The Service Role Cluster ensures that all of the IT services being provided to customers are aligned to the customers' stated needs and service level agreements (SLAs). This involves maintaining a working relationship with customers, understanding their need for IT services, and managing the introduction of new services, service improvements, and changes. Maintenance of service level agreements in particular helps to promote the objectives within the Service Role Cluster and ensure that customers receive the optimum levels of IT services that they require, and at an appropriate cost.

The Service Level Management service management function (SMF) is most commonly associated with this role cluster. The service level management function addresses the entire life cycle of a service, from the implementation of the service to the retirement or replacement of the service. The review processes inherent to service level management are designed to address not only service delivery itself, but also to evaluate the ongoing viability of the current service to determine if it still provides value to the organization. The results of the service level management process are documented in service level agreements (SLAs). Service level agreements also provide specific targets against which the performance of the IT operations department can be evaluated.

The context for this risk is that of a service manager, performing service level management for the company's remote networking service. During a service review, the service manager negotiates better service levels and a more cost-effective contract with a different Internet service provider (ISP) in order to provide remote connectivity for the organization's remote and mobile workforce, including business partners. This plan to switch ISPs may result in some remote users and business partners not being able to establish remote network connections until they have manually changed their networking configuration.

The following table shows various examples of risk components pertinent to a scenario involving the Service Role Cluster.

Table: Service Role Cluster risk components

Risk component Statement

Root cause:


Condition: The following event occurs ...

Some users and business partners have mobile computer configurations that cannot be remotely managed or configured.

Operations consequence: ... operations will be hurt in this manner ...

The service desk is not always able to use automated tools to remotely reconfigure dial-up connections. This results in a high number of remote connectivity incidents being logged. Each incident is time consuming and results in a relatively high cost to resolve.

Downstream effect: ... and the business as a whole will be hurt in this manner ...

Some users will experience connection problems and will not be able to establish remote network links to synchronize mail or to remotely access corporate intranet applications.

Mitigation: Prior to the condition occurring, we will try to reduce the impact and/or probability by...

Reduce the impact by running both ISP services in parallel for a limited period and setting a deadline for users to manually reconfigure their dial-up connections.

Trigger: If the condition is imminent (but has not yet occurred), we will know because this happens...

The CMDB might indicate that all users have reconfigured their connections; however, there might still be users who have not reconfigured their connections or who have made a configuration error.

Contingency: If we are unable to prevent the condition, we will respond to the trigger in this way:

Assign dedicated staff at local service desks who can guide users through manually making and checking the reconfiguration changes needed to connect.