Passed ITIL OSA - here are my study notes

roryhiltonroryhilton Posts: 4Registered Users ■□□□□□□□□□
Before I sat my exam I came to this forum to look for something - anything - that might give me an edge. There wasn't much beyond sage advice - study, do practise exams, etc.

I said to myself - if I pass I will upload my study notes - those taken during my 5 days course. Not exhaustive by any stretch - but some of the tips *may* just help one of you and, if so, my job here is done. :)

PLease - I haven't really spell checked this, or polished in any way. Take it as it is or move on. I'm just trying to help.

Yeah, I passed. :)

ITIL OSA - Exam tips:
  • best answer will show value to customer and you liaised with business
  • You are a manager - not details, choose the higher level answer - avoid weekends, hard dates requirements if asked in question.
  • Mary? Joe? Peter? - who is suited to which role
  • Numbers are not important - what is the data telling us about which itil process
  • Core concept for the question - what process before delving too deep into question
  • Keep answer within context of service operation. value to business
  • Identify what the question is after
  • May have RACI model.
    • Must have 1xA for each row and no more than 1
    • Must have at least 1xR for each row
    • Not too many R's (inefficient)
  • Review critical success factor -see handout. Don't mixup service desk KPI's with other - request, incident.
  • If asking about function, answer in function. If asking about sla's for request don't get involved in OLA's with SDESK
  • Look for VALUE
  • IGNORE technology
  • REVIEW KPI's for
    • incident
    • Request
    • Problem
    • Service desk
  • High level thinking - mgt not tech
  • Tech mgt and app mgt - involved in design and kedb
  • Tech and app mgt - KEDB and training assisting SDESK. Means more incidents are solved at 1st level
  • Tech and app - capacity and availability mgt
  • Warning - don't conduct skills inventory or training needs analysis
  • Good - relationship between data
  • Review existing process is good - look out for procedures
  • Buy in for data team important for monitoring
  • Pin-point what the key issue is in the question - pick the answer that best addresses that issue

  • Value
  • Customer
  • Agree
  • Scope
  • Magnitude
  • Process better than procedures
  • Relationship
  • Communication
  • Capability

  • Some, all, none, every
  • Best, main
  • Padding
  • Numbers and stats
  • Costs
  • Case-by-case
  • Too tech specific


- a service is a self-contained bubble
Understand core concepts of each process
•·Incident (restore) vs problem (fix root cause)
•Incident (unplanned outage) vs request (planned fulfillment)
•Request (std change) vs change (normal change)
•Event (detect, make sense, action) vs incident (restore asap)

RACI responsible, accountable, consulted, informed

Personality types suit some roles
•·inc: quick, resolve fast
•prob: detailed, thorough
•chg: resilient, water off a duck back, not afraid to disappoint people
•SDesk: quick learning, customer focused

RE-familiarise where other process are in itil - DESIGN: avail, capacity. STRATEGY: SLA, etc, etc

SWOT Strength, Weaknesses, Opportunities, Threats

|. SLA (SLA) - MTTR Important
SLM / \ supplier mgt
(OLA) | \ Underpinning CONTRACT
- incident KPI's. - 3rd level support
- Service Desk KPI's
- Level 2 support KPI's

Strategy Creates Value (outcomes, preferences, perception)
| (Output / Requirements [utility/warranty]
Design Defines (resources and capability)
| Service Design Package
| PPPP People, Process, Product, Partners
| Information, Metrics, Architecture, Process, Solution (IMAPS)
Transition - Deliver
| Service (Puts Service into Operation)
Operation Runs the Service. Value Perceived/realised

Measure, Manage & Control
  • Business
  • Service
  • Process
  • Component / Technology

Incident Symptom
Problem Cause

•·Local is expensive, can have communication issues. Each site has local service desk
•Central - Service desk in one location. ie. 24x7 shifts if required.
•Virtual - Series of connected service desks in disparate locations
•Follow the Sun - Geographically dispersed, staff work normal day shifts for their timezone, need standard processes, tasks, handover

Service Desk can contain specialised groups (ie. custom apps, Video Conferencing SME's)

Super Users - not in service desk but in business. Can help speed up incidents. Issues are loss of visibility of incidents can occur if incidents raised direct to Super Users are not raised in ITSM tool - no stats captured for reporting, true situation not exposed. Measuring Service Desk - Surveys (exam) Pro's and Con's.


•·To provide the channel for customers to request and receive standard services
•Provide information about Services - and how to obtain them
•Deliver Standard Service Components (licences, s/w media, etc)
•General Information , Complains or comments
•Are PLANNED. (incidents are unplanned)
Tightly aligned to Incident process

•·Reduces bureaucracy,
•reduces cost of providing services
•·Predefined workflowSingle point of contact
•All requests need to be authorised before Actioning (some may be pre-approved, other the Sdesk will need to chase)
•Prioritised in alignment to business functions
Types - users can request:
•·Info or advice
•A standard change
•Access to an IT Service
Uses pre-defined steps or workflow
•·Can use a menu selection (tool, self-help, shopping cart).
•In the tool, expectations can be set by automatically providing delivery/implementation SLA's to the customer
•Users can view their request status (tracking)
Some requests handled by Service DEsk, others by specialist groups
Request Management Process steps
1..Receive Request
2.Logging and Validation (timestamp, etc)
8.Closure (Service desk confirm with customer)
9.Re-open request
(Exam - slide 61 & 62)


Strong Links to Availability Mgt and Security Mgt and HR

Process granting authorised users the right to use a Service and preventing unauthorised users
Manage and Protect assets/data/information/services - C.I.A.
•·C - Confidentiality
• I - Integrity
• A - Availability

All requests should be authorised before actioning (ie. Service desk review authorisation has been done, but do not chase it up themselves)

Access Mgt
•·should log and track access to ensure rights are being appropriately used.
•Align to a change of status of personnel
•Track history of who accessed or tried to access
Key Concepts:
•·Access - Level/extent of functionality/data user entitled to use
•Identity - users must be unique
•Rights - Privileges / Access granted to access the services
•Service Groups - Access to Several Services granted at same time
•Directory Services - Tools used to manage (AD)
•Role Conflict - Risk increases in conflict with # of roles and groups defined.
Refer appendix 15 - figure 4.9 and slide 70
Access MGT steps
2.Verification (they are who they say they are)
3.Provide rights
4.monitor identity status
5.logging and tracking
6.remove / restrict rights
Access MGT has interface with HR - very important to get rights correct
Access MGT has interface with Change Management

Information Mgt - Identity, Roles and Groups for easier management. User profile, user template, role.

Security and HR very close to Access mgt.

Access mgt only executes security policy - does not define.

  • Security defines who gets access to what.
  • HR provides list of roles and rights to access mgt.
  • Access mgt puts group and access together and maintains it.


Multiple functions and processes connect to Event Mgt
Change of state of a CI that has significance to someone
  • Detect events
  • make sense of the events (through filtering and correlation)
  • Determine appropriate control action
Correlation = rules, if...then
early warning for incident detection, therefore minimise potential business impact
•·Password lockout after 4 attempts = event mgt
•Cleaning log files / detecting low disk space
Event Mgt - Focus on generating and detecting meaningful notification about status of IT infrastructure and services
Monitoring - Key requirement for event mgt, also seeks other conditions that do not generate events

•·Configuration items,
•Environmental factors (heat, door, etc),
•S/w Licensing,
•security (intrusion detection),
•Server or Application utilisation, etc.
•·24x7 (save $'s and need for real tie people monitoring)
•Feed Availability / Capacity processes
•Efficiency - staff for other activities
•greater customer satisfaction
•·Notification -> responsibility for handling
•centralise where possible
•common messaging
Event: A change of State
ALert: A warning that a threshold has been reached
Auto-Response: automated recovery (restart service, auto reboot, etc)

Status change with significance
THRESHOLD - required for correlation.
  • Information (no threshold)
  • Warning - not yet reached threshold. <threshold
  • Exception - passed threshold => threshold
Into: correlation which is fed by rules

Warning - can trigger automatic response that can prevent an incident.

Key concepts - slide 87

2.Error messaging
3.Event detection and alert mechanism
4.Identification or thresholds
Event Mgt implements thresholds - but does not SET them. Inc, Prob, etc do.

Activities - pg 93 and figure 4.2

Event Management creates the Policy but up to each function (Service desk, IT Ops Mgt, App Mgt, etc) to maintain.
  • Event occurs
  • Event notification
  • Event detection
  • Event logged
  • First level correlation
  • Significance. informational, warning, exception
  • second level correlation
  • Further action
  • Response selection - incident problem change
  • Review
  • Close


An unplanned interruption to an IT service or Reduction Or Quality of a service
Failure of a CI that has not yet interrupted service is also a incident

Business Value:
  • Reduce unplanned labour and cost
  • Alignment - IT aligned to business priorities
  • Improvements - helps identify potential Service Improvements
  • Service Desk - additional training or service required

Incident Model
  • predefined steps for Standard Incident
  • Contains
    • Step to handle incident
    • Dependencies and co-processing requirement
    • roles and responsibilities
    • Timescale, threshold, and escalation procedures
    • Any necessary evidence preservation activities

  • Identification - call to SDESK
  • Logging - capture incident (summary, date, unique ID, where)
  • Categorisation - useful for trending, Network/telephony/handset. May help with in articles and sending job to right resolver.
  • Prioritisation - impact and urgency = priority. Dictates response and resolution time, if major incident execute Major incident procedure
  • Diagnosis - gather full symptoms, try to resolve, advise user if clarification or escalation required
  • Escalation - functional escalation (sdesk to 2nd level to Vendor), Hierarchical (for Comms, approval)
  • Investigation and diagnosis. - further detailed analysis and determination of cause. Search for answers.
  • Resolution and recovery - apply and test potential solution. User, SDESK, specialist, third party all could be involved. Pass back to SDESK for closure
  • Closure - check the customer is happy


The unknown cause of one or more incidents

  • : to prevent problems and resulting incidents from occurring
  • To eliminate recurring incident
  • To minimise the impact of incidents that can't be prevented

  • Reactive - respond to incidents
  • Proactive - Trend analysis

Aligned to incident and change processes

Value: lower expenditure or workarounds
Lower cost/effort in fire fighting or resolving repeat incidents

workaround - no resolution yet but do A,B,C in the meantime
Known error - may come from release notes or transition

Pain value analysis - #incidents x duration x severity x cost x weighting factor

Techniques - Ishikawa, Pareto, kroner Trevor

  • Detect
  • Log
  • Categorise
  • Prioritise
  • Investigate and diagnose
  • Workaround - known error (change)
  • Problem resolution
  • Closure
  • Major problem?

Incident matching is a part of Incident process - not problem - but feeds into problem

Interfaces with : incidents, service desk, release, change, config, service continuity, availability, capacity, sla, finance

  • Problem mgt does not close incident.

PERFORM DAY TO DAY FUNCTIONS - maintain status quo
Baby sitting the hardware

ops control
  • Console mgt (central observation & monitoring
  • Job scheduling (mgt of routine batch jobs)
  • Backup and restore
  • Print and output
  • Maint activities

Facilities mgt
  • Manage data centres
  • Power cooling
  • Large scale consolidation
  • Mgt of outsourcing contracts

How to run backup, restore, label tape, tape mgt - but don't need to know about oracle

  • Custodian of all technical knowledge and expertise - IT INFRASTRUCTURE
  • Obj: help plan implement and maintain technical infrastructure not support in
    • Well designed technical topology
    • Better skills
    • Diagnose and resolve technical failures

custodian of all technical knowledge and expertise - IT APPLICATION

  1. MoSCoW a
    1. Must have
    2. should have
    3. Could have
    4. Won't have

  1. Requirements
  2. Identify products
  3. Selection criteria
  4. Evaluate
  5. Short list
  6. Scoping
  7. Rank
  8. Select products


  • Claire AgutterClaire Agutter Posts: 743Member ■■■■■■□□□□
    Congratulations Rory! And thanks for sharing your notes, there is some great information there.

  • krasalkrasal Posts: 3Registered Users ■□□□□□□□□□
    Congrats Rory. Did you use any particular practice exams. I'm planning to give my exam in a 10 days time. But can't find any practice exams for OSA.

  • roryhiltonroryhilton Posts: 4Registered Users ■□□□□□□□□□
    Yes, I did my course through a training company and they provided two practice exams.

    Try these two: ITIL® 2011 Operational Support & Analysis (OSA)

    good luck,

  • mahrobmahrob Posts: 4Registered Users ■□□□□□□□□□
    I consulted your noted just before the exam, and it helped me a lot in a swift revision. I passed my OSA exam today. Thank you, thank you, thank you!!

    If you have something similar for SOA or PPO, that would be awesome!

  • roryhiltonroryhilton Posts: 4Registered Users ■□□□□□□□□□
    Congrats on passing, Mahrob.

    no, sorry, I don't have any notes - I've only done fundamentals and OSA so far.

    You should be duty bound to write up your study notes and share them here once you're done. Agreed?
  • mahrobmahrob Posts: 4Registered Users ■□□□□□□□□□
    Apologies for the really late reply, got caught up in holidays and post holidays work!

    For the sake of sharing, I passed my PPO exam, but I am not too ecstatic about it as my passing score was 29. I think I could have covered more ground before taking the exam, which I didn't. I was under prepared, period.

    Regarding the notes, I wish I was as organized as you to write down notes! It has been a long habit (and a bad one, I know) to not scribe any notes, I just study in bulk and try to retain stuff in my memory. I am working on rectifying this process!

    My only advise in case of PPO exam is a bit generic one, read as much as possible and solve sample exams. But I would also advise not to take this as your 1st intermediate exam as it could be very intimidating and challenging for first timers. Areas to focus will be ITSCM, Capacity, Security and roles and responsibilities. Availability do make up most of the scenarios, so that should be concentrated on as well.

    My last intermediate exam will be SOA and after that the big one, MALC!

    Wishing good luck to all fellows!

  • impelseimpelse Posts: 1,226Member ■■■■□□□□□□

    Computer Support Houston Area:
  • flipflop4567flipflop4567 Posts: 15Member ■□□□□□□□□□
    I am in ITIL OSA class now, I kept my notes from Foundation but it's more for review/refresher. I review my notes every night and the sample scenarios to get a grip on what the test will be like. Any buzz words or traps that the test tries to get you on? Your notes are helpful but each instructor presents material different. All in all, thanks for your contributions period! Not sure my future with ITIL but I may stick it out.
  • ccnpninjaccnpninja Senior Member EuropePosts: 1,008Member ■■■□□□□□□□
    Congrats and thanks for posting your notes.
    من طلب عزائم الأمور ، هان عليه بذل النفس فيها - محمد إبن ابي عامر
  • noman007noman007 Posts: 2Registered Users ■□□□□□□□□□
    ccnpninja wrote: »
    Congrats and thanks for posting your notes.

    Please give me advice and share note for ITIL OSA exam.. i am planning to give exam soon..
    Share notes, question answer, test sites etc...

    RORY - could you please share practice test for exam.
  • jensmith592jensmith592 Posts: 23Member ■□□□□□□□□□
    Thanks for the write up
  • Liz GallacherLiz Gallacher Posts: 107Member
    noman007 wrote: »
    Please give me advice and share note for ITIL OSA exam.. i am planning to give exam soon..
    Share notes, question answer, test sites etc...

    RORY - could you please share practice test for exam.
    You have to attend an accredited cours - classroom or distance learning. Your training company will provide you with the only official mock exams
  • roryhiltonroryhilton Posts: 4Registered Users ■□□□□□□□□□
    looks like the link to the exams (further up) is now 404. So, as Liz suggests, attend a course and you'll be cherry ripe. Good luck,

  • akapowaakapowa Posts: 8Member ■□□□□□□□□□

    Could you please give an example of questions & answers in the exam ?

    Thank you !
  • Liz GallacherLiz Gallacher Posts: 107Member
    As stated above, you need o attend a course - elearning or classroom, and explaining the exam is part of that course. Each question and possible answers takes up about 2 sides of A4, so unless people have memorised it, it would be imposible
  • JohnRutanJohnRutan Posts: 1Registered Users ■□□□□□□□□□
    In addition to the training from Gogotraining, reading the ITIL Service Operation 2011 book and your notes, I passed my exam on Friday -- thank-you very much!
  • Claire AgutterClaire Agutter Posts: 743Member ■■■■■■□□□□
    Congratulations John!
  • csahacsaha Posts: 39Member ■■□□□□□□□□
    Definitely helpful ... I passed OSA today and this was really helpful. Thanks
  • Claire AgutterClaire Agutter Posts: 743Member ■■■■■■□□□□
    Congratulations csaha! Are you going for ITIL Expert?
  • Cerebro 2.0Cerebro 2.0 Posts: 24Member ■□□□□□□□□□
    Thanks for the notes :)
    ITIL SO [In progress]
    Prince 2 Foundation [In progress]
  • DAVIS NGUYENDAVIS NGUYEN Posts: 1,472Member ■■■□□□□□□□
  • csahacsaha Posts: 39Member ■■□□□□□□□□
    Congratulations csaha! Are you going for ITIL Expert?

    Yes. Thats what the plan is ... I am planning PPO next week and then I am elligible for the Expert Training & Exam.

    Thanks for the support.
  • Claire AgutterClaire Agutter Posts: 743Member ■■■■■■□□□□
    Good luck with your PPO test icon_smile.gif
  • sajusajidsajusajid Posts: 2Registered Users ■□□□□□□□□□
    Hey mahrob,

    Me too going for PPO, i have done my OSA exam and passed with 30 grade ..thanks to rory hilton... Do you have any notes or ebooks of PPO.. ?
  • AyoubMejriAyoubMejri Posts: 1Registered Users ■□□□□□□□□□
    Hi freinds,
    I have already the ITIL F certification,
    I would like to pass ITIL OSA, Can any one help me with courses and exam samples
    thanks a lot
  • genxfinalrevisiongenxfinalrevision Posts: 37Member ■■□□□□□□□□
    Congrats and good luck, Ayoub. I read the SO guidance before starting to focus in on the OSA requirements. It seemed to help me (but my plan was to take both SO and OSA). The handbook was good for drilling into the OSA topics.
  • technogoattechnogoat Posts: 73Member ■■□□□□□□□□
    bookmarking this thread
  • sagwifesagwife Posts: 1Registered Users ■□□□□□□□□□
    hi Rory

    do you mind posting the practice exams again? I tried opening the link but I failed,
Sign In or Register to comment.