This is the glossary containing definitions related to the FitSM standards family. Click here for the glossary for the EOSC Future project with definitions of terms and acronyms relating to EOSC and EOSC Future. If you have any questions please contact Matthew Viljoen
| Term or Acronym | Definition | Notes |
|---|---|---|
| Accessibility of information | Property of information being accessible and usable by an authorized party | |
| Activity | Set of actions carried out within a process | |
| Assessment | Set of actions to evaluate the capability level of a process or the overall maturity level of a management system | |
| Availability | Ability of a service or service component to fulfil its intended function at a specific time or over a specific period of time | |
| Capability level | Achieved level of effectiveness of an individual process or general aspect of management | |
| Capacity | Maximum extent to which a certain element of the infrastructure (such as a configuration item) can be used | Note: This might mean the total disk capacity or network bandwidth. It could also be the maximum transaction throughput of a system. |
| Capacity Management (CAPM) | SMS process which ensures sufficient capacities are provided to meet agreed service capacity and performance requirements. | |
| Change | Alteration (such as addition, removal, modification, replacement) of a configuration item (CI) | |
| Change Advisory Board (CAB) | A group of people within CHM who reviews, evaluates and approves changes within an IT environment. | |
| Change Management (CHM) | SMS process which ensures changes to configuration items are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services | |
| Classification | Assignment of items to defined groups based on common attributes, relations or other criteria | Note 1: Items that are subject to classification may include documents, records (such as incident records or change records), services, configuration items (CIs), etc. Defined groups may include categories (such as incident categories or change categories) or priority levels. Note 2: The act of classification often comprises the application of more than one classification scheme. For instance, an incident record might be assigned to a technical incident category such as ‘software related’, ‘network related’, etc., and also to a priority level like ‘low priority’, ‘medium priority’, etc. The assignment of various incidents, service requests, changes and problems to an affected CI is also a classification. Note 3: Besides the presentation and analysis of relationships, classification is often used as input for controlling the workflow of a process, e.g. by assigning a priority level to an incident. |
| Closure | Final activity in a workflow of a process to indicate no further action is required for a specific case | Note: Cases that are subject to closure may include incidents, problems, service requests or changes. The activity of closure puts the connected record (such as the incident record, problem record, service request record or change record) in its final status, usually called ‘closed’. |
| Competence | Sum of knowledge, skills and experience that an individual or group needs to effectively take on a specific role. | |
| Confidentiality of information | Property of information not being accessible to unauthorised parties | |
| Configuration | State of a specified set of attributes, relationships and other relevant properties of one or more configuration items (CIs) | Note: The documented configuration of a number of CIs at a given point in time is called a configuration baseline, which is usually taken prior to the deployment of one or more changes to these CIs in the live environment. |
| Configuration item (CI) | Element that contributes to the delivery of one or more services or service components, therefore requiring control of its configuration | Note 1: CIs can vary widely, from technical components (e.g. computer hardware, network components, software) to non-technical items such as documents (e.g. service level agreements, manuals, license documentation). Note 2: The data necessary for effective control of a CI is stored in a CI record. In addition to attributes of the CI, the CI record likely includes information on relationships it has with other CIs, service components and services. CI records are stored in a configuration management database (CMDB). |
| Configuration Management (CONFM) | SMS process which provides and maintains a logical model of all configuration items and their relationships and dependencies | |
| Configuration management database (CMDB) | Store for data about configuration items (CIs) | Note: A CMDB is not necessarily a single database covering all configuration items (CIs). It may rather be composed of multiple physical data stores. |
| Conformity | Extent to which requirements are met in some context | Note: In the context of FitSM, the term compliance is generally used as a synonym for conformity. However, sometimes conformity is used in the context of adherence to internal regulations and requirements as defined by policies, processes and procedures, while compliance is used in the context of adherence to external requirements, such as laws, standards and contracts. |
| Continual Service Improvement Management (CSI) | SMS process which identifies, prioritizes, plans, implements and reviews improvements to services and service management | |
| Continuity | Property of a service to maintain all or parts of its functionality, even in exceptional circumstances | Note: Exceptional circumstances include emergencies, crises or disasters which affect the ability to provide services over extended periods of time. |
| Customer | Organisation or part of an organisation that commissions a service provider in order to receive one or more services | Note: A customer usually represents a number of users. |
| Customer Relationship Management (CRM) | SMS process which establishes and maintains a good relationship with customers receiving services | |
| Document | Information and its supporting medium | Note: Examples of documents include policies, plans, process descriptions, procedures, service level agreements, contracts or records of activities performed. |
| Effectiveness | Extent to which goals and expectations are met | Note: In a management system, effectiveness is mostly measured against the defined goals of the processes that are subject to this system. |
| Efficiency | Degree of ability to meet goals and expectations with minimum consumption of resources | Note 1: In a management system, efficiency is mostly considered in the context of the processes that are subject to this system. Note 2: Resources may be human, technical, informational or financial. |
| Escalation | Change of responsibility for a case (such as an incident, service request, problem or change) or activity to another individual or group | Note: There are two basic types of escalation: Hierarchical escalation transfers responsibility (temporarily) to someone with a higher level of authority. Functional escalation transfers responsibility to someone with a different set of competencies or privileges required to handle the case or activity. |
| Federation | Situation in which multiple parties, the federation members, jointly contribute to the delivery of services to customers without being organised in a strict hierarchical setup or supply chain. | |
| Federation member | Individual, organisation or body that works together with other federation members in a federation to provide one or more services | Note: Often, federation members will not be bound together by strict contractual agreements. |
| Federator | Body that acts to coordinate a set of federation members | |
| Improvement | Action or set of actions carried out to increase the level of conformity, effectiveness or efficiency of a management system, process or activity, or to increase the quality or performance of a service or service component | Note: An improvement is usually implemented after an opportunity for improvement has been identified, for instance during a service review, audit or management review. |
| Incident | Unplanned disruption of operation in a service or service component, or degradation of service quality versus the expected or agreed service level or operational level according to service level agreements (SLAs), operational level agreements (OLAs) and underpinning agreements (UAs). | |
| Incident and Service Request Management (ISRM) | SMS process which restores normal / agreed service operation within the agreed time after the occurrence of an incident, and to respond to user service requests | |
| Information security | Preservation of confidentiality, integrity and accessibility of information | |
| Information security control | Means of controlling or treating one or more risks to information security | |
| Information security event | Occurrence or previously unknown situation indicating a possible breach of information security | Note: An occurrence or situation is considered a potential breach of information security if it may lead to a negative impact on the confidentiality, integrity and / or accessibility of one or more information assets. |
| Information security incident | Single information security event or a series of information security events with a significant probability of having a negative impact on the delivery of services to customers, and therefore on the customers’ business operations | |
| Information Security Management (ISM) | SMS process which manages information security effectively through all activities performed to deliver and manage services, so that the confidentiality, integrity and accessibility of relevant information are preserved | |
| Integrity of information | Property of information not being subject to unauthorized modification, duplication or deletion | |
| IT service | Service that is enabled by the use of information technology (IT) | |
| IT service management (ITSM) | Entirety of activities performed by an IT service provider to plan, deliver, operate and control IT services offered to customers | Note: The activities carried out in the ITSM context should be directed by policies and structured and organised by processes and supporting procedures. |
| Key performance indicator (KPI) | Metric that is used to track the performance, effectiveness or efficiency of a service or process | Note: KPIs are generally important metrics that will be aligned to critical success factors and important goals. KPIs are therefore a subset of all possible metrics, intended to allow for monitoring a service or process. |
| Known error | Problem which has not (yet) been corrected, but for which there is a documented workaround or temporary fix to prevent (excessive) negative impact on services | |
| Management review | Periodic evaluation of the suitability, maturity and efficiency of the entire management system by its accountable owner(s), from which opportunities for improvement are identified and follow-up actions are determined | Note: The accountable owner of a management system is usually a top management representative of the organisation operating the management system. In a federation, the accountable owner is usually one person nominated by top management representatives of all organisations (i.e. federation members) involved. |
| Management system | Entirety of policies, processes, procedures and related resources and capabilities aiming at effectively performing management tasks in a given context and for a given subject | Note 1: A management system is generally intangible. It is based on the idea of a systematic, structured and process-oriented way of managing. Note 2: While documentation (such as process definitions, procedures and records) and tools (such as workflow support and monitoring tools) can be parts of a management system, management system considerations are not limited to the questions of documentation and tool support. Note 3: With respect to (IT) service management and the FitSM standard series, the idea of a service management system (SMS) is a central concept, where the context of the management system is the organisational context of the service provider, and the subject is to plan, deliver, operate and control (IT) services. |
| Maturity level | Achieved overall effectiveness of a service management system, based on the combination of the capability levels of its processes and general aspects of management | |
| Nonconformity | Case or situation where a requirement is not fulfilled | Note: This may also be referred to as noncompliance. |
| Operational level agreement (OLA) | Documented agreement between a service provider and another part of the service provider’s organisation or a federation member to provide a service component or subsidiary service needed to allow provision of services to customers | |
| Operational target | Reference / target value for a parameter used to measure the performance of a service component, listed in an operational level agreement (OLA) or underpinning agreement (UA) related to this service component | Note: Typical operational targets might include availability or allowed resolution times for incidents. |
| Policy | Documented set of intentions, expectations, goals, rules and requirements, often formally expressed by top management representatives in an organisation or federation | Note: Policies are then realised in processes, which are in turn made up of activities that people carry out according to defined procedures. |
| Post implementation review (PIR) | Review after the implementation of a change that determines if the change was successful | Note: Depending on the specific type and complexity of the change, the post implementation review may vary widely in its depth. |
| Priority | Relative importance of a target, object or activity | Note: Often incidents, service requests, problems and changes are given a priority. In the case of incidents and problems, priority is usually based on the specific impact and urgency of the situation. |
| Problem | Underlying cause of one or more incidents that requires further investigation to prevent incidents from recurring or reduce the negative impact on services | |
| Problem Management (PM) | SMS process which investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying cause, or to ensure workarounds / temporary fixes are available | |
| Procedure | Specified set of steps or instructions to be carried out by an individual or group to perform one or more activities of a process | |
| Process | Structured set of activities, with clearly defined responsibilities, that bring about a specific objective or set of results from a set of defined inputs | Note: Generally, a process consists of a number of activities used to manage services, if the process is part of a service management system (SMS). |
| Record | Documentation of an event or of the results of performing a process or activity | |
| Release | Set of one or more changes to configuration items (CIs) that are grouped together and deployed as a logical unit | |
| Release and Deployment Management (RDM) | SMS process which bundles changes of one or more configuration items to releases, so that these changes can be tested and deployed to the live environment together | |
| Request for change (RFC) | Documented proposal for a change to be made to one or more configuration items (CIs) | |
| Risk | Possible negative occurrence that would have a negative impact on the service provider’s ability to deliver agreed services to customers, or that would decrease the value generated through some service | Note: Risk is made up of the probability of the threat entailed, the vulnerability to that threat of some asset, and the impact the threat would have, if it occurred. |
| Role | Set of responsibilities and connected behaviours or actions collected into a logical unit that can be assigned to an individual or group | Note: An individual may take over multiple roles. |
| SDTP | Service Design and Transition Package. Plans for the design and transition of a specific new or changed service. | |
| Service | Digital system that allows a user either to interact with the system, entering data or other inputs, executing instructions through commands or other interfaces, or to issue machine-to-machine commands using a protocol such as an API that allows information or data to be supplied to the system, and that allows results to be received by the user through graphical interfaces and/or production of output data files. | Note: In the context of the FitSM standard series, when referring to services, usually IT services are meant. |
| Service acceptance criteria (SAC) | Criteria that must be fulfilled by the time a new or changed service is deployed and made available to customers / users | Note: SAC are defined when a new or changed service is designed, and they may be updated or refined during the development or transition phase. They may cover functional and non-functional aspects of the specific service to be deployed. SAC are part of the service design and transition package (SDTP). |
| Service Availability and Continuity Management (SACM) | SMS process which ensures sufficient capacities are provided to meet agreed service capacity and performance requirements | |
| Service catalogue | The general description at IT SMS level according to the FitSM Family of standards (FitSM-0) it is a customer-facing list of all live services offered along with relevant information about these services | Note: The service catalogue can be regarded as a filtered version of and customers’ view on the service portfolio. Note: The service catalogue is part of the IT SMS of EOSC and must not be confused with the community resource catalogues that can be onboarded to EOSC-Exchange. |
| Service component | Logical part of a service that provides a function enabling or enhancing a service | Note 1: A service is usually composed of several service components. Note 2: A service component is usually built from one or more configuration items (CIs). Note 3: Although a service component underlies one or more services, it usually does not create value for a customer alone and is therefore not a service by itself. |
| Service design and transition package (SDTP) | Entirety of plans for the design and transition of a specific new or changed service | Note: An SDTP should be produced for every new or changed service. It may consist of a number of documented plans and other relevant information, available in different formats, including a list of requirements and service acceptance criteria (SAC), a project plan, communication and training plans, technical plans and specifications, resource plans, development and deployment schedules / timetables, etc. |
| Service level agreement (SLA) | Documented agreement between a customer and service provider that specifies the service to be provided and the service targets that define how it will be provided | |
| Service Level Management (SLM) | SMS process which maintains the service catalogue, defines agrees and monitors SLAs, OLAs and UAs with suppliers | |
| Service management | Entirety of activities performed by a service provider to plan, deliver, operate and control services offered to customers | Note 1: The activities carried out in the service management context should be directed by policies and structured and organised by processes and supporting procedures. Note 2: In the context of the FitSM standard series, when referring to service management, usually IT service management is meant. |
| Service management plan | Overall plan for implementing and operating a service management system (SMS) | |
| Service management system (SMS) | Overall management system that controls and supports management of services within an organisation or federation | Note: The SMS can be regarded as the entirety of interconnected policies, processes, procedures, roles, agreements, plans, related resources and other elements needed and used by a service provider to effectively manage the delivery of services to customers. |
| Service portfolio | Internal list that details all the services offered by a service provider, including those in preparation, live and discontinued | Note: For each service, the service portfolio may include information such as its value proposition, target customer base, service description, relevant technical specifications, cost and price, risks to the service provider, service level packages offered, etc. |
| Service Portfolio Management (SPM) | SMS process which defines and maintains the service portfolio | |
| Service provider | Organisation or federation (or part of an organisation or federation) that manages and delivers a service or services to customers | |
| Service report | Report that details the performance of a service versus the service targets defined in service level agreements (SLAs) – often based on key performance indicators (KPIs). | |
| Service Reporting Management (SRM) | SMS process which specifies all service reports and ensures they are produced according to specifications in a timely manner to support decision-making | |
| Service request | User request for information, advice, access to a service or a pre-approved change | Note: Service requests are often handled by the same process and tools as incidents. |
| Service review | Periodic evaluation of the quality and performance of a service together with the customer or under consideration of customer feedback, from which opportunities for improvement are identified, follow-up actions to increase the value of the service are determined | |
| Service target | Reference / target values for a parameter used to measure the performance of a service, listed in a service level agreement (SLA) related to this service | Note: Typical service targets might include availability or resolution time for incidents. |
| Supplier | External organisation that provides a (supporting) service or service component(s) to the service provider, which they need to provide services to their customers / users | |
| Supplier and Federation member Relationship Management (SFRM) | SMS process which establishes and maintains a healthy relationship with suppliers and federation members supporting the service provider in delivering services to customers, and monitor their performance | |
| Top management | Senior management within an organisation who has authority to set policies and exercise overall control of the organisation | |
| Underpinning agreement (UA) | Documented agreement between a service provider and an external supplier that specifies the underpinning service(s) or service component(s) to be provided by the supplier, together with the related service targets | |
| Underpinning contract (UC) | See: Underpinning agreement (UA) | |
| User | Individual that primarily benefits from and uses a service | |
| Value | Benefit to a customer and their users delivered by a service | Note: Value should be considered as a composition of the utility (fitness for purpose) and warranty (fitness for use, covering sufficient availability / continuity, capacity / performance and information security) connected to a service. |
| Workaround | Means of circumventing or mitigating the symptoms of a known error that helps to resolve incidents caused by this known error, while the underlying root cause is not permanently eliminated | Note 1: Workarounds are often applied in a situation, when the actual root cause of (recurring) incidents cannot be resolved due to lack of resources or ability. Note 2: A workaround may consist of a set of actions to be carried out by either the provider or the user of the service. |