<< Prev Question Next Question >>
Question 4/26
Scenario
Vision Media is an international media organization, operating various lines of business including:
Film Production
Television (production and delivery of their own channel in the United States VisionOne)
Print media (including newspapers in 15 countries)
Online Advertising
The organization has recently been restructured, and now is comprised of the following companies and departments:
Vision Films (production of movies and television shows)
VisionOne (television channel)
VisionNews (coordinates all of the sub-companies involved in the delivery of printed newspapers, as
well as being the centralized source of news information for all company owned media outlets) VisionNet (managing the online and internet businesses)
Legal Services
Finance and Administration
Human Resources
Information Technology
The organization is also actively pursuing growth in the online market, and is currently holding discussions with the leading online news provider about the possible acquisition of their company. This would increase the overall size of Vision Media by around 15%.
The Information Technology department acts as a Shared Service Unit, providing IT Services to all of sub- companies and departments, which complement some of the Internal Service Providers that also exist.
The director of Information Technology has realized the need to improve the quality of services offered by implementing ITIL, and has decided to do so using a phased approach. Some of the Service Design and Service Transition processes have already been implemented, and they are now planning the implementation of Service Operation.
While the IT director does have tentative support from the other directors and CEO, budgets for implementing the Service Operation processes have not been finalized, and still require a business case to be formally submitted.
Refer to the exhibit.
There is some confusion as to how the process of Access Management should be designed. In particular, there is debate as to how the process should be integrated into the overall approach of IT Service Management within Vision Media. The IT director has asked for submissions from some of her staff, describing how they think Access Management should be designed.
Which of the following submissions describes the most appropriate way in which to design and implement Access Management within Vision Media?
A: The design of a quality Access Management process will need to consider the current state of IT Service Management that exists within the IT department, as well as the organizational requirements of Vision Media in general. This will require interfaces to be created with:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Service Level Management: Which is responsible defining the customer requirements for access to
IT services
Request Fulfillment: Access Management will often be triggered by Service Requests, taken by the
Service Desk or submitted using automated and self-help mechanisms
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Demand Management: Which will provide information as to the patterns of business that will
generate requests for access.
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Human Resources: So that effective (and automated) communication exists to assist in the creation,
modification, removal and audit of access rights.
General:
Direct requests from department managers
Requests for enabling increased access for VIP staff
B: The design of an efficient Access Management process will need to account for the existing IT Service Management processes already implemented within the IT department, as well as the Human Resource requirements of Vision Media in general. This will require interfaces to be created with:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Capacity Management: Which is responsible for the design of systems and infrastructure, which are
in turn supported by Access Management
Knowledge Management: Each Knowledge base will require various levels of access to be defined
and enforced.
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Demand Management: Which will provide information as to the patterns of business that will
generate requests for access
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Legal Services: So that the Legal department can verify the request for access is appropriate and
lawful.
* General:
Direct requests from department managers
Requests for enabling increased access for VIP staff
C: It is important that the implementation of Access Management considers a number of key interfaces with existing IT Service Management processes, as well as other business processes, to ensure success and satisfaction of its defined objectives. This includes:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Availability Management: Which is responsible for the design of security systems and infrastructure,
which are in turn supported by Access Management
Request Fulfillment: Access Management will often be triggered by Service Requests, taken by the
Service Desk or submitted using automated and self-help mechanisms
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Configuration Management: Which can be used to record relationships between users and systems
they can access.
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Human Resources: So that effective (and automated) communication exists to assist in the creation,
modification, removal and audit of access rights.
General:
Direct requests from department managers
Requests for enabling restricted access to contractors and external suppliers
D: Access Management will need to be implemented in isolation from existing IT Service Management processes already in place at Vision Media so that its' integrity can be ensured. The only exception to this is Information Security Management, which is responsible for the development and renewal of security policies, guidelines and procedures. Access Management uses these as formal inputs, which are then executed accordingly.
Vision Media is an international media organization, operating various lines of business including:
Film Production
Television (production and delivery of their own channel in the United States VisionOne)
Print media (including newspapers in 15 countries)
Online Advertising
The organization has recently been restructured, and now is comprised of the following companies and departments:
Vision Films (production of movies and television shows)
VisionOne (television channel)
VisionNews (coordinates all of the sub-companies involved in the delivery of printed newspapers, as
well as being the centralized source of news information for all company owned media outlets) VisionNet (managing the online and internet businesses)
Legal Services
Finance and Administration
Human Resources
Information Technology
The organization is also actively pursuing growth in the online market, and is currently holding discussions with the leading online news provider about the possible acquisition of their company. This would increase the overall size of Vision Media by around 15%.
The Information Technology department acts as a Shared Service Unit, providing IT Services to all of sub- companies and departments, which complement some of the Internal Service Providers that also exist.
The director of Information Technology has realized the need to improve the quality of services offered by implementing ITIL, and has decided to do so using a phased approach. Some of the Service Design and Service Transition processes have already been implemented, and they are now planning the implementation of Service Operation.
While the IT director does have tentative support from the other directors and CEO, budgets for implementing the Service Operation processes have not been finalized, and still require a business case to be formally submitted.
Refer to the exhibit.
There is some confusion as to how the process of Access Management should be designed. In particular, there is debate as to how the process should be integrated into the overall approach of IT Service Management within Vision Media. The IT director has asked for submissions from some of her staff, describing how they think Access Management should be designed.
Which of the following submissions describes the most appropriate way in which to design and implement Access Management within Vision Media?
A: The design of a quality Access Management process will need to consider the current state of IT Service Management that exists within the IT department, as well as the organizational requirements of Vision Media in general. This will require interfaces to be created with:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Service Level Management: Which is responsible defining the customer requirements for access to
IT services
Request Fulfillment: Access Management will often be triggered by Service Requests, taken by the
Service Desk or submitted using automated and self-help mechanisms
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Demand Management: Which will provide information as to the patterns of business that will
generate requests for access.
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Human Resources: So that effective (and automated) communication exists to assist in the creation,
modification, removal and audit of access rights.
General:
Direct requests from department managers
Requests for enabling increased access for VIP staff
B: The design of an efficient Access Management process will need to account for the existing IT Service Management processes already implemented within the IT department, as well as the Human Resource requirements of Vision Media in general. This will require interfaces to be created with:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Capacity Management: Which is responsible for the design of systems and infrastructure, which are
in turn supported by Access Management
Knowledge Management: Each Knowledge base will require various levels of access to be defined
and enforced.
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Demand Management: Which will provide information as to the patterns of business that will
generate requests for access
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Legal Services: So that the Legal department can verify the request for access is appropriate and
lawful.
* General:
Direct requests from department managers
Requests for enabling increased access for VIP staff
C: It is important that the implementation of Access Management considers a number of key interfaces with existing IT Service Management processes, as well as other business processes, to ensure success and satisfaction of its defined objectives. This includes:
Information Security Management: Which is responsible for the development and renewal of
security policies, guidelines and procedures, which are then executed by Access Management Availability Management: Which is responsible for the design of security systems and infrastructure,
which are in turn supported by Access Management
Request Fulfillment: Access Management will often be triggered by Service Requests, taken by the
Service Desk or submitted using automated and self-help mechanisms
Change Management: Request for Changes (RFCs) will often involve modification of access rights
Configuration Management: Which can be used to record relationships between users and systems
they can access.
Outside the scope of IT Service Management, some of the interfaces that will also need to be
created are:
Human Resources: So that effective (and automated) communication exists to assist in the creation,
modification, removal and audit of access rights.
General:
Direct requests from department managers
Requests for enabling restricted access to contractors and external suppliers
D: Access Management will need to be implemented in isolation from existing IT Service Management processes already in place at Vision Media so that its' integrity can be ensured. The only exception to this is Information Security Management, which is responsible for the development and renewal of security policies, guidelines and procedures. Access Management uses these as formal inputs, which are then executed accordingly.
