Churning Checklists

As we already have seen all the modules of ITIL in detail in my earlier series of articles, here I am not going to explain them again but in this article we will cover the assessment checklists for few of them. It will help you to find process gaps in managing them, ideas to improve those processes and overall quality of service. This will also help you to be prepared for any external security and process audits.

Incident management assessment checklist:

• When an error or failure is identified, by client, user, vendor or any monitoring, automation, is it reported to the helpdesk?
• Is an incident record or ticket created in a ticket generating tool?
• Is a severity determined for the ticket?
• If High Severity incident, whether escalation management is activated?
• Does helpdesk?(service desk)?team attempt to resolve the Incident at first contact?
• Is there a helpdesk knowledge base available for their reference?
• If resolved at helpdesk level and service restored, whether the incident record and knowledge base is updated with the resolution details?
• If not resolved at helpdesk level, does the helpdesk verify the scope and assign it to appropriate team if within scope?
• Does the team to which incident assigned perform diagnostic activities to determine the cause of the incident?
• If unable to diagnose within a specified duration, does it engage the L2 or L3 level to leverage specialized expertise??
• After determining the cause, whether service restoration done by identifying solution options?
• After identifying the solution options, whether the team tests the solution options?
• After successfully testing the solution options, whether the team raise change request(s) to implement the solution?
• Does client or end user confirmation obtained for service restoration?
• Has the incident record & knowledge base updated with the resolution and client confirmation?
• Has a problem ticket raised for high severity incidents?
• Has the Incident been marked as "closed" in the service management system/tool?
• Are the observed incidents being reported to the service desk in order to initiate service restoration?
• If application data are being monitored, are data integrity and transaction consistency checks performed regularly?
• After resolving incidents, is the service desk being notified?
• When scheduling errors are resolved, is the job being re-run to check if the error has been corrected?
• Are application corrections being identified to eliminate impact of the incident?
• Are the fixes being validated to ensure that they are working as intended after correcting the program in the development environment?
• Are the fixes being moved into the test environment for further testing and are necessary change requests submitted to the team that controls the environment?
• Are necessary types of testing being performed on the fixes to ensure that they functions correctly?
• Are the tested fixes being moved into the production environment and are necessary change requests submitted to the group that controls the environment?
• Are the fixes being validated to ensure that they are working as intended after moving them into the production environment?
• Are escalated services calls being evaluated to ensure that the data is complete and the escalation is conforming to the specified criteria?
• Are post-escalation reviews conducted?
• Is an internal account conference call (war room) scheduled within the first 15 mins of high severity incidents?
• Whether a preliminary Incident Report (for internal purpose) is created, after the internal call (war room)?
• Does the team lead / incident manager monitor the resolution progress?
• Does periodic updates being published, until resolution??
• Is a final incident report published?
• Has the probable cause of the incident been documented?
• Is RCA (Root Cause Analysis) document prepared and approved from client after every incident resolution??
• Are incidents compared with the known error database?
• Has a Problem ticket raised for High Severity incidents?
• Is incident closed after its resolution done and service restored?

Event management assessment checklist:

• Are the actions to be taken determined, based on the established significance of the event alert?
• Are affected groups and individuals of the event notified?
• Are the group or individual responsible for intervening as a result of the event, being notified?
• Is the information regarding all events being logged?
• Has human intervention been provided to address the event?
• Are all important events and exceptions checked to determine whether they have been treated correctly?
• After taking the specified actions, are the events being closed?

Problem management assessment checklist:

• Are sources of problem identification defined?
• Is a problem ticket created?
• Is problem analysis performed?
• Are problems defined?
• Is root cause analysis determined for the problems?
• Are recurring low severity incidents, identified as “new” known errors?
• Does the team lead review the problem & proposed preventive actions?
• If PCAs (Permanent Corrective Action)?are not approved, are they resent for analysis and DORM (Demand, Opportunity, Resource, and Metrics management)?notified?
• If PCAs are approved, has the Final Incident Report updated and DORM notified?
• Is a plan developed to implement the PCA’s?
• Are necessary Change Requests raised to implement the PCAs?
• Are updates to Known Errors & Other Repositories done?
• Does relevant team follow up on their Action Item for resolution?
• Is there PCA Tracking Register available?
• Are regular internal Problem Review meetings held?
• When does the Problem record marked as closed?
• Is performance analyzed to identify possible problem areas?
• Are release notes being analyzed?
• Are problems logged?
• Are root causes of the problems isolated?
• Are workarounds identified and established for problems?
• Is the knowledge database getting updated with root cause information and details of the workaround?
• Are solutions recommended for fixing the problems?
• If a change is required to a system or service, was a change request submitted?
• Are Error Resolutions recorded?
• Is the problem database being updated with details of error resolution after closing the problem?

Change management assessment checklist:

• Is a Change Record (CR) created?
• Is there provision for creating Emergency Change Record (ECR)?
• Are Change category and Change lead time determined?
• Has the Release Plan updated with this CR?
• Has the CR gone through a formal Peer Review?
• Does necessary documentation updated to the Change Record, for CCB (Change Control Board) approvals?
• Is Internal Review performed on the CRs?
• Does internal CCB reviews all Change Requests before approaching client?
• Is there a provision for Client exception, when CCB rejects a change??
• Is UAT (User Acceptance Testing) performed for approved changes?
• Are changes to production verified and validated ?
• Are follow-up activities performed for the changes?
• Whether a Change Management Report is created for unsuccessful Change(s)?
• Are unsuccessful changes reviewed?
• Are change records updated with the final status?
• Are change requests being prioritized?
• Are urgent changes first being approved by the ECAB before taking them up further?
• For urgent changes are communications occurring with all interested parties?
• Are risks and impact being evaluated for the changes?
• Is the level of effort required for addressing changes being estimated?
• Are reasons for rejection being recorded for all rejected changes?
• Are all the related requests for changes being grouped together and evaluated?
• Are open issues related to approval of changes being resolved?
• Are required resources for addressing changes being identified?
• Is a preliminary schedule of activities defined for implementing approved changes?
• Is the forward schedule of changes published?
• Are implementations being verified to ensure that they are successful?
• Are the implemented changes being verified and validated to ensure that it is complete and correct?
• Are all interested parties being communicated regarding the back-out?
• Are corrective actions to address root-causes identified and documented?
• Are requests for changes being closed?

Release management assessment checklist:

• Was the appropriate type (formal or self-assessment) of Technical Review conducted for this phase of the project??
• Are FAT feedback (Factory Acceptance Test) acknowledged and addressed?
• Were completed changes finalized and approved?
• Were leadership approvals obtained?
• Are baseline verifications being conducted on the Applications CMDB (Configuration Management Data Base) and findings documented?
• Are discrepancies identified during the baseline verification investigated and root-causes identified?
• Are appropriate actions to address the discrepancies determined?
• After baseline verifications, are the baseline verification reports created and communicated to relevant stakeholders?
• Was exit criteria used to determine the completion of UAT (User Acceptance Testing)?
• Was exit criteria used to determine the completion of the selected testing type?
• Was client sign-off obtained indicating acceptance of the solution?
• Were problems documented and tracked to closure during the warranty period?
• Does a Release Process exist for the account?
• Does Scheduling / prioritization of changes occur??
• Are the release calendars approved internally and by Client ?
• Are Release Plans created / updated?
• Does Client sign-off the Release Plan after internal review?
• Are periodic Release planning meetings held?
• Are Release Notes published, after UAT stage?
• Is the client contacted for any exceptions / open issues from UAT?
• Does the client provide a final release decision / sign-off?
• Does relevant Change owner support during release deployment?
• Is the Release Closed / Signed-off, after deployment?

Dear readers, if you are reading this, that means you have reached till the end of this article, which is a proof that you liked it. I request you to provide feedbacks, comments and suggestions on my articles. I urge all my readers to share my articles if you liked and benefited from them.