services
- Number of current services
- Number of retired services
- Commercial viability of services
- Number of portfolio opportunities

Inputs Activities Outputs

• Business Policy requirements
• Contracts
• Audit Report
• Regulatory and Industry standards
• Previous breaches and
achievements
• Customer and supplier
requirement
• Planned changes
• Project plans and risk logs
• Plan, produce and implement • Supplier Conformance Report
supplier management policy and • Planned improvements and
process remediation activities
• Enforce the policy • Training needs
• Design and Implement supplier
management framework
• Apply remedies for failure to meet
service level targets
• Identify and manage non
conformity to the policy and
process
• Escalate to contract management
as required

Roles:
- Supplier Manager, Procurement Manager
- Account Manager , Service Provider Service Manager
01/01/2017
Financial Management

• Process Purpose
• The purpose of financial management is to oversee the
management of the end to end financial function and the
activities of collating, investigating, analysing and presenting
financial information to the customer
• SIAM considerations (examples)
• Maintaining:
• commercial confidentiality across the ecosystem
• traceability of financial information across the SIAM-ecosystem
• Ability to compare and contrast financial information from
different services providers in a meaningful way
• Understanding the cost of a service provided by multiple
service providers
• Presenting consolidated financial information to the customer
in an understandable format
Financial Management
Metrics:
- Cost of Service
- Profitability of service
- Comparison between service and
service providers
- Spend against budget
- Accuracy of invoices
- Output produce on time

Inputs Activities Outputs

• Invoices • Costing • Billing Plan
• Budget Plans • Budget Planning • Reports
• Contractual Pricing Model • Monthly monitoring and spend • Cost Break down
• Purchase Order against budget • Spend and Forecast data
• Service Cost • Produce and Maintain financial • Invoices
reports and outputs • Financial Risk and Opportunity
• Conduct Financial impact analysis Information
• Process invoices

Roles:
- Chief Financial Officer
- Management Accountant
- Cost Accountant
- Accountant Assistant

01/01/2017
Information Security Management

• Process Purpose
• Information security management (ISM) sets and monitors
adherence to security policies and processes. It manages the
confidentiality, integrity, and availability of information, data,
IT and people.
• SIAM considerations (examples)
• Clear definition of accountabilities and responsibilities
• Use of consistent information security classifications and
definitions.
• Managing and communicate breaches and vulnerabilities
across the ecosystem
• Include security targets within service provider contracts
• Increased security risks when lower level risks are aggregated
across multiple parties
Information Security Management
Metrics:
- Number of security related incidents
- Number of security breaches
- % of users complying with security training
& other aspects
- Availability and Accuracy of Security tools
- Accuracy and Outcome of Security Audits
- of awareness of security principles
throughout organization

Inputs Activities Outputs

• Policy Requirement • Plan Produce and implement ISM • Security incident records
• Regulatory and Industry standards policies and process • Planned improvements
• Previous breach and near miss • Enforce the policy and monitor the • Remediating activities
information adherence • Training Needs
• Planned Changes • Implement security toolset • Disciplinary and human resource
• Customer and Service Provider • Monitor security activities and take action
appropriate resolution or • Process and policy status reports
requirements
improvement actions
• Project plans • Identify risk derived from aggregation
• Risk logs of lower level risk
• Raise incidents for breaches
• Evaluate and update the policy,
process and tool
• Plan and deliver the training , audits ,
review and test security framework

Roles:
- Senior Information Risk Officer, Information security manager, Service Desk, Incident Manager
01/01/2017
Continual Service Improvement

• Process Purpose
• The purpose of continual service improvement is to provide
a consistent method of quantifying, tracking and managing
the delivery of improvement activity across an ecosystem.
• SIAM considerations (examples)
• common definition across all parties in the ecosystem
• on the agenda of governance boards
• primary focus of the process forum structural elements
• All parties contribute, lessons are shared
• Service integrator responsible for managing cross-service
provider improvements
Continual Service Improvement
Metrics:
- Number of improvement identified,
action and completed
- Cost of improvement activities
- Increased value associated with
improvement activities
- Improvement in achievement of SLA
and process KPIs

Inputs Activities Outputs

• Management information
including Service Level Report,
internal KPI reporting, trend
analysis
• Lesson learned reviews
• Audits
• Customer satisfaction report
• The improvement is identified & • Strategic drivers including delivery
further information obtained model evaluation , industry bench
• Document current metrics marking, governance board out
• Identify and quantify the expected puts
or desired improvement and
benefits
• Categorized and prioritized
improvement
• Approve the further activity
• Stakeholder management and
communication planning
• Plan Improvement
• Carry out improvement actions
• Measure, review and qualify
benefits

Roles:
- Improvement Initiator, Improvement Sponsor, Improvement Implementer, Governance Board
Attendees, Process Forum Attendees
01/01/2017
Knowledge Management

• Process Purpose
• Knowledge Management is the process of capturing
knowledge and making it available in a controlled and quality-
assured manner to all appropriate people
• SIAM considerations (examples)
• Standardised templates and definitions for knowledge
• Service providers should be encouraged to share knowledge
with each other
• Clear responsibilities for creating, reviewing, approving,
publishing, and maintaining knowledge articles
• Relevant parties must be able to access knowledge, either
from a single knowledge repository, or a virtual repository
linking all providers
• Knowledge should be consistent across the SIAM-ecosystem
Knowledge Management
Metrics:
- Number of knowledge users
- Reduction in incident resolution time
by using knowledge articles
- % of incidents resolved by knowledge
items
- Number of active knowledge articles
- Accuracy of repository content

Inputs Activities Outputs

• Documented Observations
• External Knowledge Source
• Data and Process information
• Data repositories
• Release Notes
• Procedures Manuals
• Training Material
• Knowledge Identification, capture
and maintenance
• Knowledge Transfer
• Data and Information Management
• Evaluation and Improvement
Roles:
- Knowledge Creator
- Knowledge Manager
- Knowledge Editor
• Knowledge Articles
• Reports
• Updated Knowledge Management
System
• Archived Data and Information
• Updated Training Material

01/01/2017
Project Management

• Process Purpose
• The purpose of project management is to provide a
structured approach that delivers projects on time, on budget
and at the appropriate level of quality
• SIAM considerations (examples)
• Increased complexity of project relationships within a SIAM-
ecosystem
• Planning integrated projects involving multiple project teams
in multiple service providers
• Obtaining consistency in reporting project status and progress
• Establishment of a collaborative culture to support cross-
service provider project management
• Managing risks in integrated projects
• Ensuring effective acceptance into service criteria for project
implementations across multiple service providers
Project Management
Metrics:
- Delivery against plan
- Delivery against quality
requirements
- Delivery against budget
- Overdue products
- CSAT

Inputs Activities Outputs

• Proposal
• Purchase Order
• Project Plans
• Project Change Request
• Customer requirements
• Quality Criteria
• Planning • Completed project
• Adhering to organizations policies • Delivered Products
and requirements • Plan
• Directing actions • Tasks
• Status reporting • Lesson learned
• Risk and issue Management
• Delivery of change requests
• Quality Management of
deliverables
• Managing stakeholders

Roles:
- Project Director
- Project Manager
- Project Management office

01/01/2017
Audit and Control

• Process Purpose
• The purpose of audit and control is to provide assurance that
the services provided to the customer are being delivered in
accordance with documented requirements. This can include
contracted, legislative, regulatory, and security requirements
• SIAM considerations (examples)
• Preferably one governance framework across all parties (may
not always be possible)
• Each organization should own its risks opposed to an overall
accountability
• Security and privacy assurance and compliance (across the
SIAM-ecosystem) needs to be clearly defined
• Clear definitions of roles, accountabilities and responsibilities
• Audits across the whole SIAM-ecosystem
• Specifics laid down in contracts
Audit and Control
Metrics:
- Compliance against requirement
- Number of non conformance
identified, opened and closed

Inputs Activities Outputs

• Audit Scope • Auditing Organizations process and • Audit Scope
• Requirements system • Non conformance
• Policies • Quality Assurance Planning • Evidences
• Standards • Auditing Projects • Observations
• Processes • Identifying non conformance • Risks and Issues
• Data and information Records against requirement • Improvement Opportunities
• Performance Reports • Recording, presenting and
• Process metrics managing audit findings
• Tracking non conformance through
to closure

Roles:
- Quality Manager
- Chief Security Officer
- Auditor, Process Owner

01/01/2017
Exam Information
EXIN BCS Service Integration and
Management (SIAM®) Foundation exam
Prerequisites
-none-
Knowledge of IT Service Management terminology, for instance through the EXIN IT Service
Management based on ISO/IEC 20000, is strongly recommended.

Examination details
Examination type: Computer-based or paper-based multiple-choice questions
Number of questions: 40
Pass mark: 65% (26 of 40)
Open book/notes: NO
Electronic equipment/aides permitted: NO
Time allotted for examination: 60 minutes
SIAM in 2017

 The publication of the SIAM Foundation Body of

Knowledge and SIAM Foundation Process Guides –
available as a free download from Scopism.com and
shortly as a hard copy from Van Haren Publishing.

 The launch of SIAM Foundation Training and

Certification – a global scheme launched as a
partnership between EXIN, BCS, and Scopism,
available from March 1 2017. The launch of SIAM
Professional training and Certification – already in
development, and due to launch later in 2017.

1. The world’s first SIAM conference – a chance to network with other SIAM
professionals in Leeds, UK on March 30 2017.

2. India’s first SIAM Conference – Organized by NovelVista on April’17

 My Organization
• NovelVista learning Solutions Pvt Ltd www.novelvista.com
 Accredited Training Organization (ATO) & Approved Exam
Center (AEC)
 Trained more than 25000+ professionals
 Faculty of practitioners from industry with average of more that
15 years experience each

121
Thank You

manish@novelvista.com

78880 46606
122