As the haggard body of 2008 is carried out the door, the squalling baby of 2009 faces a tough time and will need to mature rapidly to deal with the mess that its predecessor has left behind. Meanwhile, the IT department is dependent on its relationship with the business—a relationship often fraught enough during the good times, but facing some possible issues as 2009 progresses.

One area where IT has been a little disingenuous historically has been through its use of service level agreements (SLAs). Going to the business during the early stages of a project and asking what the business requires as a level of service tends to get the standard results of response times of less than one second and availability of greater than 99.5%. This is carefully written down in a big document, vigilantly locked away and promptly forgotten about until something goes wrong. When that happens, the SLA is brought out and a great deal of time, effort and money is wasted in trying to identify the scapegoat.

Quocirca's advice has long been that if this mirrors your organisation's approach to SLAs, then it is far more cost effective not to bother at all. After all, without anything being written in to the SLA around what is likely to happen when an SLA target is consistently missed, and what the outcome for the defaulting side is to be, all that the business can do is slap IT over the wrist and tell them not to do it again.

Further, what does the business actually mean when it requests "less than one second response time"? Less than one second end-to-end response, no matter where the user is situated? Less than one second response at the application level, at the database level, or elsewhere? What is 99.5% availability? At 43.8 hours downtime, is this alright if it happens all in one go in one year? How about if it is 10 minutes per working day, every day just as customers are trying to access your e-commerce site?

Far better to look at a different approach, one Quocirca terms Service Value Management (SVM). Here, the various aspects of a business process are given financial or business values and the IT systems that support these functions are then measured accurately against their capabilities to provide the desired outcome.

So, for example, a customer process for buying an item from a web site is probably seen by the business as being pretty important, whereas an internal process for booking vacations will probably not have such a high priority. SVM enables a higher level of granularity to be offered to the business, but is dependent on having the right sort of tools in place to measure asset capabilities, performance and carry out "what if?" scenarios. One company that is getting very close to this is Quest Software, whose Foglight tools are moving strongly in the right direction.

Foglight enables the performance of individual assets and whole processes to be measured and reported on. By using historical data, future performance can be projected, and the impact of new workloads on the overall infrastructure can be estimated.

However, the real value comes when SVM is combined with virtualisation. Now, capabilities to offer a range of service levels to the business appear. By getting the business to prioritise its processes effectively, it becomes possible to present offers to the business that enable it to make reasoned decisions.

For example, going in to the business and saying that to meet its SLA requirements will cost £x generally just means that a financial discussion or argument ensues, and the decision becomes binary—either a yes to spend the money, or a no as to providing the SLA at all. Now, with SVM It can go in and say that for no extra money, a "bronze" level of service can be provided—for example, a guaranteed average response time for priority one tasks of less than one second, with fewer than 5% being out of agreement over a period of one month, and priority two tasks having an average response time of less than two seconds, and so on. For an extra amount of money, the IT department will ensure that, under a "silver" SVM, all priority one tasks are managed to less than one second, with 80% of priority two tasks also being less than one second. A "gold" SVM may offer that peak loads will also be managed within agreed service levels through the provision of additional resources taken from the virtual pool.

With this sort of information, the business can sit down and make the right business decision as to the direction to go, rather than just be faced with the binary yes/no decision. The SVM becomes a far more live document, with it being the basis for providing advice back in to the business as to what the future holds (e.g. "to continue with the existing SVM agreement, it has become apparent that new storage/CPU/network capabilities will need to be put in place—this will cost the organisation £y, or we can continue as we are, and the SVM will have to change in this way...").

Where does this mean that SVM sits? Is it the next advance on service level management? Is it a different form of IT services management (ITSM) or business service management (BSM)? SVM is a different beast to SLA systems or SLM, but is more easily seen as a subset of BSM—without the information that SVM can provide, BSM is not completely possible.

The majority of the systems management companies (such as IBM Tivoli, CA, BMC, Symantec, HP) are making moves in this direction, but it does look like Quest is closest to it at this stage. It remains to be seen how effective it can make this, and how prepared organisations are to embrace the concept of SVM. However, Quocirca believes that SVM offers far more than standard SLAs—and that those who do embrace SVM will find that they narrow the IT/business gap considerably.