Posted in Working in IT

ITIL Benefits

ITIL is the IT Infrastructure Library and ITIL® is a Registered Trade Mark and a Community Trade Mark of the Office of Government Commerce. Developed in the late 1980’s by the CCTA (now the OGC), by the mid 1990’s it had become the world-wide de facto framework in service management. ITIL has become very popular as it is a public domain framework which is scaleable. Very large organizations, very small organizations and everything in between have implemented ITIL processes. ITIL focuses on best practice, and as such can be adapted and adopted in different ways according to each individual organizations needs.

ITIL (Information Technology Infrastructure Library) is a set of best practices for Information Technology (IT) service management. The United Kingdom’s Central Computer and Telecommunications Agency (CCTA) created ITIL in response to the growing dependence on Information Technology to meet business needs and goals. ITIL provides businesses with a customizable framework of best practices to achieve quality service and overcome difficulties associated with the growth of IT systems. ITIL is organized into sets of texts which are defined by related functions: service support, service delivery, managerial, software support, computer operations, security management, and environmental. In addition to texts, ITIL services and products include training, qualifications, software tools, and user groups such as the IT Service Management Forum (itSMF).

Let’s see the ITIL Benefits: ITIL offers a systematic, professional approach to the management of IT service provision. Adopting its guidance can provide benefits such as:

• Increase Customer Satisfaction with IT services
• Reduce the risk of not meeting business requirements for IT services
• Reduce costs when developing procedures and practices within an organization
• Better communication and information flows between IT staff and customers
• Standards and guidance for IT staff
• Greater productivity and better use of skills and experience
• A quality approach to IT services

ITIL Benefits to IT service Customers, such as:
• Reassurance that IT services are provided in accordance with documented procedures that can be audited
• The ability to depend upon IT services, enabling the customer to meet business objectives The identification of contact points for enquiries or condition changes
• Provision of feedback from SLA monitoring

ITIL is from the concept no check list, as one has to develop the ideal-typical management of a IT infrastructure. The advantage and ITIL Benefits are rather in the fact that one falls back with the structure of an individual IT management to documented Best Practices and so that can jump over expensive learning curves. In addition the advantages of the standardization represented by ITIL are obvious: Modules and process goals of the IT management are defined and can be compared and evaluated with one another.

Many organizations have embraced the ITIL concept because it offers a systematic and professional approach to the management of IT service provision along with other ITIL Benefits. There are many benefits to be reaped by adopting the guidance provided by ITIL. Such ITIL Benefits include but are not limited to:

• Improved customer satisfaction
• Reduced cost in developing practices and procedures
• Better communication flows between IT staff and customers
• Greater productivity and use of skills and experience

ITIL provides IT professionals with the knowledge and resources they need to run and maintain an effective and efficient IT Infrastructure that meets the needs of their clients while keeping costs at a minimum.

ITIL Benefits of using the ITIL framework:
• Increase customer satisfaction with IT services
• Reduce risks and costs
• Standards and guidance for IT staff
• A quality approach to IT services

Let’s see Why ITIL Can Help along with other ITIL Benefits: Many executives express frustration as they attempt to reign in the chaos and expense associated with their IT investments but find little in the way of substantive guidance. The IT Infrastructure Library (ITIL) has emerged as the worlds most widely accepted approach to the management and delivery of IT Services.

Gartner measurements on ITIL Benefits show that the overall results of moving from no adoption of IT Service Management to full adoption can reduce an organization’s Total Cost of Ownership by as much as 48%. ITIL currently has over 100,000 certified (trained) professionals and consultants, primarily in Europe, Australia and Canada, with only a small fraction of those certified professionals residing or practicing in the U.S.

By adopting IT best practices, what type of ITIL Benefits can an organization expect?

Beyond the quantifiable ITIL Benefits, delivered from the implementation of ITIL, there are also qualitative ITIL Benefits. Successful introduction of IT Service Management with ITIL should deliver type of ITIL Benefits to organizations:

• Improved Customer Satisfaction
• Improved ROI of IT
• Improved Morale of Service delivery and recipient staff
• Reduced staff turnover
• Lower costs of training, especially as the ITIL standard become widely adopted
• Improved systems/apps availability
• Improved IT employee productivity
• Reduced cost/incident
• Reduced hidden costs that traditionally increases substantially the TCO
• Better asset utilization

The economic impact of an organization adopting ITIL along with other ITIL Benefits will be felt in all of the areas listed above. The ITIL Benefits can also be viewed in terms of direct savings and indirect, the later being derived as a result of the strategy but not directly related to the actions being taken, such as minimizing the missed opportunity costs, the cost of not been able to operate. These indirect ITIL Benefits as well as the direct benefits may vary greatly from one organization to another.

Posted in Telecom

easypaisa Mobile Account – Telenor Pakistan and Tameer Bank

Yesterday I got to know about the product of Telenor- Tameer Bank which is “easypaisa Mobile Account” . The product as in accord seems to be the best of the solution provided in the Pakistani Market so far.

The presentation start bit late but it was wonderful session I had and meet up with the guys both from Telenor- Pakistan and Tameer Bank. They give us the information about the product and its salient features

The main feature which is being covered during the presentation jointly given by the representative from Tameer bank and Telenor Pakistan are as follows:

• Easypaisa Mobile Accounts are bank accounts opened for Telenor subscribers to access from their mobile phones at any time

• Users only have to go to a Merchant to ‘Deposit Cash’ or ‘Withdraw Cash’ from their easypaisa Mobile Account. All other services can be accessed on the user’s mobile phone at any time

• This service is available for only Telenor subscribers

• Registration is only available only at Telenor SSCs, Telenor Franchises and Tameer Bank Branches for now

• The mobile account can be accessible from any mobile handset so it removes the dependability of new mobile handsets usage and also the GPRS things

• No GMS Chareges being implied during any sort of transaction and also the security feature related to it is the usage of USSD channel

• Through Mobile Account you can pay your utility bills , money transfer, mini statement or balance enquiry and in coming future they also offered e-load purchase / Persona Bill Payments , Fund Transfers to any Bank in Pakistan ,ATM Cards, Other Payments *

The main target market are

• Any person with a Telenor SIM who wants to have instant access to a Bank Account from his mobile phone

• Any person with a Telenor SIM who wants to have the freedom to send/receive money to other people or pay utility bills from his mobile phone at any time

• Any person with a Telenor SIM who wants to be part of the largest Bank with thousands of branches in Pakistan and the facility to withdraw cash or deposit cash from these branches (Merchants) at any time

easypaisa Merchants are not only Telenor Franchises , Telenor Sales and Service Center but also the Tameer Bank Branches and Retailers all across Pakistan through them you can do Cash Deposit and Withdrawl but the easypaisa account can be open on later three not on retailers points .

easypaisa Account – Product Details

• A Customer has to come to an Telenor Franchise/SSC or Tameer Branch to open an easypaisa Mobile Account

• Account Opening Request takes 10 minutes to enter into the system

• Subscriber will be called back in 3 hours after Nadra CNIC verification. Account will be activated and Subscriber will be asked to select a PIN which is of 5 digits

• Transactional Limits Rs.10,000/day, Rs.20,000/month, Rs.1,20,000/year ( These limits do not apply on Transfer In)

• Maximum Balance of Rs. 60,000 in the account at any time

• SBP requirements dictate the account limits that need to be in place. For higher limits, the Customer needs to open a bank account with Tameer Bank first.

• Account Opening Fee = Rs. 50 + tax (non-refundable)

easypaisa Secure Online Web Login

• Subscribers can log into the secure, online web portal through the Internet to perform all easypaisa Mobile Account transactions from the web

• Additional Services on the online web portal:

• Complete Account Statement and History of all Transactions

• Schedule recurring payments

• Web login idle time out for subscriber is 30 minutes


In the end I can summarize that this product seems to be effective one where the Telenor subscriber are in good numbers and also the early adapters will get benefit from it (I hope so). This thing turns out to “Star” only time will tell. But its bit early to say about anything more about this product as its needs to be reached out to Masses of Pakistan and specially in the rural areas of Pakistan where it can be utilized more effectively and in a better way.

Its being offered initially for individuals if I am remembering it correctly AND will later on will be offered to Corporate Customer as well ( Correct me if I am wrong). You can get more information about the product on “”

I hope it will fit into the theme as they provide “Any Person Any Place Any Time” .

Posted in Education

THREE DAY TRAINING COURSE ON “ITIL V3 FOUNDATION – Certification Preparation Course”

Ahmed Farid Associates is pleased to announce Three Day Training Course on “ITIL V3 Foundation – Certification Preparation Course” from March 26 – 28, 2010 at Karachi Sheraton Hotel, Karachi and from April 16 – 18 at Sunfort Hotel, Lahore through its Management Development Center (MDC).

If you have any queries please do not hesitate to contact us through Tel #: (92-21) 34520390 & 34247126 or Email:

Posted in Working in IT

CoBIT – General Introduction

COBIT helps the organization mold the IT processes to the business needs and goals of the organization. It helps the organization to establish a start and an end point; that is, determining where the organization is now and where the organization wants to be. Knowing the goals, IT can then activate business objectives.

COBIT also provides an effective mechanism for managing and measuring progress in implementing ITIL processes by helping the organization understand its goals and measure progress in achieving them. In addition, COBIT provides a mechanism for measuring improvement, and continual improvement.
Specifically, COBIT provides management directions for getting the enterprise’s information and related processes under control, monitoring achievement of organizational goals, monitoring performance within each IT process, and benchmarking organizational achievement. These directions include:

 Assurance Guide — Provides an audit guideline for each of the high-level control objectives. The guideline permits review of IT processes against the detailed control objectives listed under the high-level control objective, providing management assurance and indicating potential areas of improvement.

 Maturity models — Helps the organization determine where it is today, and where it wants to be.

 Critical success factors — Presents the most important management-oriented implementation guidelines to achieve control over and within IT processes. In COBIT, the Key Management Practices are the main management practices that the process owner needs to perform to achieve process goals.

 Key goal indicators — Provides measures that tell management (after the fact) whether an IT process has achieved its business requirements, usually expressed in terms of information criteria.

 Key performance indicators — Defines measures that determine how well the IT process is performing in enabling the goal to be reached. They are lead indicators of whether a goal will likely be reached or not, and are good indicators of capabilities, practices, and skills. They measure the activity goals, which are the actions the process owner must take to achieve effective process performance.

We can divide the COBIT into 4 different domains which tell us that what we can offer to the organization

1. Plan and Organize
2. Acquire and Implementation
3. Deliver and Support
4. Monitor and Evaluate

Now we can further discuss in detail about the above mentioned points

Plan and Organize:

• Provide tools to automatically discover the current IT infrastructure and Configuration Items (CI) likes of IT services, hardware, software, users, relationships, etc. The services likes of Help desk solutions, Asset Management, User Authorization Database. etc which currently we are not following to keep a particular database for them and software for implementing them
• Include asset and financial information about the costs associated with each CI. For example raising C.E.R. we have to fill up the form and in it we get approvals for it from the higher management. It all based on the paper work what we can do is that by analyzing those facts which are involved in it and get the system be running on our Enterprise Solutions(Paperless Environment).
• Allow for identification of risk through the relationships among critical IT services and CIs, and correlation with past incidents and problems .For example the risks being involved in providing Internet access to the end users which things are necessary for making sure of those facts that our network will be secured , which products(hardware) we need in order to implement them, those practices can be adapt in analyzing those facts and figures
• Support the management of IT resources, such as staff, budgets, and hardware.

Acquire and Implementation

• Manage the full lifecycle of IT asset procurement, placement, configuration, allocation, maintenance, and retirement. For example these days we do not know which hardware is purchased (few of those from some quite few years we are maintaining the data when the hardware is purchased) but we do not know under which circumstances why we purchased it, how much maintenance costs has been put on it etc. etc.
• Capture the costs associated with the entire lifecycle of IT assets (hardware and software)
• Ensure that all pertinent information related to the IT assets is maintained in a database
• Track the changes from the moment they are proposed, through the implementation in the live environment, to the evaluation of the end result, and also provide us the ability to track the change requests through stages of review, authorization and implementation with routing and approval path determined by various criteria. For example the implementation of Payroll application on BaaN, the system was first running on the Windows Based environment and on SQL server database, there were many problems while running the application based on Windows environment , the suggestion put on the application on BaaN – Live (Change Request), but we do not know when this suggestion for change had been put up and by whom, when we get the approval for it and how the system going to be designed by designated rules, who are the concern person during its implementation and what we can do in order to enhance our capabilities for its changing. We do not have the track record that what changes have been made during the implementation of application so that we can compare the old application with the newly designed.

• Permit determination of technical and business impact, impact on other services, the effect of not implementing the change and the resources required, and also facilitate gathering changes from all stake holders into the change management database. It also helps us in integrating the help desk solution to automate the raising of the incidents.

Deliver and Support

• Provide support for the various security disciplines as by Global recognized Security Standards, Centralized management of identities and access privileges, also enable us in the bi-directional provisioning of various security target systems. For example the ISO 27001 which tells us about the security control objectives and recommends a range of specific security controls by following it in conjunction with the CoBIT we can implement the Information Security Management System in our organization.

• Enable us in managing self service password management and password synchronization procedures, and also provide us the intrusion detection from external and internal sources, timely provisioning of security patches and settings and making us ensure how to take corrective actions in response to security policy violations for example the user the can get his login password change by them selves if we can use the such type of systems and policies which enables to maintain at one place. Firewalls can be used to protect the systems from intrusion.

• Employ certified best practices and IT process alignment to consolidate, log, track, manage, and escalate all types of incidents and problems from users , third- party organizations and other IT applications. For example we can deploy the help desk solution in here which can tell us the related IT problems whether it can hardware related to software related or ERP related.

• Provide an integrated, searchable knowledge base of common solutions and workarounds to known errors for example we can deploy the knowledge base management system based upon the facts and knowledge we own from our previous experiences and we can adapt these practices later on for the known errors and timely solved them.

• Log historical changes that are available for audit purposes, and also provides us the standard and easily configured reports that allow analysis of standards compliance, security audits and financial cost and recovery. For example we can enable audit logs on the operating systems’ level that like of when the user logged in last time.

• Enable management of enterprise database application and platform consistently and also provide us automation to support the data change management, performance tuning, database security management, backup and recovery and database archiving.

Monitor and Evaluate
• All IT Processes must contain logs, audit trails and reports to assist in evaluating and monitoring IT Performance which can only be adapt with the help of some sort of database system and in it by defining the write parameters and stuff.

• Provide automation for continual evaluation of internal control effectiveness.

• Provide support for IT Governance best practices likes of ITIL, CGEIT, ISO27001 etc etc.

Posted in Uncategorized



Everything works okay doesn’t it? Modern businesses require up-to-date computer systems which are flexible, adaptable and efficient. Businesses need to utilise a range of technical and business-orientated skills to consistently evaluate the use of the latest technical developments using the latest techniques.

Keeping abreast of recent technological developments is challenging for technologists. Research can be a time-consuming activity, and experimentation is not always possible.


Within the IT industry, there is a growing problem known as the “alignment trap”. Research undertaken by MIT Sloan in the United States which was a survey of more than 500 senior business and technology executives worldwide, followed up with in-depth interviews of 30 CIOs, reveals a troubling pattern:

“Those IT systems which are directly embedded into business performance sometimes go astray and IT departments can be stuck in the maintenance zone leaving little time for strategic or pro-active operational/ tactical management. Corporate management budgets for the amounts necessary to keep the systems running, but IT doesn’t offer enough added value to the business and often isn’t expected to.”

The alignment trap is problematic for business executives and the IT industry. Dealing with it won’t be easy. What is required, and examples of this exist, is to embed a culture of managing complexity down, sourcing IT resources (staff, software and hardware) wherever it makes sense and create start-to-finish accountability connected to business results. This allows for alignment of the entire IT organization to the strategic objectives of the overall business. Using governance that crosses organizational lines and making business objectives responsible for key IT initiatives. In conceptual terms this is addressing the mystical middle ground between IT and the business.

Process management for IT systems has been around since the 1980s and IT good practice methods are successfully being used in the public and private sectors world-wide. Over 75% if the FTSE 100 companies in the UK deploy them. Historically those interested in IT have developed sophisticated technical skills which are “fit for purpose”. Developing more business orientated skills is increasingly taking place. The role of the Chief Information Officer is undergoing a subtle change. Expected to be more “business savvy”, they need to evolve their skills to provide different leadership ideologies.


The pervasive nature of technology has created a hiatus of understanding by business of the real potential of IT-based systems. To further complicate this, IT middle and higher managers have usually been promoted from technical positions, which have given a techno-centric feel to the IT decision making process. Emerging technologies and the impact on their business will further add to the worry of business managers.

Question: How can this evolve to be a more collaborative business/IT endeavor?

Perhaps the management of IT through Service Management Practices.

One approach would be to see IT as a distinct group within the business rather than a function alongside it. IT departments would then be more market orientated and be:

• market driven;

• able to tap into diverse opportunities;

• developing a set of products and services;

• providing end-to-end production line;

• efficient and effective at utilizing resources (staff, skills, technology);

• Identifying costs of production.

Technology is pervasive in all aspects of modern life. Understanding and exploiting the technology for business-driven criteria will be the next challenge.

Posted in Uncategorized

Most Confusing High Tech Buzzwords (2008)

In its third annual Internet and media analysis, The Global Language Monitor ( has found the most confusing yet frequently cited high tech buzzwords of 2008 to be cloud computing, green washing, and buzzword compliant followed by resonate, de-duping, and virtualization. Rounding out the Top Ten were Web 2.0, versioning, word clouds, and petaflop. The most confusing Acronym for 2008 was SaaS (software as a service).

Paul JJ Payack, president of the Global Language Monitor, said “The words we use in high technology continue to become even more obtuse even as they move out of the realm of jargon and into the language at large.”

The Most Confusing Yet Frequently Cited High Tech Words of 2008 with Commentary follow:

· Cloud Computing – Distributing or accessing programs and services across the Internet. (The Internet is represented as a cloud.)

· Green washing – Repositioning your product so that its shortfalls are now positioned as environmental benefits: Not enough power? Just re-position as energy-saving.

· Buzzword Compliant — Including the latest buzzwords in literature about a product or service in order to make it ‘resonate’ with the customer.

· Resonate – Not the tendency of a system to oscillate at maximum amplitude, but the ability to relate to (or resonate with) a customer’s desires.

· De-duping – shorthand for de-duplication, that is, removing redundant data from a system.

· Virtualization – Around since dinosaurs walked the planet (the late ‘70s) virtualization now applies to everything from infrastructures to I/O.

· Web 2.0 – Now there’s talk of Web 3.0, just when we were finally getting used to Web 2.0.

· Versioning – Creating new revisions (or versions) with fewer bugs and more features.

· Word Clouds – Graphic representations of the words used in a text, the more frequently used, the larger the representation.

· Petaflop – A thousand trillion (or quadrillion) floating point operations per second Often mistaken as a comment on the environmental group.

The Most Confusing Yet Frequently Cited Acronym for 2008: SaaS — software-as-as-service to be differentiated, of course, from PaaS (platforms as a service) and IaaS (Infrastructure-as-a-service).

Others words under consideration include the ever popular yet amorphous ‘solution’, 3G and SEO.

In 2007 IPOD, Flash, Cookie, Nano and Cookie lead the list with SOA as the most confusing acronym

In 2005, HTTP, VoIP, Megapixel, Plasma, & WORM were the leading buzzwords.

The analysis was completed using GLM’s Predictive Quantities Indicator (PQI), the proprietary algorithm that tracks words and phrases in the media and on the Internet. The words are tracked in relation to frequency, contextual usage and appearance in global media outlets. This analysis was performed earlier this month.


Posted in Pakistan & IT

Pakistani techies stealing European credit card data

European law-enforcement officials have uncovered a highly-sophisticated credit-card fraud that funnels account data to Pakistan from hundreds of grocery-store card machines across Europe, the Wall Street Journal reported quoting the US intelligence officials and other people familiar with the case.

Specialists say the theft technology is the most advanced they have seen, and a person close to the British law enforcement said it affected big retailers, including a British unit of Wal-Mart Stores Inc and Tesco Ltd.

The account data have been used to make repeated bank withdrawals and Internet purchases, such as airline tickets, in several countries, including the US. Investigators haven’t pinpointed the culprits. Early estimates of the losses range of $50 million to $100 million, but the figure could grow, said the person close to the British law enforcement.

The scheme uses untraceable devices inserted into credit-card readers that were made in China. The devices selectively send account data through a wireless connection to computer servers in Lahore and constantly change the pattern of theft, so it is hard to detect, officials say.

“Pretty small but intelligent criminal organisations are pulling off transnational, multi-continent heists that only a foreign intelligence service would have been able to do a few years ago,” said Joel F Brenner, the US government’s top counter-intelligence officer. The US intelligence officials, including senior National Security Agency officials, are monitoring the case in part because of ties with Pakistan. The scheme comes on the heels of the August indictment of a fraud ring that stole more than 40 million credit-card numbers from the US companies, including TJX Cos, the parent company of the TJ Maxx.

In March, the security officials at the MasterCard Inc saw a pattern of potential fraud in northern England. Meanwhile, a security guard at a UK grocery store noticed suspicious statistics on his cell phone and alerted authorities. The Scotland Yard learned of the report and eventually connected it with the warning from the MasterCard, according to the person close to the British law enforcement. Examining the store’s credit-card readers, investigators discovered a high-tech bug tucked behind the motherboard. It was a small card containing wireless communication technology.

The bug would read an individual’s card number and the corresponding personal identification number, then package and store the data. The device would call a number in Lahore once a day to upload the data to the servers there and obtain instructions on what to steal next.

A MasterCard spokesman declined to discuss details of the case but said safeguarding the financial information was a top priority for the company. There is no obvious visual indication that a machine has been altered, but those with the bugs weigh about four ounces more. For the past several months, teams of investigators have been weighing thousands of machines across Europe with a precision scale.

So far, investigators have found hundreds of machines in five countries: Britain, Ireland, Belgium, the Netherlands and Denmark. They have turned up at European grocery chains, including Asda, which is owned by Wal-Mart; Tesco; and J Sainsbury PLC, according to the person close to the British law enforcement.

A spokeswoman for Asda said: “It’s subject to a police investigation, so we can’t comment.” A spokeswoman for the Sainsbury denied its stores were hit by the scheme. A spokeswoman for the Tesco said: “We’re aware that this was an issue for retailers.” She said the Tesco tested its devices and was confident that they were secure now.

The device can be told to copy certain types of transactions — for example, five Visa platinum cards or every tenth transaction. It can also be instructed to go dormant to evade detection. On average, only five to 10 card numbers would be phoned in to Pakistan, the person close to the British law enforcement said.

Source : News