The Optimizing Quadrant's activities entail planning and improving all aspects of IT service management, with a proactive, long-term holistic view of all the processes within the Microsoft Operations Framework (MOF) Process Model. This quadrant's functions include review of outages/incidents; examination of cost structures, staff assessments, and availability; and performance analysis as well as capacity forecasting.

The goal of the Optimizing Quadrant is to add value to the business through the optimization of cost, performance, capacity, and availability in the delivery of IT services. The objectives of the Optimizing Quadrant include:

• Identify short- and long-term recommendations for changes that will lower IT costs.
  
• Assess and identify ways to improve or streamline processes and improve service levels across the IT organization.
  
• Align with the business growth and direction to evaluate existing operations and forecast future activity for IT operations.
  

Several role clusters could be actively involved with the SMFs in this quadrant depending on the organizational structure, size, geography, and business model. These include Security, Infrastructure, Partner, and Service role clusters.

The Change Initiation Review is the operations management review in which changes are evaluated for cost and benefits and in turn become the catalyst for the Changing Quadrant to begin executing the release. Changes may originate from anywhere: internal to IT, from the business, from supplies and partners, or any external source.

The Change Initiation Review (formerly called the Release Approved Review) results in the formal approval of a proposed change, or set of changes, to be developed and packaged into a defined release. (The Change Initiation Review aligns with the change authorization process in ITIL.) This review is key to the operations environment because it begins the investment cycle for operations planning and deployment of a given release.

The goal of the Change Initiation Review is to ensure that due diligence is performed in the cost-benefit analysis of proposed changes. This is critical in deciding how best to spend the limited IT resources of any organization. It also ensures that the operations staff is appropriately represented in the decision-making process for these IT investments

In larger or more complex projects, this review corresponds directly to the MSF Project Plans Approved Milestone, which is the official approval to build the product/solution according to the defined specifications and timelines. It is at this point that money, people, and equipment now begin to come together to make the release a reality.

The following eight service management functions lie within the Optimizing Quadrant:

• Service Level Management
  
• Financial Management
  
• Capacity Management
  
• Availability Management
  
• IT Service Continuity Management
  
• Workforce Management
  
• Security Management
  
• Infrastructure Engineering
  

The first five SMFs are based upon ITIL and have been extended to include Microsoft-specific practices and additional industry best practices. The sixth SMF-Workforce Management-is based on industry and Microsoft best practices. The last two SMFs-Security Management and Infrastructure Engineering-are new in MOF 3.0. Identified as a content gap in earlier releases, they are based on experience with customers and partners using and implementing MOF.

MOF advocates the best practices of IT service delivery, and the Service Level Management SMF specifically provides a structured way for consumers and providers of IT services to meaningfully discuss and assess how well a service is being delivered. The primary objective of service level management can be summarized as providing the mechanism for setting clear expectations with the customer and user groups about the service being delivered and then measuring performance against these requirements. Satisfied customers are a result of first setting clear expectations and then consistently meeting those expectations.

The key activities within the Service Level Management SMF include:

• Creating a service catalog.
  
• Identifying and negotiating service level requirements for service level agreements.
  
• Ensuring that service level requirements are met within financial budgets.
  
• Setting accounting policies.
  
• Monitoring and reviewing support services.
  

The MOF Financial Management SMF is based entirely on the ITIL process by the same name. Its importance lies in the large role that financial management plays in controlling the overall costs that business incurs because of IT. (Latest analysts' figures show that 50-60 percent, or more depending on which source is referenced, of an entire IT organization's budget is typically spent on IT operations.) The efficient and effective use of MOF and ITIL best practices and guidance help to reduce the percentage required by IT, thereby enabling the money to be allocated to other parts of the business, such as innovating new products and services.

Financial management activities include budgeting, IT accounting, charging (or charge back models), and system decommissioning.

Budgeting includes predicting and controlling the spending of money within the organization. Financial management ensures that any service solution proposed to meet the needs identified from a request for change is justified from a cost and budget standpoint. This is often referred to as a cost-benefit analysis and is included in an organization's forecasting as well.

The IT accounting process enables the IT provider to account for how its money is spent-for example, costs by customer, service, activity, organization, or any other of the myriad ways accounting is performed.

Charging is the activity required to bill customers for services. In addition, many corporations today are utilizing cost allocation or charge-back models where business units are funding their own key IT projects. This places more accountability for the business value of IT projects in the hands of those who must justify the expenditure and prove the benefits. A consequence of these models is that they put more pressure on the IT groups to become more efficient and cost effective. With the surge in IT outsourcing, application hosting, and e-commerce, charging and charge-back models are becoming integral components of business operations.

One more activity within the Financial Management SMF addresses system decommissioning or retirement. Far too often, a system or application is deployed and continues to be supported far past its useful life span. It is critical that systems be assessed over time to consider not only upgrades and new functionality, but also replacement, outsourcing, or simple retirement. Financial as well as business intelligence must be considered when making these types of assessments.

Capacity management is defined as the process of planning, sizing, and controlling business, service solution, and resource capacity such that it satisfies user demand within the performance levels established in the capacity plan and service level agreements. The Capacity Management SMF consists of the following three components:

• Business capacity management. Responsible for ensuring that the future business requirements for IT services are considered, planned, and implemented in time to be in place and functioning when the business needs them.
  
• Service capacity management. Focuses on the management of the performance of the production, or operational, IT services used by the customers.
  
• Resource capacity management. Focuses on the management of the individual components of the IT Infrastructure.
  

Accomplishing these activities requires information about usage scenarios, patterns, and peak load characteristics of the service solution as well as stated performance requirements. Obviously, server and network capacity are key components to overall capacity and, based on the usage scenarios, the IT operations staff can set predetermined thresholds that will indicate when additional capacity is required.

In addition to system parameters, it is important to consider staffing levels in capacity planning. As a service solution is required to scale to larger and larger loads, the manual activities associated with the solution may require an increased number of resources to support the increased load. An obvious example of this would be the service or help desk. Increases in user loads will generally increase the number of incidents that must be addressed.

An often overlooked element of capacity planning is the operational processes themselves. Many times the processes deployed to deliver a service solution are not reevaluated when user volume increases until process response times become problematic. Analysis typically discovers that the process, while perhaps adequate for low user volumes, could not scale to support the increased loads. Thus, "process scale" must be examined on a regular basis along with the more traditional system parameters.

The singular goal of the Availability Management SMF is to ensure that customers can use a given IT service when they need it. A goal of maximum availability (with total annual downtime measured in just minutes for most organizations) is a worthy objective for any operations staff to achieve.

Ensuring high availability for a service solution must begin early in the software or service development process. Here again, Microsoft frameworks add great value in that MSF is "operations aware," or in other words, is complementary to MOF, and is positioned to ensure that designing for availability, reliability, manageability, and maintainability occur and are documented in the specification of the product or service (beginning with the project's Envisioning Phase). Whether the service solution is an off-the-shelf package, custom application, or outsourced operation, high availability cannot be achieved without a solid technical architecture and system design. Assuming the service solution has been constructed to achieve high-availability requirements, it then becomes necessary to support the service with solid operational processes and skilled people. These latter elements are the key focus of the Availability Management SMF.

Availability is related to, but different from, reliability. Reliability, in statistical terms, measures how frequently and at what intervals the system fails, whereas availability measures the percentage of time the system is in its correct operational state.

The common method for calculating availability is to subtract downtime from total time and divide by total time. These numbers must be obtained from the service level agreement requirements in order to be accurate and meaningful. For example, downtime is defined as the occasions when users cannot utilize the service at the times prescribed by the SLA. For instance, if the SLA specifies six hours downtime every Saturday for maintenance on a reporting system, those hours do not become downtime that detracts from the availability of the service because it was originally agreed to in the user expectations. Total time is the number of hours that the service should be available for use as defined in the SLA. In this example, the weekly six-hour maintenance window would be subtracted from the total time.

So, the key question is, how do you improve your system's availability? The only variable in the equation that will affect this is downtime. Re-examine availability in the context of downtime. In looking at likely causes of downtime, the operations and support staffs require accurate configuration data as well as access to the incident and problem records. Changes may result from initiatives to improve service reliability and availability. The availability process manager must assess RFCs to establish their likely effect on reliability and availability and then review the implemented changes for their actual effect.

The ITIL book on availability management considers availability management processes in great depth and detail. It also provides additional resources and templates, such as how to create an availability plan and how to use the IT Availability Metrics Model (ITAMM).

The IT Service Continuity Management SMF, which was previously known in ITIL as Contingency Management, focuses on supporting the overall business continuity management process by ensuring that, in the event of a business interruption, required IT services can be recovered according to an agreed schedule.

The focus is on minimizing the business disruption of mission-critical systems. This process deals with planning to cope with and recover from an IT disaster. An IT disaster is defined as a loss of service for protracted periods, which requires that work be moved to an alternative system in a nonroutine way. It also provides guidance on safeguarding the existing systems by the development and introduction of proactive and reactive countermeasures. IT service continuity management also considers which activities need to be performed in the event of a service outage not attributed to a full-blown disaster.

Objectives of IT service continuity management include:

• Preventing interruptions to IT services as well as recovering services after an interruption occurs.
  
• Producing an effective service continuity (contingency) plan. This plan will be utilized in a time of disaster and/or protracted service outage to support the overall business process by ensuring that the required IT technical resources and services facilities can be recovered within the business timescales that the SLA requires.
  

Ideally, systems are designed to include sufficient levels of resilience, such as diversely rooted networks and geographically distributed servers, so that the design phase of the project addresses many of the requirements for sound IT service continuity planning. Again, MSF offers detailed guidance in these areas in designing for operations and infrastructure deployment.

Note that IT service continuity and availability management are significantly interrelated but have different imperatives. Availability management is concerned with designing and building services with the appropriate availability characteristics under normal day-to-day operating conditions and expected downtime and maintenance. IT service continuity management is concerned with preparing for, preempting, and managing business interruptions-that is, not "business as usual" situations, but the unexpected and/or disasters. Risk management is heavily used in both SMFs.

Achieving any of the objectives described in this guide requires an adequately skilled and trained workforce. It is important to put best practices in place to continuously assess changing economic conditions and impacts on the IT workforce and make the appropriate investments and adjustments. This includes recruiting, skills development, knowledge transfer, competency levels, team building, process improvements, and resource deployment.

The Workforce Management SMF is unique to MOF. The Workforce Management SMF recommends best practices to recruit, retain, maintain, and motivate the IT workforce. Although ITIL emphasizes the need for good workforce management practices across all operations processes, MOF highlights workforce management by explicitly promoting it to the status of an SMF in the Process Model.

The Workforce Management SMF is complementary to the MOF Team Model in that the Team Model describes the core operations functional roles and their activities in enabling MOF Process Model activities, while the Workforce Management SMF focuses more on the human resource components of staff development, training, and so forth.

Security management has been elevated to a new SMF in the Optimizing Quadrant in MOF 3.0 for a number of reasons. The existing Security Administration SMF addresses the routine daily tasks of the Operating Quadrant in administering and maintaining security across the services and systems, but no higher-level guidance was available that told which security policies and guidelines should exist in the first place. Additionally, since the initial release of MOF, ITIL has published a new book on security management, and the security group at Microsoft has conducted extensive work in creating process, policy, and technology guidance through the "Security Push" initiative of the past several years. Both of these resources are used and referenced in the content guidance for the Security Management SMF.

The goal of the Security Management SMF is to define and communicate the organization's security plans, policies, guidelines, and relevant regulations defined by the associated external industry or government agencies. Security management strives to ensure that effective information security measures are taken at the strategic, tactical, and operational levels. It also has overall management responsibility for ensuring that these measures are followed as well as reporting to management on security activities. Security management has important ties with other processes; some security management activities are carried out by other SMFs under the supervision of security management.

The Infrastructure Engineering SMF is the second new SMF to be included in MOF 3.0. Again, this content was identified as a gap in the MOF Process Model and is based on experiences using MOF in both our internal IT operations as well as our customer environments with partners. Infrastructure engineering processes focus on ensuring coordination of infrastructure development efforts, translating strategic technology initiatives into functional IT environmental elements, managing the technical plans for IT engineering, hardware, and enterprise architecture projects, and ensuring quality tools and technologies are delivered to the users.

IT personnel responsible for implementing the processes contained in the Infrastructure Engineering SMF typically perform coordination duties across many other SMFs, liaising with the staffs who implement them. The Infrastructure Engineering SMF has close links to such SMFs as Capacity Management, Availability Management, IT Service Continuity Management, and Storage Management, as well as across ITIL functions such as Facilities Management. It provides a means of coordination between separate, but related, SMFs that was previously lacking in MOF.

The Infrastructure Engineering SMF includes the following activities:

• Ensuring that the technology and application portfolio aligns with the business strategy and direction.
  
• Directing solution design and creating detailed technical design documents for all infrastructure and service solution projects.
  
• Verifying the quality assurance efforts of infrastructure development projects and developing standard quality metrics, benchmarks, and guidelines.
  
• Identifying and making recommendations for reducing costs and/or increasing efficiency by employing technological solutions.
  

Infrastructure engineering is, in several ways, an embodiment of MSF management principles within the MOF Optimizing Quadrant. The processes primarily involve project management and coordination within an IT operations context. They are linked with nearly every other SMF in order to communicate engineering policies and standards and to ensure that they are included and adhered to when implementing projects and production functions. To accomplish this, those in the Infrastructure Role Cluster (of the MOF Team Model) work with management teams in each of the operations areas to apply guidance from the Infrastructure Engineering SMF. The MOF Risk Management Discipline is performed continually during this process to evaluate whether engineering standards and guidelines are helping to mitigate operations risks across the environment.