U
p
d
a
t
e
P
a
s
s
b
o
o
k
W
I
N
N
T
K
B
A
N
K
N
E
T
D
a
t
a
W
a
r
e
h
o
u
s
e
B
r
a
n
c
h
S
e
r
v
e
r
H
Q
M
S
O
f
f
ic
e
2
O
O
O
A
p
p
-
N
o
n
P
C
B
r
o
w
s
e
r
M
a
g
n
e
t
ic
S
t
r
ip
L
o
t
u
s
N
o
t
e
s
D
B
K
-
C
y
b
e
r
B
a
n
k
in
g
N
o
t
e
b
o
o
k
C
D
M
L
P
M
I
n
t
e
r
n
e
t
B
a
n
k
in
O
S
/
2
M
F
A
M
R
A
V
lin
k
C
a
r
d
L
in
k
B
r
a
n
c
h
A
p
p
.
S
t
a
t
e
m
e
n
t
W
I
N
X
P
A
n
t
i
V
ir
u
s
C
M
A
S L
I
C
I
S
L
o
t
u
s
N
o
t
e
s
S
e
r
v
e
M
S
O
f
f
ic
e
9
7
I
n
f
o
C
e
n
t
r
ix
C
T
S
c
a
n
n
e
r
T
r
a
n
s
a
c
t
B
P
B
a
n
k
R
e
f
e
r
e
n
c
e
H
o
s
t
o
n
D
e
m
a
n
d
C
a
s
h
C
o
n
n
e
c
t
C
a
s
h
A
d
m
in
.
o
n
W
e
D
C
S
D
M
S
H
o
m
e
B
a
n
k
in
g
C
T
R
P
e
o
p
le
S
o
f
t
F
C
D
S
S
M
M
W
I
N
9
8
B
a
r
C
o
d
e
F
I
C
S
F
X
o
n
w
e
b
B
ill
P
a
y
m
e
n
t
E
D
W
S
A
F
E
C
A
T
C
T
D
(
E
-
R
e
p
o
r
t
)
K
-
P
-
G
a
t
e
w
a
y
C
I
P
S
I
B
M
-
E
O
S
B
r
A
p
p
-
R
e
F
in
.
A
c
c
e
p
t
.
C
e
r
.
R
O
S
S
C
A
e
-
B
o
o
t
h
K
-
B
iz
N
e
t
N
A
V
(
P
C
)
S
Q
C
u
r
r
e
n
t
I
B
I
V
R
P
u
s
h
I
n
f
o
.
D
e
lS
y
B
L
E
n
t
r
y
L
M
S
-
R
e
p
o
r
t
M
g
n
.
P
r
in
t
S
e
r
v
e
r
C
a
ll
C
e
n
t
e
r
E
B
P
P
P
A
S
a
v
in
g
A
c
c
o
u
n
t
S
h
a
r
e
S
e
r
v
e
r
T
r
a
n
s
a
c
t
C
C
&
C
L
L
o
a
n
R
e
v
ie
w
(
H
o
s
t
M
I
S
E
x
im
b
ills
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
FIGURE A-2 A Pareto histogram of keywords extracted from the incident dataset
83
A-3 Evaluation Results of Id3 Decision Tree Method
The evaluation results of Id3 decision tree method based on the Testing
documents of 4,909 records.
=== Run information ===
Scheme: weka.classifiers.trees.Id3
Relation: ID3- based Automatic Resolver Group Assignment
Instances: 4909
Attributes:
Anti-Virus
App-NonPC K-Cyber-Banking
ATM K-P-Gateway
Bank-Reference LI
Bar-Code LMS-Report-Mgn.
Bill-Payment LoanReview(Host
BL-Entry Lotus-Notes-DB
Br-App-Re LotusNoteCitrix
Branch LotusNotesClien
Branch-App. LotusNotesServe
Browser LPM
CA Magnetic-Strip
Call-Center MFA-MRA
CardLink MIS
Cash-Connect MS-Office-2OOO
CashAdmin.on-We MS-Office-97
CAT NAV-(PC)
CDM Notebook
CIPS OS/2
CIS PA
CMAS PeopleSoft
CTD-(E-Report) Personal-Comp.
CTR Print-Server
Current Printer
Data-Warehouse Push-Info.DelSy
DCS ROSS
DMS SAFE
e-Booth Saving-Account
EBPP Scanner
EDW Server
FCD Share-Server
FICS SQ
Fin.Accept.Cer. SSMM
FX-on-web Statement
Home-Banking Transact-BP
Host-on-Demand Transact-CC&CL
HQ Update-Passbook
IB Vlink
IBM-EOS WAN
Info-Centrix-CT WIN-2000
Internet-Bankin WIN-98
IVR WIN-NT
KBANKNET WIN-XP
K-BizNet Electrical-Supply
Assign-Group
Test mode: 10-fold cross-validation
=== Classifier model (full training set) ===
Id3
ATM = 0
84
| WAN = 0
| | Electrical-Supply = 0
| | | Update-Passbook = 0
| | | | Printer = 0
| | | | | Data-Warehouse = 0
| | | | | | LotusNoteCitrix = 0
| | | | | | | Personal-Comp. = 0
| | | | | | | | WIN-2000 = 0
| | | | | | | | | Branch = 0
| | | | | | | | | | CDM = 0
| | | | | | | | | | | Internet-Bankin = 0
| | | | | | | | | | | | LotusNotesClien = 0
| | | | | | | | | | | | | K-Cyber-Banking = 0
| | | | | | | | | | | | | | CTR = 0
| | | | | | | | | | | | | | | CardLink = 0
| | | | | | | | | | | | | | | | Home-Banking = 0
| | | | | | | | | | | | | | | | | IB = 0
| | | | | | | | | | | | | | | | | | WIN-NT = 0
| | | | | | | | | | | | | | | | | | | HQ = 0
| | | | | | | | | | | | | | | | | | | | Server = 0
| | | | | | | | | | | | | | | | | | | | | KBANKNET = 0
| | | | | | | | | | | | | | | | | | | | | | Browser = 0
| | | | | | | | | | | | | | | | | | | | | | | CAT = 0
| | | | | | | | | | | | | | | | | | | | | | | | SSMM = 0
| | | | | | | | | | | | | | | | | | | | | | | | | K-P-Gateway = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | DMS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | MS-Office-2OOO = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | FCD = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | SAFE = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EDW = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FICS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ROSS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LPM = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CIPS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EBPP = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FX-on-web = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PeopleSoft = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Vlink = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bill-Payment = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BL-Entry = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CA = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CIS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CMAS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cash-Connect = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DCS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IVR = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LMS-Report-Mgn. = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MIS = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CashAdmin.on-We = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PA = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Push-Info.DelSy = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Saving-Account = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MFA-MRA = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Magnetic-Strip = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | App-NonPC = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Lotus-Notes-DB = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Notebook = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WIN-XP = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Anti-Virus = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OS/2 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Scanner = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MS-Office-97 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bank-Reference = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LotusNotesServe = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Host-on-Demand = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Statement = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LI = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CTD-(E-Report) = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Transact-BP = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fin.Accept.Cer. = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bar-Code = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NAV-(PC) = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WIN-98 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Br-App-Re = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e-Booth = 0: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e-Booth = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Br-App-Re = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WIN-98 = 1: NWS
85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | NAV-(PC) = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bar-Code = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fin.Accept.Cer. = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Transact-BP = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CTD-(E-Report) = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LI = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Statement = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Host-on-Demand = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LotusNotesServe = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bank-Reference = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MS-Office-97 = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Scanner = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OS/2 = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Anti-Virus = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | WIN-XP = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Notebook = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Lotus-Notes-DB = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | App-NonPC = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Magnetic-Strip = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MFA-MRA = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Saving-Account = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Push-Info.DelSy = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PA = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CashAdmin.on-We = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | MIS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LMS-Report-Mgn. = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | IVR = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | DCS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cash-Connect = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CMAS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CIS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CA = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | BL-Entry = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bill-Payment = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Vlink = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | PeopleSoft = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FX-on-web = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EBPP = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CIPS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | LPM = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ROSS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FICS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EDW = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | SAFE = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | FCD = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | MS-Office-2OOO = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | DMS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | K-P-Gateway = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | | | SSMM = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | | CAT = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | Browser = 1: NWS
| | | | | | | | | | | | | | | | | | | | | KBANKNET = 1: NWS
| | | | | | | | | | | | | | | | | | | | Server = 1
| | | | | | | | | | | | | | | | | | | | | Print-Server = 0
| | | | | | | | | | | | | | | | | | | | | | Share-Server = 0: NWS
| | | | | | | | | | | | | | | | | | | | | | Share-Server = 1: EOS
| | | | | | | | | | | | | | | | | | | | | Print-Server = 1: EOS
| | | | | | | | | | | | | | | | | | | HQ = 1: NWS
| | | | | | | | | | | | | | | | | | WIN-NT = 1: NWS
| | | | | | | | | | | | | | | | | IB = 1: EOS
| | | | | | | | | | | | | | | | Home-Banking = 1: EOS
| | | | | | | | | | | | | | | CardLink = 1: VEN
| | | | | | | | | | | | | | CTR = 1: EOS
| | | | | | | | | | | | | K-Cyber-Banking = 1: EOS
| | | | | | | | | | | | LotusNotesClien = 1: NWS
| | | | | | | | | | | Internet-Bankin = 1: EOS
| | | | | | | | | | CDM = 1: OS-EC
| | | | | | | | | Branch = 1
| | | | | | | | | | Branch-App. = 0: NWS
| | | | | | | | | | Branch-App. = 1: IE-AMS
| | | | | | | | WIN-2000 = 1: NWS
| | | | | | | Personal-Comp. = 1: NWS
| | | | | | LotusNoteCitrix = 1: NWS
| | | | | Data-Warehouse = 1: IE-AMS
| | | | Printer = 1: NWS
| | | Update-Passbook = 1: VEN
| | Electrical-Supply = 1: OS-EC
| WAN = 1: VEN
86
ATM = 1: OS-EC
Time taken to build model: 1.57 seconds
=== Stratified cross-validation ===
=== Summary ===
Correctly Classified Instances 4567 93.0332 %
Incorrectly Classified Instances 342 6.9668 %
Kappa statistic 0.8668
K&B Relative Info Score 404071.9478 %
K&B Information Score 6120.7864 bits 1.2468 bits/instance
Class complexity | order 0 7425.008 bits 1.5125 bits/instance
Class complexity | scheme 11293.8523 bits 2.3006 bits/instance
Complexity improvement (Sf) -3868.8443 bits -0.7881 bits/instance
Mean absolute error 0.0456
Root mean squared error 0.1526
Relative absolute error 20.9496 %
Root relative squared error 46.2673 %
Total Number of Instances 4909
=== Detailed Accuracy By Class ===
TP Rate FP Rate Precision Recall F-Measure Class
0.324 0.003 0.759 0.324 0.454 EOS
0.866 0.003 0.88 0.866 0.873 IE-AMS
0.99 0.129 0.93 0.99 0.959 NWS
0.884 0.01 0.961 0.884 0.921 OS-EC
0.837 0.01 0.91 0.837 0.872 VEN
=== Confusion Matrix ===
a b c d e <-- classified as
44 3 89 0 0 | a = EOS
10 110 7 0 0 | b = IE-AMS
0 9 3074 0 21 | c = NWS
4 3 89 903 22 | d = OS-EC
0 0 48 37 436 | e = VEN
87
A-4 An Extended Part of ID3 Decision Tree Results
Figure A-3 shows an extended part of ID3 decision tree results.
FIGURE A-3 An Extended Part of ID3 Decision Tree
A-5 A Sample of ID3-Based Generating Rules
Figure A-4 shows a sample of ID3-based generating rules.
Class
KW1 KW2 KW3 KW4 KW5 KW6 KW7 KW8 KW9 KW10 KW11 KW12 --- Assign Groups
ATM WAN E-Supply Passbook Printer D-WarehouLotusNote P-Comput Win2000 Branch Branch-Ap CDM
1 0 0 0 0 0 0 0 0 0 0 0 --- OS-EC
0 1 0 0 0 0 0 0 0 0 0 0 --- VEN
0 0 1 0 0 0 0 0 0 0 0 0 --- OS-EC
0 0 0 1 0 0 0 0 0 0 0 0 --- VEN
0 0 0 0 1 0 0 0 0 0 0 0 --- NWS
0 0 0 0 0 1 0 0 0 0 0 0 --- IE-AMS
0 0 0 0 0 0 1 0 0 0 0 0 --- NWS
0 0 0 0 0 0 0 1 0 0 0 0 --- NWS
0 0 0 0 0 0 0 0 1 0 0 0 --- NWS
0 0 0 0 0 0 0 0 0 1 1 0 --- IE-AMS
0 0 0 0 0 0 0 0 0 1 0 0 --- NWS
0 0 0 0 0 0 0 0 0 0 0 1 --- OS-EC
--- --- --- --- --- --- --- --- --- --- --- --- --- ---
Attributes
FIGURE A-4 A Sample of ID3-Based Pattern Kept in Knowledge Database
The IF-THEN Rules could be presented as in the following:
1. IF keyword (KW) = ATM THEN Assigned Group is OS-EC ELSE Go to 2,
2. IF keyword (KW) = WAN THEN Assigned Group is VEN ELSE Go to 3,
10. IF keyword (KW) = Branch AND Branch-App THEN Assigned Group is
IE-AMS ELSE Go to 11,
11. IF keyword (KW) = Branch THEN Assigned Group is NWS ELSE Go to 12,
12. IF keyword (KW) = CDM THEN Assigned Group is OS-EC ELSE Go to 13,
A T M = 0
| W A N = 0
| | E l e c t r i c a l - S u p p l y = 0
| | | U p d a t e - P a s s b o o k = 0
| | | | P r i n t e r = 0
| | | | | D a t a - W a r e h o u s e = 0
| | | | | | L o t u s N o t e C i t r i x = 0
| | | | | | | P e r s o n a l - C o m p . = 0
| | | | | | | | W I N - 2 0 0 0 = 0
| | | | | | | | | B r a n c h = 0
| | | | | | | | | | C D M = 0
| | | | | | | | | | | I n t e r n e t - B a n k i n = 0
| | | | | | | | | | | | L o t u s N o t e s C l i e n = 0
| | | | | | | | | | | | | K - C y b e r - B a n k i n g = 0
| | | | | | | | | | | | | | C T R = 0
| | | | | | | | | | | | | | | C a r d L i n k = 0
| | | | | | | | | | | | | | | | H o m e - B a n k i n g = 0
| | | | | | | | | | | | | | | | | I B = 0
| | | | | | | | | | | | | | | | | | W I N - N T = 0
| | | | | | | | | | | | | | | | | | | H Q = 0
| | | | | | | | | | | | | | | | | | | | S e r v e r = 0
| | | | | | | | | | | | | | | | | | | | | K B A N K N E T = 0
| | | | | | | | | | | | | | | | | | | | | | B r o w s e r = 0
| | | | | | | | | | | | | | | | | | | | | | | C A T = 0
| | | | | | | | | | | | | | | | | | | | | | | | S S M M = 0
| | | | | | | | | | | | | | | | | | | | | | | | | K - P - G a t e w a y = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | D M S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | M S - O f f i c e - 2 O O O = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | F C D = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | S A F E = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E D W = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F I C S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | R O S S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L P M = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C I P S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E B P P = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F X - o n - w e b = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P e o p l e S o f t = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | V l i n k = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B i l l - P a y m e n t = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B L - E n t r y = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C A = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C I S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C M A S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C a s h - C o n n e c t = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | D C S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I V R = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L M S - R e p o r t - M g n . = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M I S = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C a s h A d m i n . o n - W e = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P A = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P u s h - I n f o . D e l S y = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S a v i n g - A c c o u n t = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M F A - M R A = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M a g n e t i c - S t r i p = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A p p - N o n P C = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L o t u s - N o t e s - D B = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | N o t e b o o k = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | W I N - X P = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A n t i - V i r u s = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | O S / 2 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S c a n n e r = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M S - O f f i c e - 9 7 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B a n k - R e f e r e n c e = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L o t u s N o t e s S e r v e = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | H o s t - o n - D e m a n d = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S t a t e m e n t = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L I = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C T D - ( E - R e p o r t ) = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | T r a n s a c t - B P = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F i n . A c c e p t . C e r . = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B a r - C o d e = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | N A V - ( P C ) = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | W I N - 9 8 = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B r - A p p - R e = 0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e - B o o t h = 0 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e - B o o t h = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B r - A p p - R e = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | W I N - 9 8 = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | N A V - ( P C ) = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B a r - C o d e = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F i n . A c c e p t . C e r . = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | T r a n s a c t - B P = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C T D - ( E - R e p o r t ) = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L I = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S t a t e m e n t = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | H o s t - o n - D e m a n d = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L o t u s N o t e s S e r v e = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B a n k - R e f e r e n c e = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M S - O f f i c e - 9 7 = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S c a n n e r = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | O S / 2 = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A n t i - V i r u s = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | W I N - X P = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | N o t e b o o k = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L o t u s - N o t e s - D B = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A p p - N o n P C = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M a g n e t i c - S t r i p = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M F A - M R A = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | S a v i n g - A c c o u n t = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P u s h - I n f o . D e l S y = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P A = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C a s h A d m i n . o n - W e = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | M I S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L M S - R e p o r t - M g n . = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I V R = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | D C S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C a s h - C o n n e c t = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C M A S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C I S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C A = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B L - E n t r y = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | B i l l - P a y m e n t = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | V l i n k = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | P e o p l e S o f t = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F X - o n - w e b = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E B P P = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | C I P S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | L P M = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | R O S S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | F I C S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | E D W = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | S A F E = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | | F C D = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | | | M S - O f f i c e - 2 O O O = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | | | | | | D M S = 1 : I E - A M S
| | | | | | | | | | | | | | | | | | | | | | | | | K - P - G a t e w a y = 1 : V E N
| | | | | | | | | | | | | | | | | | | | | | | | S S M M = 1 : V E N
| | | | | | | | | | | | | | | | | | | | | | | C A T = 1 : V E N
| | | | | | | | | | | | | | | | | | | | | | B r o w s e r = 1 : N W S
| | | | | | | | | | | | | | | | | | | | | K B A N K N E T = 1 : N W S
| | | | | | | | | | | | | | | | | | | | S e r v e r = 1
| | | | | | | | | | | | | | | | | | | | | P r i n t - S e r v e r = 0
| | | | | | | | | | | | | | | | | | | | | | S h a r e - S e r v e r = 0 : N W S
| | | | | | | | | | | | | | | | | | | | | | S h a r e - S e r v e r = 1 : E O S
| | | | | | | | | | | | | | | | | | | | | P r i n t - S e r v e r = 1 : E O S
| | | | | | | | | | | | | | | | | | | H Q = 1 : N W S
| | | | | | | | | | | | | | | | | | W I N - N T = 1 : N W S
| | | | | | | | | | | | | | | | | I B = 1 : E O S
| | | | | | | | | | | | | | | | H o m e - B a n k i n g = 1 : E O S
| | | | | | | | | | | | | | | C a r d L i n k = 1 : V E N
| | | | | | | | | | | | | | C T R = 1 : E O S
| | | | | | | | | | | | | K - C y b e r - B a n k i n g = 1 : E O S
| | | | | | | | | | | | L o t u s N o t e s C l i e n = 1 : N W S
| | | | | | | | | | | I n t e r n e t - B a n k i n = 1 : E O S
| | | | | | | | | | C D M = 1 : O S - E C
| | | | | | | | | B r a n c h = 1
| | | | | | | | | | B r a n c h - A p p . = 0 : N W S
| | | | | | | | | | B r a n c h - A p p . = 1 : I E - A M S
| | | | | | | | W I N - 2 0 0 0 = 1 : N W S
| | | | | | | P e r s o n a l - C o m p . = 1 : N W S
| | | | | | L o t u s N o t e C i t r i x = 1 : N W S
| | | | | D a t a - W a r e h o u s e = 1 : I E - A M S
| | | | P r i n t e r = 1 : N W S
| | | U p d a t e - P a s s b o o k = 1 : V E N
| | E l e c t r i c a l - S u p p l y = 1 : O S - E C
| W A N = 1 : V E N
A T M = 1 : O S - E C
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FICS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | EDW = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | SAFE = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | | FCD = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | | | MS-Office-2OOO = 1: NWS
| | | | | | | | | | | | | | | | | | | | | | | | | | DMS = 1: IE-AMS
| | | | | | | | | | | | | | | | | | | | | | | | | K-P-Gatewa y = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | | | SSMM = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | | CAT = 1: VEN
| | | | | | | | | | | | | | | | | | | | | | Br owser = 1: NWS
| | | | | | | | | | | | | | | | | | | | | KBANKNET = 1: NWS
| | | | | | | | | | | | | | | | | | | | Server = 1
| | | | | | | | | | | | | | | | | | | | | Print-Ser ver = 0
| | | | | | | | | | | | | | | | | | | | | | Shar e-Server = 0: NWS
| | | | | | | | | | | | | | | | | | | | | | Shar e-Server = 1: EOS
| | | | | | | | | | | | | | | | | | | | | Print-Ser ver = 1: EOS
| | | | | | | | | | | | | | | | | | | HQ = 1: NWS
| | | | | | | | | | | | | | | | | | WIN-NT = 1: NWS
| | | | | | | | | | | | | | | | | IB = 1: EOS
| | | | | | | | | | | | | | | | Home-Banking = 1: EOS
| | | | | | | | | | | | | | | CardLink = 1: VEN
| | | | | | | | | | | | | | CTR = 1: EOS
| | | | | | | | | | | | | K-Cyber-Banking = 1: EOS
| | | | | | | | | | | | LotusNotesClien = 1: NWS
| | | | | | | | | | | Internet-Bankin = 1: EOS
| | | | | | | | | | CDM = 1: OS-EC
| | | | | | | | | Branch = 1
| | | | | | | | | | Br anch-App. = 0: NWS
| | | | | | | | | | Br anch-App. = 1: IE-AMS
| | | | | | | | WIN-2000 = 1: NWS
| | | | | | | Personal-Comp. = 1: NWS
| | | | | | LotusNoteCitrix = 1: NWS
| | | | | Data-Warehouse = 1: IE-AMS
| | | | Printer = 1: NWS
| | | Update-Passbook = 1: VEN
| | Electrical-Supply = 1: OS-EC
| WAN = 1: VEN
ATM = 1: OS-EC
APPENDIX B
ITIL-BASED KMRCA IT SERVICE DESK PROCESS
90
B-1 ITIL-Based Incident Management Process
The incident is any event that deviates from normal operation of a service and
that causes, or may cause, an interruption to, or a reduction in, the quality of that
service. The goal of the Incident Management is to recover standard service operation
as quickly as possible. It may be that because of incident analysis and resolution, the
incident cause is discovered. If this is not the case and if further investigation is
justified in respect of cost and effort, then the Problems Management process is
solicited and a problem record is raised. The process defines activities to investigate
the problem, which is defined as the unknown underlying cause of one or more
incidents. The status of the problem is transformed to known error when both the root
cause is known and a workaround or a permanent resolution has been identified.
The scope of the Incident Management process includes:
(a) Opening an incident record
(b) Updating the incident record throughout the process to reflect its status
(c) Assigning the incident to an incident resolver
(d) Analyzing the incident and performing incident determination
(e) Implementing a workaround or resolution for the incident to perform
recovery of the service
(f) Monitoring incident (request) queues to ensure that all incidents are
resolved within committed service levels and reprioritizing or reassigning or escalating
as necessary.
Note that during the implementation of the workaround or resolution for the
incident, the Incidents Management process is not directly responsible for the
implementation of the solution but it will monitor and record the progress and results
of the solution implementation.
(g) Updating the incident knowledge database to assist with future incident and
problem investigation and diagnosis
(h) Closing the incident record
(i) The Handle and Control Problems operational process has been called where
the root cause of the incident or problem has not been identified.
Figure B-1 shows the Incident Management Process Flow.
91
FIGURE B-1 IT Incident Management Process Flow
92
Narrative of Incident Management Process
The following Step 1 through Step 7 are performed by Banks help desk or
called FLS (first level support), and Step 8 through Step 31 are performed by IT
service desk outsourcing or called SLS (second level support), and the rest Steps are
performed by Resolver Groups or called TLS (third level support) as follows:
1. Open Incident Record Procedure
Refer to the Open Incident Record procedure to open an incident record for
the incident information.
1. Major Incident?
Based on Incident Policy has been defined that the incident severity 1 is the
Major incident. Follow the policy to determine if the incident is a major
incident.
(a) If it is Yes, proceed to Handle Major Incident Procedure.
(b) If it is No, proceed to IT Outsourcing Scope?
2. Handle Major Incident Procedure
Refer to the Handle Major Incident procedure to assign a major incident
owner to handle all required notifications and escalations.
3. IT Outsourcing Scope?
Determine whether the incident is IT incident and its description is in an IT
outsourcing scope, referring to the IT outsourcing contract.
(a) If it is Yes, proceed to Assign Incident to SLS Resolver.
(b) If it is No, proceed to Assign Incident to Bank Resolver.
4. Assign Incident to Bank Resolver
Assign a non-IT incident to Bank resolver.
Proceed to End.
5. Assign Incident to SLS Incident Resolver
Assign an IT Incident to SLS Resolver who is responsible for resolving IT
incidents of this type.
6. Update Incident Record with Current Status
Update the incident record to indicate that the incident has been assigned to
a SLS Resolver and is awaiting until the incident is closed.
93
7. Review Incident Record For Completeness
Review the incident record to ensure that its contents are complete
The incident information include:
(a) Incident ID
(b) When the incident opened (date and time)
(c) Identified incident severity (1, 2, 3, or 4)
(d) Incident status (open/ assign to/ resolving steps/ close)
(e) System, component, item failure
(f) Caller, Requester (name/ location/ contact no.)
(g) Incident descriptions
(h) SLS owner (who/ when )
(i) TLS owner (who/ when)
8. IT Outsourcing Scope ?
Check if the incident is in IT outsourcing scope.
(a) If it is Yes, proceed to Additional Information Needed.
(b) If it is No, proceed to Indicate Incident Type.
9. Indicate Incident Type
If the incident was initially wrong assigned due to the assigned wrong
scope and or wrong resolver, indicate the request type of the incident and, if
it is known the details of whom the incident most appropriate reassigned to
and request for reassignment.
10. Request for Reassignment
Request FLS to review the scope for the incident and reassign as the
provided reasons.
11. Additional Information Needed?
Determine if additional information is needed to complete the incident
record.
(a) If it is Yes, proceed to Contact Appropriate Parties to get More
Information.
(b) If it is No, proceed to Validate Initial Severity.
94
12. Validate Initial Severity
Refer to the defined severity based on policy; severity 1 is a critical
incident, severity 2 is a high incident, severity 3 is a normal incident, and
severity 4 is a low incident, validate the initially assigned severity
according to the severity policy.
13. Contact Appropriate Parties to get More Information
Contact the most appropriate parties to get more information. Policy should
dictate how many attempts or how long the incident resolver should spend
trying to obtain additional information before this becomes an issue.
14. Required Information Obtained?
Check if the parties were contacted if the required information is obtained.
(a) If it is Yes, proceed to Up date Incident Record with Any
Additional Information
(b) If it is No, proceed to Document Issue
15. Update Incident Record with Any Additional Information
Update the incident record with any additional information.
16. Document Issue
Document the issue when the required information do not receiving on time.
17. Perform Escalation
Handles escalations of issues associated with requests. SLS or personnel
may escalate request handling at any time by notifying to the higher level
of the contact party at that the issue was not resolved and document
unsuccessful resolution.
18. Issue Resolved?
Check if the issue is resolved.
(a) If it is Yes, proceed to Update Incident Record with Any
Additional Information
(b) If it is No, proceed to Close Incident?
19. Major Incident?
Determines the update incident is the major incident based on major incident
policy.
(a) If it is Yes, proceed to Handle Major Incident Procedure.
(b) If it is No, proceed to Perform Incident Analysis Procedure.
95
20. Handel Major Incident Procedure
Refer to the Handle Major Incident procedure. It needs to assign a Major
Incident owner who handles all required notifications and escalations the
request until the major incident is complete.
21. Perform Incident Analysis Procedure
Refer to the Incident Analysis procedure to gather all required information
about the incident and related incidents and to perform incident determination,
investigation and diagnosis activities.
22. TLS Required?
Determine to whether the TLS resolver groups are required to resolve the
assigned incident. The determination of resolver groups whom it should be
assigned to. In particular, compare the incident to the database of incident
records to determine if this is a repeat occurrence of a previous incident. It
may be more effective if the same resolver handles all related incidents.
(a) If it is Yes, proceed to Assign/ Reassign incident to Appropriate
Incident Resolver Group.
(b) If it is No, proceed to Attempt to Resolve Incident.
23. Attempt to Resolve Incident
Attempt to resolve the incident with SLS resolves skills and availability.
24. Knowledge-Based Required?
Determine if the Knowledge-based is requited to resolve the incident,
searching similar cases and getting their resolutions of the previous incident
in the knowledge database.
(a) If it is Yes, proceed to Search Required Information from
Knowledge-Based.
(b) If it is No, proceed to Perform incident Determination Procedure
25. Search Required Information from Knowledge-Based
The knowledge database is required to search the required information to
resolve the incident.
26. Perform Incident Determination Procedure
Refer to Perform Incident Procedure
96
27. Close Incident?
For an actual incident, determine if the incident should be closed due to the
lack of information required to proceed with resolution of the incident.
(a) If it is Yes, proceed to Inform Requester that Incident will be Closed
(b) If it is No, proceed to Take Incident Out of SLA Criteria
28. Take Incident Out of SLA Criteria
If the incident should not be closed due to lack of information needed to
proceed with resolution of the incident, take the incident out of SLA criteria
so that it will not be included in SLA attainment reports.
Return to Contact Appropriate Parties to obtain the additional information
required to proceed with resolution of the incident.
29. Inform Requester that Incident will be Closed
If the incident should be closed due to the lack of information needed to
proceed with resolution of the incident, inform the Requester that the
incident will be closed.
30. Update Incident Record with its Close
Update the incident record to indicate that the required information could
not be obtained and that the incident will be closed.
Proceed to End.
31. Assign/ Reassign incident to Appropriate Incident Resolver Group
Determine if the result of Incident Analysis reassigned the incident to a
different Resolver Group.
(a) If it is Yes, return to Assign Incident to Incident Resolver to assign
the incident to a new Incident Resolver.
(b) If it is No, proceed to Actual Incident?
Note that the Assign and/ or reassign the incident to the most appropriate
TLS incident resolver based on skill level and availability within the TLS
Resolver Group.
32. Review for Corrective Assignment
Review the assigned incident for corrective resolver group.
33. Correct Assignment?
Determine if the review indicates that the assigned incident is correct
assignment.
(a) If it is Yes, proceed to Perform Incident Analysis Procedure to
analyse the incident.
(b) If it is No, proceed to Indicate Request Type and Reassignment Details
97
34. Indicate Request Type and Reassignment Details
If there is incorrect assignment, indicate request type and provide
reassignment details such as who is appropriate to resolve.
35. Request SLS for Reassignment
Request for reassignment, SLS will review and reassignment
36. Perform Incident Analysis Procedure
Refer to the Incident Analysis procedure to gather all required information
about the incident and related incidents and to perform incident
determination, investigation and diagnosis activities.
37. Knowledge-based Required?
Determine if the Knowledge-based is required to get the required
information.
(a) If it is Yes, proceed to Search Required Information from
Knowledge-Based
(b) If it is No, proceed to Attempt to Resolve Incident
38. Search Required Information from Knowledge-Based
Search the required information from the Knowledge database.
39. Attempt to Resolve Incident
Attempt to resolve the incident based on skills and availability.
40. Close Incident?
Determine to close incident when processing incident has been complete.
(a) If it is Yes, proceed to Close Incident Procedure
(b) If it is No, proceed to Recovery Required?
41. Recovery Required?
If the incident is an actual incident, determine if recovery from the incident
is required prior to implementation of a permanent solution.
(a) If it is Yes, proceed to Perform Incident Recovery.
(b) If it is No, proceed to Handle and Control Problems.
42. Perform Incident Recovery
If recovery of the incident is required prior to permanent resolution of the
incident, proceed to the Perform Incident Recovery as the following.
(a) Review the Recovery Plan with affected parties
(b) Check if the required recovery is entitlement
(c) Check if the service request is required
98
(d) Determine to request for change
(e) Update incident record to indicate recovery result either successful or
unsuccessful
43. Was Incident Recover?
Determine if the Perform Incident Recovery was successful in recovering
from the incident.
(a) If it is Yes, proceed to Incident Permanently Resolve or Agree to
Workaround Applied?
(b) If it is No, proceed to Close Incident Record Procedure.
44. Incident Permanently Resolve or Agree to Workaround Applied?
Determine if the Perform Incident Recovery provided a permanent
resolution for the incident. That is, is the recovery action or bypass
acceptable as a permanent solution?
(a) If it is Yes, proceed to Add Resolution to Knowledge-Based.
(b) If it is No, proceed to Problem Management Process
Refer to the Problem Management process to develop a permanent
solution for the problem.
Note that a problem is the unknown underlying cause of one or more
incidents. The status of the problem is transformed to known error when
both the root cause is known and a temporary workaround or a permanent
resolution has been identified.
Proceed to End.
45. Add Resolution to Knowledge-Based
Add the resolutions to the knowledge database to assist with future incident
and problem investigation and diagnosis.
46. RCA Required?
Follow the policy to determine if a RCA is required for the recovered incident
for which the recovery action is acceptable as a permanent resolution.
(a) If it is Yes, proceed to Handle and Control Problems (RCA).
(b) If it is No, proceed to Close Incident Record.
47. Close Incident Record Procedure
When processing of the incident has completed either successfully or
unsuccessfully, proceed according to the Close Incident Record procedure
to close the associated incident record.
48. End
End of Incident Management Process
99
Figure B-2 shows Open Incident Record Procedure
FIGURE B-2 Open Incident Record Flow
Narrative of Open Incident Record Procedure
1. Incident Record Already Open?
Check if an incident record has already been opened for the incident.
(a) If it is Yes, proceed to Review Open Incident Policy
(b) If it is No, proceed to Return
2. Review Open Incident Policy
Review the Open Incident policy particular the details for items such as:
(a) Who has authorized to open incident records?
(b) What information is required when opening an incident?
3. Open an incident record for the incident.
Open an incident record for the incident with required information.
The required information to be included in an incident record is:
(a) Incident ID
(b) Date and Time when open incident Record
100
(c) Incident description
(d) Outage detail particular on failing component /resource, date / time
incident occurred
(e) Incident severity based on business impact
(f) Incident requester (requesters name, location and contact no.)
(g) Incident status (open/ assign resolver/ necessary resolving steps/ close)
4. Gather Required Information
Gather required information based on policy to complete the incident record.
5. Entitle?
Follow the policy to determine if the Requester is entitled to raise this incident.
(a) If it is Yes, proceed to Match Severity to Incident
(b) If it is No, proceed to Document Entitle Failure Detail
6. Document Entitle failure Detail
If the Requester was not entitled to raise this incident, document the details
of the entitlement failure in preparation for calling the Handle Service
Entitlement Failure.
7. Handle Service Entitlement Failure
Handel Service Entitlement Failure is to resolves entitlement failures for
requested services and update request records to reflect the disposition of
entitlement failures. It shall be determined the incident against the service
contracts particular IT outsourcing contact. It may propose the alternative
for entitlement with authorized approval.
8. Continue?
Determine if the decision was made in the Handle Service Entitlement
Failure to continue with the incident.
(a) If it is Yes, proceed to Assign Severity to Incident
(b) If it is No, proceed to Return
9. Assign Severity to Incident
Assign severity based on severity definition and its policy to the incident.
Proceed to Return.
10. Return
Return to the Incident Management Process
101
Figure B-3 shows Handle Major Incident Procedure
FIGURE B-3 Handle Major Incident Flow
Narrative of Handle Major Incident Procedure
1. Gather Information for Major incident
If the incident is associated with a major incident, collect all related
information regarding the incident such as:
(a) Services/ applications/ resources affected
(b) Affected service owners
(c) Estimated duration of any associated outages
2. Major Incident Criteria Met?
Determine if the criteria for conducting an incident review have been met
based on major incident severity 1, which is the most business impact in
terms of the availability of specific service, application, or network.
102
(a) If it is Yes, proceed to Assign major incident Owner
(b) If it is No, proceed to Inform Requester that Incident Not Major
Incident with Reasons
3. Inform Requester that Incident Not Major Incident with Reasons
Inform the Requester that the incident is not a major incident with reason
why the incident was not assigned to severity 1.
4. Assign Major Incident Owner
Assign a major incident owner who handles all required notifications and
escalations until the resolution is complete.
5. Coordinate Recovery for Major incident.
Coordinate relevant resources for major incident recovery and effectively
manage the recovery activities to minimize the duration of the incident.
6. Major Incident Notification
Perform the major incident notification as the following:
(a) Analyze the incident in detail, take whatever actions are necessary to
confirm whether or not the associated service is actually down or is
severely degraded.
(b) If the service is actually down, urgently provide notification to all
affected parties of the service outage (management team and service
recovery teams) by short massaging and or email with an ongoing status
as required.
(c) If the service is not actually down or severely degraded, notify the
appropriate service providers so that they may handle the incident.
7. Perform Problem Management Process
Perform Problem Management process to permanently resolve.
8. Major Incident Review Required?
Determine if the criteria for conducting an incident review have been met
based on incident severity 1 that business impact in a particular the
availability of specific service, application, or network.
(a) If it is Yes, proceed to Assign major incident Owner
(b) If it is No, proceed to Inform Requester that Incident Not Major
Incident with Reasons
103
9. Perform Major Incident Review
Assemble appropriate parties in preparation to conduct a review of an
incident.
10. Notify All Parties
Inform all participants either that a major incident review is not needed or
that the criteria for conducting an incident review have not been met.
Proceed to Return.
11. Return
Return to the Incident Management process
Figure B-4 shows Perform Incident Analysis Procedure
FIGURE B-4 Perform Incident Analysis Flow
Narrative of Perform Incident Analysis Procedure
1. Collect Incident Symptom and Configuration Item Impact Info
Collect all available data about the incident, its symptoms, severity and
associated configuration data based on its component.
104
2. Identify Any Related Occurrence
Identify any related occurrences of the incident and analyze with similar
previous cases.
3. Need To Reproduce Incident?
Determine if there is a need to reproduce the incident to obtain additional
information to understand the exact environment in which the incident
occurred.
(a) If it is Yes, proceed to Reproduce Proper Incident
(b) If it is No, proceed to Analyse Available Incident Data
4. Reproduce Proper Incident
If there is a need to reproduce the incident to gather additional insight about
the incident, attempt to reproduce the incident.
5. Incident Reproducible?
Determine if the incident is reproducible.
(a) If it is Yes, proceed to Update Incident Record with Additional
Details
(b) If it is No, proceed to Analyse Available Incident Data
6. Update Incident Record with Additional Details
Update the incident record with additional details.
7. Analyse Available Incident Data
Analyze all available incident data to validate that the incident was assigned
to the correct resolver group.
8. Correct Assignment?
Determine if the incident was assigned to the correct resolver group based on
the review of the incident record and all incident data.
(a) If it is Yes, proceed to Perform Incident Determination Procedure
(b) If it is No, proceed to Indicate Request Type
9. Indicate Request Type
If the incident record was incorrectly assigned, indicate request type and
document the reassignment details in preparation for calling the reassign
request
105
10. Request for Reassignment
Request for reassignment to reassign the incident to the correct resolver
group and to return to the Assign/ reassign Incident to Appropriate
Incident Resolver to assign the incident to a new incident resolver
11. Perform Incident Determination Procedure
If the incident was assigned to the correct resolver, proceed to perform
Incident Determination procedure to continue with incident analysis and
development of a Recovery Plan.
12. Return
Return to the Incident Management Process
Figure B-5 shows Incident Determination Procedure
FIGURE B-5 Incident Determination Flow
106
Narrative of Incident Determination Procedure
1. Initiate Incident Determination
Analyze all available incident data and initiate normal incident
determination activities. It should identify by all single points of failure.
2. Actual Incident?
Determine if the reported incident is indeed an actual incident.
(a) If it is Yes, proceed to Determine Incident Impact
(b) If it is No, proceed to Action Required?
3. Action Required?
Determine if any action is required.
(a) If it is Yes, proceed to Perform Appropriate Action
(b) If it is No, proceed to Update Incident Record to Indicate that
Incident is Not an Actual Incident
4. Update Incident Record to Indicate that Incident is Not an Actual Incident
Update incident record to indicate the incident that is not an actual incident.
Proceed to Return
5. Perform Appropriate Action
Perform appropriate action for non actual incident details to check if notification
is required.
6. Notification Required?
Determine if the notification is required.
(a) If it is Yes, proceed to Notify Appropriate Parties to Perform Action
(b) If it is No, proceed to Update Incident Record with Current Status
7. Notify Appropriate parties to perform Action
Notify appropriate parties to perform action for non-actual incident.
8. Determine Incident Impact
Determine of which are the incident impact to particular crucial services,
components, application, and networks.
9. Determine to Adjust Severity
Determine to adjust the assigned severity. Negotiable severity either up or
down will be notify to the FLS to determine with the negotiation.
107
10. Major Incident?
Base on the Major Incident policy, determine if the incident is a major incident.
(a) If it is Yes, proceed to Handle Major Incident Procedure
(b) If it is No, proceed to Recovery required
11. Handle Major Incident Procedure
Refer to the Handle Major Incident procedure to assign a major incident
owner to the incident and to handle all required notifications and escalations.
12. Recovery Required?
Determine if there is any recovery required to the incident.
(a) If it is Yes, proceed to Perform Backup and Recovery
(b) If it is No, proceed to Update Incident Record with Current Status
13. Perform Backup and Recovery
Perform recovery according to Backup and Recovery procedure
14. Update Incident Record with Current Status
Update incident record with the current status.
15. Return
Return to Incident Management Process
108
Figure B-6 shows Close Incident Record Procedure
FIGURE B-6 Close Incident Record Flow
Narrative of Close Incident Record Procedure
1. Review Close Incident Policy
Review the Close Incident policy for the account. The policy shall define:
(a) Who can close incident records
(b) Required closure concurrence, if any
(c) Required notifications, if any
2. Closure Concurrence Required?
Follow the policy to determine if concurrence to close the incident is
required.
(a) If it is Yes, proceed to Obtain Closure Concurrence from Appropriate
Parties.
(b) If it is No, proceed to Close Incident Record.
109
3. Obtain Closure Concurrence from Appropriate Parties
If concurrence to close the incident is required, follow the Close Incident
policy to obtain concurrence from the appropriate parties.
4. Concurrence Obtained?
Determine if concurrence to close the incident was obtained from all
appropriate parties.
(a) If it is Yes, proceed to Close Incident Record.
(b) If it is No, proceed to Document Closure Issue.
5. Close Incident Record
Close the incident record, ensuring that the incident record contains all the
required information, including the closing status, code and recovery and
resolution dates and times.
6. Notification Required?
Follow the Notification policy to determine if notification is required that the
incident has been closed.
(a) If it is Yes, proceed to Notify Appropriate Parties.
(b) If it is No, proceed to Return.
7. Notify Appropriate Parties
If notification is required, follow the Notification policy to notify the
appropriate parties that the incident has been closed and its closing status.
The following personnel to be notified that a severity 1 incident has been
closed:
(a) Incident Coordinator
(b) Requester/ User
(c) Designated customer incident liaison
8. Return
Proceed to Return.
110
B-7 ITIL-Based Problem Management Process
The scope of the Problem Management process includes:
(a) Review problem and incident trend analysis
(b) Opening an problem record
(c) Performing RCA (root cause analysis)
(d) Assigning problem to appropriate problem resolver
(e) Developing permanent resolution plan
(f) Implementing permanent resolution plan
(g) Close incident record
Figure B-7 shows the Problem management process flow
FIGURE B-7 IT Problem Management Process Flow
Narrative of Problem Management Process:
There are two purposes of the problem management process. One is to perform
the preventive action by analyzing problem and incident trends to determine to provide
the action plan (path ongoing). Another is to handle for each problem as required
from the incident management process (path as required for each problem).
111
The Ongoing path includes one procedure.
1. Review Problem and Incident Trend Analysis procedure
Refer to the Review Problem and Incident Trend Analysis procedure to
analyse the negative trend of incident and problem process. It will determine
to provide the action plan in terms of preventive action.
Proceed to End
As Required for each problem path includes the following.
1. Open Problem Record Procedure
Refer to Open Problem Record procedure.
2. Request for RCA?
Determine if the problem was opened for a request to perform a Root Cause
Analysis for a negative process trend.
(a) If it is Yes, proceed to Perform Root Cause Analysis Procedure.
(b) If it is No, proceed to Assign to Problem Resolver Procedure.
3. Perform Root Cause Analysis Procedure
Refer to Perform Root Cause Analysis procedure
Proceed to End
4. Assign to Problem Resolver Procedure
Refer to Assign to Problem Resolver procedure
5. Develop Permanent Resolution Plan Procedure
Refer to Develop Permanent Resolution Plan procedure
6. Was Resolution Developed?
Determine if the resolution Plan was developed.
(a) If it is Yes, proceed to Implement Permanent Resolution Plan
Procedure
(b) If it is No, proceed to Close Problem Record Procedure
7. Implement Permanent Resolution Plan Procedure.
Refer to Implement Permanent Resolution Plan Procedure.
8. Was Resolution Successful?
Determine if the resolution is successful?
(a) If it is Yes, proceed to Close Problem Record procedure.
(b) If it is No, proceed to Proceed to Another Effective Resolution Plan
112
9. Proceed to Another Effective Resolution Plan
If the resolution plan was implemented unsuccessful documented issue and
proceed to another effective resolution plan.
Proceed to Develop Permanent Resolution Plan Procedure
10. Close Problem Record procedure
Refer to Close Problem Record procedure
11. End
End of Problem Management Process
Figure B-8 shows Review Problem and Incident Trend Analysis Procedure
1. Review Problem and
Incident Analyses
Start
5.
Action Plan
Required?
3. Document Require for
Preventive Action
2.
Preventive Action
Required?
4. Review Action Plan in
Regular Management Meeting
6. Develop Action Plan
7. Handel Action for
Completion
Return
Yes
No
Yes
No
FIGURE B-8 Review Problem and Incident Trend Analysis
Narrative of Review Problem and Incident Trend Analysis
1. Review problem and incident trend analysis
Review problem and incident trend analysis to proactively determine
potential problems that have not yet been identified by the occurrence of an
incident or recurring data that might indicate an unidentified problem.
113
2. Preventive Action Required?
Determine whether specific targeted actions need to be taken to investigate,
resolve and prevent a potential problem, based on the outcome of data
gathering and trend analysis.
(a) If it is Yes, proceed to Document Required for Preventive Action.
(b) If it is No, proceed to Review Action Plan in Regular Management
Meeting.
3. Document Required for Preventive Action.
Document the required for preventative action with the trend analysis output.
Notify the preventive action result to the services of emerging trends and
possible improvement areas.
4. Review Action Plan in Regular Management Meeting
Review the action plan information with management at regular review
meetings to ensure that the information is understood and acted on.
5. Action Plan Required?
Does the review indicate that a further action plan is required to handle any
service issues?
(a) If it is Yes, proceed to Develop Action plan.
(b) If it is No, proceed to End.
6. Develop Action plan
Develop the required action plan.
7. Handle Action Plan Implementation for Completion
Handle the action plan implementation to monitor implementation and
completion of the action plan.
8. Return
Return to the Problem Management Process
114
Figure B-9 shows Open Problem Record Procedure
FIGURE B-9 Open Problem Record Flow
Narrative of Open Incident Record
1. Problem Record Already Open?
Check if a problem record has already been opened for the incident.
(a) If it is Yes, proceed to Review Open Problem Policy
(b) If it is No, proceed to Return
2. Update Problem Record which It Is Already Open
Update the problem record that the problem is ready opened.
3. Review Open Problem Policy
Review the Open Problem policy particular the details for items such as:
(a) Who has authorized to open incident records?
(b) What information is required when opening a problem
115
4. Open Problem Record
Open a problem record for the problem with required information.
The information required to open a problem record as the following:
(a) Incident details gathered and recorded in the incident record
(b) Associated incidents
5. Multiple Incidents?
Determine if the incident is a multiple incidents
6. Coordinate Incident to Problem Record
Coordinate the incident to the problem record.
7. Gather Required Information
Gather required information based on policy to complete the problem record
8. Entitle?
Follow the policy to determine if the problem requester is entitled to raise
this problem.
9. Document Entitle failure Detail
If the Requester was not entitled to raise this problem, document the details
of the entitlement failure in preparation for handling service entitlement
failure.
10. Handle Service Entitlement Failure
Handle Service Entitlement Failure is to resolves entitlement failures for
requested services and update request records to reflect the disposition of
entitlement failures. It shall be determined the problem against the service
contracts particular IT outsourcing contact. It may propose the alternative
for entitlement with authorized approval.
11. Continue?
Determine if the decision was made in the handle service entitlement failure
to continue with the problem.
12. Match Severity to Incident
Match problem severity based on definition to the problem.
Proceed to Return.
13. Return
Return to the Problem Management Process
116
Figure B-10 shows Perform Root Cause Analysis Procedure
FIGURE B-10 Perform Root Cause Analysis Flow
Narrative of Perform Root Cause Analysis
1. Assign RCA Owner
Assign an ownership for the Root Cause Analysis. The owner is responsible
for managing the Root Cause Analysis through its completion.
2. Gather Problem Related RCA
Gather all available problem data related to RCA, including:
(a) The problem record
(b) Any details about associated service outage
117
Steps 3 through 5 and Steps 6 through 8 are performed in parallel.
3. Analyse Problem
Analyze the problem data. In particular, look for common:
(a) Symptoms, patterns of occurrence, user environments, etc.
(b) Exception events
4. Identify Contribution Factors
Based on the problem data analysis, identify any factors that contributed to
the problem.
5. Determine Probable Cause
Choose the most likely problem cause or causes from the contributing
factors.
Proceed to Analysis Complete?
6. Monitor RCA
Monitor the progress of the Root Cause Analysis to ensure that it is on
schedule.
7. Action Required?
Determine if any action is required to complete the Root Cause Analysis.
(a) If it is Yes, proceed to Take Appropriate Actions.
(b) If it is No, proceed to Analysis Complete?
8. Take Appropriate Actions
Take whatever actions are necessary to complete the Root Cause Analysis on
schedule.
Return to Monitor Root Cause Analysis to continue to monitor the progress
of the Root Cause Analysis.
9. Analysis Complete?
Determine if the Root Cause Analysis has been completed.
(a) If it is Yes, proceed to Document Final RCA Result
(b) If it is No, proceed to Prepare Interim RCA Result
10. Prepare Interim RCA Result
If the analysis is not yet complete, prepare an interim report that documents
the Root Cause Analysis findings to date.
Return in parallel to Analyze Problem and Monitor RCA to complete the
analysis.
118
11. Document Final RCA Result
If the analysis is complete, document the results of the Root Cause Analysis.
Include findings from the problem data analysis, explanations of
contributing factors, and an indication of the probable cause(s).
12. Review RCA with Appropriate Parties
Review the Root Cause Analysis results with the appropriate parties; for
example, the Problem Coordinator and all affected service owners.
13. Result Accepted?
Determine if the Root Cause Analysis results were accepted.
(a) If it is Yes, proceed to Root Cause Found?
(b) If it is No, return in parallel to Analyze Problem and Monitor RCA
to repeat the Root Cause Analysis.
14. Root Cause Found?
Determine if a root cause of a problem was found.
(a) If it is Yes, proceed to Update Final RCA Results to Knowledge Database
(b) If it is No, proceed to Update Problem Record with Current Status
15. Update Final RCA Results to Knowledge Database
Update the root cause analysis result to knowledge database. Based on the
update knowledge database policy, it may be updated to reflect the RCA
results for all problems and negative process trends.
16. Update Problem Record with Current Status
Update the problem record with the current status of the problem; either:
(a) Root cause of the problem identified
(b) No root cause found
Proceed to Return.
17. Notify RCA Result to Appropriate Parties
Follow the notification policy to notify the appropriate parties of the RCA
results particular the service accounts that the RCA is applicable.
Proceed to Return.
18. Return
Return to either the Problem Management Process or
Development Resolution Plan
119
Figure B-11 shows Assign Problem to Appropriate Problem Resolver Procedure
FIGURE B-11 Assign Problem to Appropriate Problem Resolver Flow
Narrative of Assign Problem to Appropriate Problem Resolver
1. Review Problem Record
Review the problem record to determine whom it should be assigned to.
2. Correct Assignment?
Determine if the problem was initially assigned to the correct Resolver Group
when the problem was opened.
(a) If it is Yes, proceed to Indicate Request Type.
(b) If it is No, proceed to Assign Problem to Problem Resolver.
3. Indicate Request Type
If the problem was initially assigned to the wrong resolver, indicate the
request problem type and, if known, the details of whom the problem should
be reassigned to in preparation for calling the reassign request.
4. Request for Reassignment
Request for reassignment, assign the problem to the most appropriate resolver.
Proceed to Review Problem Record
5. Assign Problem to Problem Resolver
Assign problem to the problem resolver based on skill level and availability.
120
6. Update Problem Record with Current Status
Update the problem record to indicate that the problem has been assigned to
an appropriate problem resolver and is awaiting problem analysis and
development of a permanent resolution plan.
7. Return
Return to the Problem Management Process
Figure B-12 shows Developing Permanent Resolution Plan Procedure
FIGURE B-12 Developing Permanent Resolution Plan
121
Narrative of Developing Permanent Resolution Plan
1. Review Associated incident and Related Configuration Items (CIs)
Review all recorded available data about the incident(s), symptoms, severity
and associated configuration items based on component or application or
network categorization.
2. Identify Any Related Concurrences
Identify any related occurrences of the problem and analyze similar
problems, comparing the problem to the database of records to determine if
this is a repeat occurrence of a previous problem or known error.
3. RCA Required?
Determine if a Root Cause Analysis is required for the problem.
(a) If it is Yes, proceed to Perform root Cause Analysis Procedure
(b) If it is No, proceed to Investigate Possible Solution
4. Perform Root Cause Analysis Procedure
If a RCA is required, proceed to the Perform Root Cause Analysis procedure
to determine the most likely cause of the problem.
5. Investigate Possible Solutions
Investigate possible permanent solutions for the problem. It may search and
select potential resolution from the Knowledge Database.
6. Potential Resolution Identified
Determine if any potential resolutions were identified.
(a) If it is Yes, proceed to Select Resolution.
(b) If it is No, proceed to Update Problem Record to be Closed without
any Resolution.
7. Update Problem Record to be Closed without Any Resolution
If there is no any potential resolutions was identified, update the problem
record to indicate that the problem will be closed due to the lack of a known
error or possible resolution.
8. Select Resolution
If potential resolutions were found, select what appears to be the best
permanent solution for the problem.
122
9. Finalize Resolution
Finalize possible resolution
Proceed to Return.
10. Develop Resolution Plan and Test Resolution Plan
Match problem severity based on definition to the problem.
Proceed to Return.
11. Review Resolution plan with Appropriate Parties
Match problem severity based on definition to the problem.
Proceed to Return.
12. Issue Occurred?
Check if a problem record has already been opened for the incident.
(a) If it is Yes, proceed to Review Open Problem Policy
(b) If it is No, proceed to Return
13. Document Issue
Match problem severity based on definition to the problem.
Proceed to Return.
14. Issue Resolved?
Check if a problem record has already been opened for the incident.
(a) If it is Yes, proceed to Review Open Problem Policy
(b) If it is No, proceed to Return
15. Update Problem Record with Current Status
If the Permanent Resolution Plan is acceptable, update the problem record to
indicate that the solution is ready to be implemented to permanently resolve
the problem. Change the status of the problem to Known Error.
Proceed to Return.
16. Return
Return to the Problem Management Process
123
Figure B-13 shows Implement Permanent Resolution Plan Procedure
FIGURE B-13 Implement Permanent Resolution Plan Flow
Narrative of Implement Permanent Resolution Plan
1. Initiate Resolution Plan
Initiate the Permanent Resolution Plan involves two parallel procedures:
(a) Implementation performed by external operational processes
(b) Coordination: performed by the Problem Resolver to monitor the
overall execution of the Permanent Resolution Plan and to record the
implementation results.
2. Monitor Resolution plan Implementation
Monitor the implementation of the Permanent Resolution Plan against the
target schedule.
124
3. Adjustment Required?
Determine if any adjustment to the Permanent Resolution Plan is needed to
ensure resolution of the problem in known error status within committed
service levels.
(a) If it is Yes, proceed to Adjust Resolution Plan
(b) If it is No, proceed to Implement Resolution Plan
4. Adjust Resolution Plan
If adjustments to the Permanent Resolution Plan are needed to resolve the
problem in known error status within committed service levels, escalate the
implementers as required to apply corrective action and adjust the plan
accordingly.
5. Review Resolution Plan Adjustment with Appropriate Resolver
Coordinate the adjusted plan with all affected resolver to review the
resolution plan adjustment.
6. Update Problem Record with Adjusted Resolution Plan Details
Update the problem record with details of the modified Permanent
Resolution Plan.
7. Implement Resolution Plan
Perform Implementation of Resolution Plan to continue with the resolution
of the problem in known error status.
8. Implement Complete?
Determine if implementation of the solution is complete.
(a) If it is Yes, proceed to Successful?
(b) If it is No, proceed to Update Problem Record with Implemented
Resolution Unsuccessful
9. Successful?
Determine if the decision was made in the handle service entitlement failure
to continue with the problem.
(a) If it is Yes, proceed to Update Problem Record with Implemented
Resolution Successful
(b) If it is No, proceed to Update Problem Record with Implemented
Resolution Unsuccessful
125
10. Update Problem Record with Implemented Resolution Unsuccessful
If the problem was not resolved, update the problem record to indicate that
the Permanent Resolution Plan was not successful.
Note: The problem remains in known error status until it is permanently
fixed by a change.
11. Update Problem Record with Implemented Resolution Successful
If the problem was resolved successfully, update the problem record to
indicate that the problem in known error status has been resolved. Be sure to
enter the resolution date and time. The record should brief details of the
resolution so that these are available to assist with future incident and
problem investigation and diagnosis.
12. Notify Appropriate Parties
Notify the Requester, the Problem Coordinator, affected service owners, and
a customer-designated problem liaison of the outcome of implementing the
Permanent Resolution Plan. It should be following g the notification policy
to notify the appropriate parties of the outcome of implementing the
Permanent Resolution Plan.
Proceed to Return.
13. Return
Return to the Problem Management Process
126
Figure B-14 shows Close Problem Record Procedure
FIGURE B-14 Close Problem Record Flow
Narrative of Close Problem Procedure
1. Review Close Problem Policy
Review the Close Problem policy for the account. The policy shall define:
(a) Who can close problem records
(b) Required closure concurrence, if any
(c) Required notifications, if any
2. Closure Concurrence Required?
Follow the policy to determine if concurrence to close the problem is
required.
(a) If it is Yes, proceed to Obtain Closure Concurrence from
Appropriate Parties.
(b) If it is No, proceed to Close Incident Record.
127
3. Obtain Closure Concurrence from Appropriate Parties
If concurrence to close the problem is required, follow the Close Problem
policy to obtain concurrence from the appropriate parties.
4. Concurrence Obtained?
Determine if concurrence to close the problem was obtained from all
appropriate parties.
(a) If it is Yes, proceed to Close Problem Record.
(b) If it is No, proceed to Document Closure Issue.
5. Close Problem Record
Close the problem record. Ensure that the problem record contains all the
required information, including the closing status, code and recovery, and
resolution dates and times.
6. Notification Required?
Follow the Notification policy to determine if notification is required that
the incident has been closed.
(a) If it is Yes, proceed to Notify Appropriate Parties.
(b) If it is No, proceed to Return.
7. Notify Appropriate Parties
If notification is required, follow the Notification policy to notify the
appropriate parties that the problem has been closed and its closing status.
(a) Problem Coordinator
(b) Requester/ User
(c) Designated customer problem liaison
8. Return
Return to the Problem Management Process
APPENDIX C
SIMULATION MODELS AND SIMULATION RESULTS
130
C-1 Simulation Model of Typical IT Service Desk System
A simulation model of IT service desk system is shown in Figure C-1.
Arrivals
IT Incident Call
Assign Severity
0.303
95.753
3.238
El s e
Severity 1
Resolving
Severity 2
Resolving
Severity 3
Resolving
Severity 4
Resolving
Resolved
Ticket Severity 4
Resolved
Ticket Severity 3
Resolved
Ticket Severity 2
Resolved
Ticket Severity 1
Ticket
Assign IT Incident
4
Assign Servirity
3
Assign Servirity
2
Assign Servirity
1
Assign Servirity
0
0
0
0
0
0
0
0
0
FIGURE C-1 Simulation Model for IT Service Desk System
The details of the simulation model can be described by the SIMAN Code is in
the following:
;
;
; Model statements for module: BasicProcess.Create 1 (IT Incident Call
Arrivals)
;
14$ CREATE, 1,MinutesToBaseTime(0.0),Entity
1:MinutesToBaseTime(WEIB( 3.64, 0.903 )):NEXT(15$);
15$ ASSIGN: IT Incident Call Arrivals.NumberOut=IT Incident
Call Arrivals.NumberOut + 1:NEXT(9$);
;
;
; Model statements for module: BasicProcess.Assign 1 (Assign IT
Incident Ticket)
;
9$ ASSIGN: Picture=Picture.Ball:NEXT(0$);
131
;
;
; Model statements for module: BasicProcess.Decide 1 (Assign Severity)
;
0$ BRANCH, 1:
With,(0.303)/100,10$,Yes:
With,(95.753)/100,11$,Yes:
With,(3.238)/100,12$,Yes:
Else,13$,Yes;
;
;
; Model statements for module: BasicProcess.Assign 5 (Assign Servirity
1)
;
13$ ASSIGN: Entity.Type=Severity 1:
Picture=Picture.Red Ball:
S1 resolving time=LOGN(2.37, 4.74):
S1 time arrival=TNOW:NEXT(1$);
;
;
; Model statements for module: BasicProcess.Process 1 (Resolving
Severity 1)
;
1$ ASSIGN: Resolving Severity 1.NumberIn=Resolving
Severity 1.NumberIn + 1:
Resolving Severity 1.WIP=Resolving Severity
1.WIP+1;
23$ QUEUE, Resolving Severity 1.Queue;
22$ SEIZE, 1,VA:
Resource 1,1:NEXT(21$);
21$ DELAY: MinutesToBaseTime(S1 resolving time),,VA;
20$ RELEASE: Resource 1,1;
68$ ASSIGN: Resolving Severity 1.NumberOut=Resolving
Severity 1.NumberOut + 1:
Resolving Severity 1.WIP=Resolving Severity
1.WIP-1:NEXT(8$);
;
;
; Model statements for module: BasicProcess.Dispose 4 (Ticket Severity
1 Resolved)
;
8$ ASSIGN: Ticket Severity 1 Resolved.NumberOut=Ticket
Severity 1 Resolved.NumberOut + 1;
71$ DISPOSE: Yes;
;
;
; Model statements for module: BasicProcess.Assign 2 (Assign Servirity
4)
;
10$ ASSIGN: Entity.Type=Severity 4:
Picture=Picture.Green Ball:
S4 time arrival=TNOW:
S4 resolving
time=144*BETA(0.248,1.27):NEXT(4$);
132
;
;
; Model statements for module: BasicProcess.Process 4 (Resolving
Severity 4)
;
4$ ASSIGN: Resolving Severity 4.NumberIn=Resolving
Severity 4.NumberIn + 1:
Resolving Severity 4.WIP=Resolving Severity
4.WIP+1;
75$ QUEUE, Resolving Severity 4.Queue;
74$ SEIZE, 3,VA:
Resource 1,1:NEXT(73$);
73$ DELAY: MinutesToBaseTime(S4 resolving time),,VA;
72$ RELEASE: Resource 1,1;
120$ ASSIGN: Resolving Severity 4.NumberOut=Resolving
Severity 4.NumberOut + 1:
Resolving Severity 4.WIP=Resolving Severity
4.WIP-1:NEXT(5$);
;
;
; Model statements for module: BasicProcess.Dispose 1 (Ticket Severity
4 Resolved)
;
5$ ASSIGN: Ticket Severity 4 Resolved.NumberOut=Ticket
Severity 4 Resolved.NumberOut + 1;
123$ DISPOSE: Yes;
;
;
; Model statements for module: BasicProcess.Assign 3 (Assign Servirity
3)
;
11$ ASSIGN: S3 resolving time T2=LOGN(7.87, 11.1):
S3 resolving time T1=WEIB(5.94, 0.67):
Entity.Type=Severity 3:
Picture=Picture.Blue Ball:
S3 time arrival=TNOW:NEXT(3$);
;
;
; Model statements for module: BasicProcess.Process 3 (Resolving
Severity 3)
;
3$ ASSIGN: Resolving Severity 3.NumberIn=Resolving
Severity 3.NumberIn + 1:
Resolving Severity 3.WIP=Resolving Severity
3.WIP+1;
127$ QUEUE, Resolving Severity 3.Queue;
126$ SEIZE, 2,VA:
Resource 1,1:NEXT(125$);
125$ DELAY: MinutesToBaseTime(S3 resolving time T2),,VA;
124$ RELEASE: Resource 1,1;
172$ ASSIGN: Resolving Severity 3.NumberOut=Resolving
Severity 3.NumberOut + 1:
Resolving Severity 3.WIP=Resolving Severity
3.WIP-1:NEXT(6$);
133
;
;
; Model statements for module: BasicProcess.Dispose 2 (Ticket Severity
3 Resolved)
;
6$ ASSIGN: Ticket Severity 3 Resolved.NumberOut=Ticket
Severity 3 Resolved.NumberOut + 1;
175$ DISPOSE: Yes;
;
;
; Model statements for module: BasicProcess.Assign 4 (Assign Servirity
2)
;
12$ ASSIGN: Picture=Picture.Yellow Ball:
Entity.Type=Severity 2:
S2 time arrival=TNOW:
S2 resolving time=LOGN(4.61, 9.4):NEXT(2$);
;
;
; Model statements for module: BasicProcess.Process 2 (Resolving
Severity 2)
;
2$ ASSIGN: Resolving Severity 2.NumberIn=Resolving
Severity 2.NumberIn + 1:
Resolving Severity 2.WIP=Resolving Severity
2.WIP+1;
179$ QUEUE, Resolving Severity 2.Queue;
178$ SEIZE, 1,VA:
Resource 1,1:NEXT(177$);
177$ DELAY: MinutesToBaseTime(S2 resolving time),,VA;
176$ RELEASE: Resource 1,1;
224$ ASSIGN: Resolving Severity 2.NumberOut=Resolving
Severity 2.NumberOut + 1:
Resolving Severity 2.WIP=Resolving Severity
2.WIP-1:NEXT(7$);
;
;
; Model statements for module: BasicProcess.Dispose 3 (Ticket Severity
2 Resolved)
;
7$ ASSIGN: Ticket Severity 2 Resolved.NumberOut=Ticket
Severity 2 Resolved.NumberOut + 1;
227$ DISPOSE: Yes;
134
C-2 Simulation Model of KMRCA IT Service Desk System
Simulation Model of KMRCA IT service desk system is shown in Figure C-2.
Arrivals
IT Incident Call
Assign Severity
0.303
95.753
3.238
El s e
1
Resolving Severity
2
Resolving Severity
3 by Factor A
Resolving Severity
4
Resolving Severity
Resolved
Ticket Severity 4
Resolved
Ticket Severity 3
Resolved
Ticket Severity 2
Resolved
Ticket Severity 1
Ticket
Assign IT Incident
Assign Servirity 4
Assign Servirity 3
Assign Servirity 2
Assign Servirity 1
3 by Factor B
Resolving Severity
3 by Factor C
Resolving Severity
0
0
0
0
0
0
0
0
0
0
0
FIGURE C-2 Simulation Model of KMRCA IT Service Desk System
The SIMAN code of the simulation model is in the following:
;
;
; Model statements for module: BasicProcess.Create 1 (IT Incident Call
Arrivals)
;
16$ CREATE, 1,MinutesToBaseTime(0.0),Entity
1:MinutesToBaseTime(WEIB( 3.16, 0.903)):NEXT(17$);
17$ ASSIGN: IT Incident Call Arrivals.NumberOut=IT Incident
Call Arrivals.NumberOut + 1:NEXT(9$);
;
;
; Model statements for module: BasicProcess.Assign 1 (Assign IT
Incident Ticket)
;
9$ ASSIGN: Picture=Picture.Ball:NEXT(0$);
;
; Model statements for module: BasicProcess.Decide 1 (Assign Severity)
;
0$ BRANCH, 1:
With,(0.303)/100,10$,Yes:
With,(95.753)/100,11$,Yes:
With,(3.238)/100,12$,Yes:
Else,13$,Yes;
135
;
; Model statements for module: BasicProcess.Assign 5 (Assign Servirity
1)
;
13$ ASSIGN: Entity.Type=Severity 1:
Picture=Picture.Red Ball:
S1 resolving time=LOGN(2.37, 4.74):
S1 time arrival=TNOW:NEXT(1$);
;
;
; Model statements for module: BasicProcess.Process 1 (Resolving
Severity 1)
;
1$ ASSIGN: Resolving Severity 1.NumberIn=Resolving
Severity 1.NumberIn + 1:
Resolving Severity 1.WIP=Resolving Severity
1.WIP+1;
51$ STACK, 1:Save:NEXT(25$);
25$ QUEUE, Resolving Severity 1.Queue;
24$ SEIZE, 1,VA:
Resource 1,1:NEXT(23$);
23$ DELAY: S1 resolving time,,VA:NEXT(66$);
66$ ASSIGN: Resolving Severity 1.WaitTime=Resolving
Severity 1.WaitTime + Diff.WaitTime;
30$ TALLY: Resolving Severity
1.WaitTimePerEntity,Diff.WaitTime,1;
32$ TALLY: Resolving Severity
1.TotalTimePerEntity,Diff.StartTime,1;
56$ ASSIGN: Resolving Severity 1.VATime=Resolving Severity
1.VATime + Diff.VATime;
57$ TALLY: Resolving Severity
1.VATimePerEntity,Diff.VATime,1;
22$ RELEASE: Resource 1,1;
71$ STACK, 1:Destroy:NEXT(70$);
70$ ASSIGN: Resolving Severity 1.NumberOut=Resolving
Severity 1.NumberOut + 1:
Resolving Severity 1.WIP=Resolving Severity
1.WIP-1:NEXT(8$);
;
;
; Model statements for module: BasicProcess.Dispose 4 (Ticket Severity
1 Resolved)
;
8$ ASSIGN: Ticket Severity 1 Resolved.NumberOut=Ticket
Severity 1 Resolved.NumberOut + 1;
73$ DISPOSE: Yes;
;
;
; Model statements for module: BasicProcess.Assign 2 (Assign Servirity
4)
;
10$ ASSIGN: Entity.Type=Severity 4:
Picture=Picture.Green Ball:
S4 time arrival=TNOW:
S4 resolving
time=144*BETA(0.248,1.27):NEXT(4$);
;
;
; Model statements for module: BasicProcess.Process 4 (Resolving
Severity 4)
;
136
4$ ASSIGN: Resolving Severity 4.NumberIn=Resolving
Severity 4.NumberIn + 1:
Resolving Severity 4.WIP=Resolving Severity
4.WIP+1;
103$ STACK, 1:Save:NEXT(77$);
77$ QUEUE, Resolving Severity 4.Queue;
76$ SEIZE, 3,VA:
Resource 1,1:NEXT(75$);
75$ DELAY: S4 resolving time,,VA:NEXT(118$);
118$ ASSIGN: Resolving Severity 4.WaitTime=Resolving
Severity 4.WaitTime + Diff.WaitTime;
82$ TALLY: Resolving Severity
4.WaitTimePerEntity,Diff.WaitTime,1;
84$ TALLY: Resolving Severity
4.TotalTimePerEntity,Diff.StartTime,1;
108$ ASSIGN: Resolving Severity 4.VATime=Resolving Severity
4.VATime + Diff.VATime;
109$ TALLY: Resolving Severity
4.VATimePerEntity,Diff.VATime,1;
74$ RELEASE: Resource 1,1;
123$ STACK, 1:Destroy:NEXT(122$);
122$ ASSIGN: Resolving Severity 4.NumberOut=Resolving
Severity 4.NumberOut + 1:
Resolving Severity 4.WIP=Resolving Severity
4.WIP-1:NEXT(5$);
;
; Model statements for module: BasicProcess.Dispose 1 (Ticket Severity
4 Resolved)
;
5$ ASSIGN: Ticket Severity 4 Resolved.NumberOut=Ticket
Severity 4 Resolved.NumberOut + 1;
125$ DISPOSE: Yes;
;
; Model statements for module: BasicProcess.Assign 3 (Assign Servirity
3)
;
11$ ASSIGN: S3 resolving time T2=TRIA(2,3,4.5):
S3 resolving time T3=2.4:
S3 resolving time T1=1.2:
Entity.Type=Severity 3:
Picture=Picture.Blue Ball:
S3 time arrival=TNOW:NEXT(3$);
;
; Model statements for module: BasicProcess.Process 3 (Resolving
Severity 3 by Factor A)
;
3$ ASSIGN: Resolving Severity 3 by Factor
A.NumberIn=Resolving Severity 3 by Factor A.NumberIn + 1:
Resolving Severity 3 by Factor A.WIP=Resolving
Severity 3 by Factor A.WIP+1;
155$ STACK, 1:Save:NEXT(129$);
129$ QUEUE, Resolving Severity 3 by Factor A.Queue;
128$ SEIZE, 2,VA:
Resource 1,1:NEXT(127$);
127$ DELAY: S3 resolving time T1,,VA:NEXT(170$);
170$ ASSIGN: Resolving Severity 3 by Factor
A.WaitTime=Resolving Severity 3 by Factor A.WaitTime + Diff.WaitTime;
137
134$ TALLY: Resolving Severity 3 by Factor
A.WaitTimePerEntity,Diff.WaitTime,1;
136$ TALLY: Resolving Severity 3 by Factor
A.TotalTimePerEntity,Diff.StartTime,1;
160$ ASSIGN: Resolving Severity 3 by Factor
A.VATime=Resolving Severity 3 by Factor A.VATime + Diff.VATime;
161$ TALLY: Resolving Severity 3 by Factor
A.VATimePerEntity,Diff.VATime,1;
126$ RELEASE: Resource 1,1;
175$ STACK, 1:Destroy:NEXT(174$);
174$ ASSIGN: Resolving Severity 3 by Factor
A.NumberOut=Resolving Severity 3 by Factor A.NumberOut + 1:
Resolving Severity 3 by Factor A.WIP=Resolving
Severity 3 by Factor A.WIP-1:NEXT(14$);
;
; Model statements for module: BasicProcess.Process 5 (Resolving
Severity 3 by Factor B)
;
14$ ASSIGN: Resolving Severity 3 by Factor
B.NumberIn=Resolving Severity 3 by Factor B.NumberIn + 1:
Resolving Severity 3 by Factor B.WIP=Resolving
Severity 3 by Factor B.WIP+1;
206$ STACK, 1:Save:NEXT(180$);
180$ QUEUE, Resolving Severity 3 by Factor B.Queue;
179$ SEIZE, 2,VA:
Resource 1,1:NEXT(178$);
178$ DELAY: S3 resolving time T2,,VA:NEXT(221$);
221$ ASSIGN: Resolving Severity 3 by Factor
B.WaitTime=Resolving Severity 3 by Factor B.WaitTime + Diff.WaitTime;
185$ TALLY: Resolving Severity 3 by Factor
B.WaitTimePerEntity,Diff.WaitTime,1;
187$ TALLY: Resolving Severity 3 by Factor
B.TotalTimePerEntity,Diff.StartTime,1;
211$ ASSIGN: Resolving Severity 3 by Factor
B.VATime=Resolving Severity 3 by Factor B.VATime + Diff.VATime;
212$ TALLY: Resolving Severity 3 by Factor
B.VATimePerEntity,Diff.VATime,1;
177$ RELEASE: Resource 1,1;
226$ STACK, 1:Destroy:NEXT(225$);
225$ ASSIGN: Resolving Severity 3 by Factor
B.NumberOut=Resolving Severity 3 by Factor B.NumberOut + 1:
Resolving Severity 3 by Factor B.WIP=Resolving
Severity 3 by Factor B.WIP-1:NEXT(15$);
;
;
; Model statements for module: BasicProcess.Process 6 (Resolving
Severity 3 by Factor C)
;
15$ ASSIGN: Resolving Severity 3 by Factor
C.NumberIn=Resolving Severity 3 by Factor C.NumberIn + 1:
Resolving Severity 3 by Factor C.WIP=Resolving
Severity 3 by Factor C.WIP+1;
257$ STACK, 1:Save:NEXT(231$);
231$ QUEUE, Resolving Severity 3 by Factor C.Queue;
230$ SEIZE, 2,VA:
Resource 1,1:NEXT(229$);
229$ DELAY: S3 resolving time T3,,VA:NEXT(272$);
272$ ASSIGN: Resolving Severity 3 by Factor
C.WaitTime=Resolving Severity 3 by Factor C.WaitTime + Diff.WaitTime;
236$ TALLY: Resolving Severity 3 by Factor
C.WaitTimePerEntity,Diff.WaitTime,1;
138
238$ TALLY: Resolving Severity 3 by Factor
C.TotalTimePerEntity,Diff.StartTime,1;
262$ ASSIGN: Resolving Severity 3 by Factor
C.VATime=Resolving Severity 3 by Factor C.VATime + Diff.VATime;
263$ TALLY: Resolving Severity 3 by Factor
C.VATimePerEntity,Diff.VATime,1;
228$ RELEASE: Resource 1,1;
277$ STACK, 1:Destroy:NEXT(276$);
276$ ASSIGN: Resolving Severity 3 by Factor
C.NumberOut=Resolving Severity 3 by Factor C.NumberOut + 1:
Resolving Severity 3 by Factor C.WIP=Resolving
Severity 3 by Factor C.WIP-1:NEXT(6$);
;
; Model statements for module: BasicProcess.Dispose 2 (Ticket Severity
3 Resolved)
;
6$ ASSIGN: Ticket Severity 3 Resolved.NumberOut=Ticket
Severity 3 Resolved.NumberOut + 1;
279$ DISPOSE: Yes;
;
; Model statements for module: BasicProcess.Assign 4 (Assign Servirity
2)
;
12$ ASSIGN: Picture=Picture.Yellow Ball:
Entity.Type=Severity 2:
S2 time arrival=TNOW:
S2 resolving time=LOGN(4.61, 9.4):NEXT(2$);
;
; Model statements for module: BasicProcess.Process 2 (Resolving
Severity 2)
;
2$ ASSIGN: Resolving Severity 2.NumberIn=Resolving
Severity 2.NumberIn + 1:
Resolving Severity 2.WIP=Resolving Severity
2.WIP+1;
309$ STACK, 1:Save:NEXT(283$);
283$ QUEUE, Resolving Severity 2.Queue;
282$ SEIZE, 1,VA:
Resource 1,1:NEXT(281$);
281$ DELAY: S2 resolving time,,VA:NEXT(324$);
324$ ASSIGN: Resolving Severity 2.WaitTime=Resolving
Severity 2.WaitTime + Diff.WaitTime;
288$ TALLY: Resolving Severity
2.WaitTimePerEntity,Diff.WaitTime,1;
290$ TALLY: Resolving Severity
2.TotalTimePerEntity,Diff.StartTime,1;
314$ ASSIGN: Resolving Severity 2.VATime=Resolving Severity
2.VATime + Diff.VATime;
315$ TALLY: Resolving Severity
2.VATimePerEntity,Diff.VATime,1;
280$ RELEASE: Resource 1,1;
329$ STACK, 1:Destroy:NEXT(328$);
328$ ASSIGN: Resolving Severity 2.NumberOut=Resolving
Severity 2.NumberOut + 1:
Resolving Severity 2.WIP=Resolving Severity
2.WIP-1:NEXT(7$);
;
; Model statements for module: BasicProcess.Dispose 3 (Ticket Severity
2 Resolved)
;
7$ ASSIGN: Ticket Severity 2 Resolved.NumberOut=Ticket
Severity 2 Resolved.NumberOut + 1;
331$ DISPOSE: Yes;
139
C-3 Simulation Results for Design of Experiments
This Appendix illustrates the simulation results that are provided to as the inputs
of experimental design (DOE) with 2
3
full factorial running standard order of 8 times
for each of 4 replications. Tables C-1, C-2, , C-16 show entity detail summary of
Time (in Table C-1) and entity detail summary of Number of Entities ( in Table C-2)
by the 1
st
to the 8
th
Standard orders, respectively.
TABLE C-1 Entity Detail Summary of Time by 1
st
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
4.27 4.27 4.25 4.27
Severity 4
18.36 27.81 30.69 24.89
Total
29.12 40.27 41.80 36.42
TABLE C-2 Entity Detail Summary of Number of Entities by 1
st
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 19 19
Severity 2
117 117 110 110 103 103 103 103
Severity 3
3,434 3,434 3,484 3,482 3,457 3,454 3,457 3,454
Severity 4
9 9 16 16 9 9 9 9
Total 3,585 3,585 3,630 3,628 3,588 3,585 3,564 3,558
Note : Nr. In is number of the input and Nr. Out is number of the output.
140
TABLE C-3 Entity Detail Summary of Time by 2
nd
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
4.67 4.67 4.65 4.67
Severity 4
18.36 27.81 30.69 24.89
Total
29.52 40.67 42.20 36.82
TABLE C-4 Entity Detail Summary of Number of Entities by 2
nd
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,434 3,484 3,480 3,457 3,454 3,410 3,404
Severity 4
9 9 16 16 9 9 16 16
Total 3,585 3,585 3,630 3,626 3,588 3,585 3,564 3,558
Note : Nr. In is number of the input and Nr. Out is number of the output.
141
TABLE C-5 Entity Detail Summary of Time by 3
rd
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
5.57 5.57 5.55 5.57
Severity 4
18.36 27.81 30.69 24.89
Total
30.42 41.57 43.10 37.72
TABLE C-6 Entity Detail Summary of Number of Entities by 3
rd
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,433 3,484 3,470 3,457 3,453 3,410 3,402
Severity 4
9 9 16 16 9 9 16 16
Total 3,585 3,584 3,630 3,616 3,588 3,584 3,564 3,556
Note : Nr. In is number of the input and Nr. Out is number of the output.
142
TABLE C-7 Entity Detail Summary of Time by 4
th
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
5.97 5.97 5.95 5.97
Severity 4
18.36 27.81 30.69 24.89
Total
30.82 41.97 43.50 38.12
TABLE C-8 Entity Detail Summary of Number of Entities by 4
th
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,433 3,484 3,469 3,457 3,453 3,410 3,402
Severity 4
9 9 16 16 9 9 16 16
Total 3,585 3,584 3,630 3,615 3,588 3,584 3,564 3,556
Note : Nr. In is number of the input and Nr. Out is number of the output.
143
TABLE C-9 Entity Detail Summary of Time by 5
th
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
5.17 5.17 5.15 5.17
Severity 4
18.36 27.81 30.69 24.89
Total
30.02 41.17 42.70 37.32
TABLE C-10 Entity Detail Summary of Number of Entities by 5
th
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,433 3,484 3,478 3,457 3,454 3,410 3,404
Severity 4
9 9 16 16 9 9 16 16
Total 3,585 3,584 3,630 3,624 3,588 3,585 3,564 3,558
Note : Nr. In is number of the input and Nr. Out is number of the output.
144
TABLE C-11 Entity Detail Summary of Time by 6
th
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
5.57 5.57 5.55 5.57
Severity 4
18.36 27.81 30.69 24.89
Total
30.42 41.57 43.10 37.72
TABLE C-12 Entity Detail Summary of Number of Entities by 6
th
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,433 3,484 3,474 3,457 3,453 3,410 3,402
Severity 4
9 9 16 16 9 9 16 16
Total 3,585 3,584 3,630 3,620 3,588 3,584 3,564 3,556
Note : Nr. In is number of the input and Nr. Out is number of the output.
145
TABLE C-13 Entity Detail Summary of Time by 7
th
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
6.47 6.47 6.45 6.47
Severity 4
18.36 30.42 30.69 24.89
Total
31.32 45.08 44.00 38.62
TABLE C-14 Entity Detail Summary of Number of Entities by 7
th
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,433 3,484 3,437 3,457 3,452 3,410 3,401
Severity 4
9 9 16 14 9 9 16 16
Total 3,585 3,584 3,630 3,581 3,588 3,583 3,564 3,555
Note : Nr. In is number of the input and Nr. Out is number of the output.
146
TABLE C-15 Entity Detail Summary of Time by 8
th
Std Order
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
6.77 6.78 6.75 6.77
Severity 4
0.49 45.85 20.77 21.54
Total
13.75 60.82 34.38 35.58
TABLE C-16 Entity Detail Summary of Number of Entities by 8
th
Std Order
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,390 3,484 3,355 3,457 3,388 3,410 3,386
Severity 4
9 1 16 2 9 3 16 5
Total 3,585 3,533 3,630 3,487 3,588 3,513 3,564 3,529
Note : Nr. In is number of the input and Nr. Out is number of the output.
147
C-4 The Results of Design of Experiment (DOE)
The results of experimental design of Throughput and Time in resolving
incident of severity 3 as shown in Figure C-3 and Figure C-4, respectively.
FIGURE C-3 DOE Results of Throughput
148
FIGURE C-4 DOE Results of Time in Resolving Incidents of Severity 3
149
C-5 Simulation Results for the Comparison Test
The simulation results that are provided for comparison Test, running for 4
replications. Table C-17 to Table C-20 show the summary of entity details of Time in
resolving incident and an entity details of Number of Entities.
TABLE C-17 KMRCA IT Service Desk; Entity Detail Summary of Time
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
2.51 2.28 2.55 1.84
Severity 2
3.98 5.91 4.31 5.43
Severity 3
6.77 6.77 6.75 6.77
Severity 4
0.49 45.85 37.95 21.54
Total
13.74 60.82 51.55 35.57
TABLE C-18 KMRCA IT Service Desk; Entity Detail Summary of Number of Entities
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
25 25 20 20 19 19 29 29
Severity 2
117 117 110 110 103 103 109 109
Severity 3
3,434 3,397 3,484 3,360 3,457 3,375 3,410 3,388
Severity 4
9 1 16 2 9 4 16 5
Total 3,585 3,540 3,630 3,492 3,588 3,501 3,564 3,531
Note : Nr. In is number of the input and Nr. Out is number of the output.
150
TABLE C-19 Typical IT Service Desk; Entity Detail Summary of Time
Time in Resolving Incidents (minutes)
Rep 1 Rep 2 Rep 3 Rep 4
Severity 1
1.61 1.15 2.15 2.75
Severity 2
5.92 4.97 4.99 4.26
Severity 3
7.28 6.96 7.61 7.11
Severity 4
18.99 22.11 24.58 25.22
Total
33.79 35.19 39.33 39.34
TABLE C-20 Typical IT Service Desk; Entity Detail Summary of Number of Entities
Rep 1 Rep 2 Rep 3 Rep 4
Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out Nr. In Nr. Out
Severity 1
27 27 20 20 21 21 21 21
Severity 2
100 100 105 104 117 111 88 88
Severity 3
3,017 2,994 2,898 2,889 3,085 2,979 2,986 2,973
Severity 4
10 9 7 7 10 5 9 9
Total
3,154 3,130 3,030 3,020 3,233 3,116 3,104 3,091
Note : Nr. In is number of the input and Nr. Out is number of the output.
151
C-6 Summary of Comparison Test Results
The statistical t-test results of Comparison of the KMRCA IT service desk and
Typical IT service desk by significant variables as shown in Table C-21.
TABLE C-21 Summary of Comparison Test Results
Replication KMRCA Typical S1-T S1-K S2-T S2-K S3-T S3-K S4-T S4-K
1 3,540 3,130 1.61 2.51 5.92 3.98 7.29 6.77 18.99 0.49
2 3,492 3,020 1.15 2.28 4.97 5.91 6.97 6.77 22.11 45.85
3 3,501 3,116 2.15 2.55 4.95 4.31 7.63 6.75 24.58 37.95
4 3,531 3,091 2.75 1.84 4.26 5.43 7.10 6.77 25.22 21.54
It is note that S1-T, S1-K, S2-T,, S4-K are average time in resolving incident
of Severity 1 of Typical IT service desk, average time in resolving incident of
Severity 1 of KMRCA IT service desk, average time in resolving incident of Severity
2 of KMRCA IT service desk,, Time in resolving incident of Severity 4 of KMRCA
IT service desk, respectively.
The below are the t-test results which were generated by Minitab 15.
a) Throughput; Paired T-Test and CI: KMRCA, Typical
Paired T for KMRCA - Typical
N Mean StDev SE Mean
KMRCA 4 3516.0 23.1 11.6
Typical 4 3089.3 48.9 24.5
Difference 4 426.8 37.6 18.8
95% CI for mean difference: (366.9, 486.6)
T-Test of mean difference = 0 (vs not = 0): T-Value = 22.68 P-Value = 0.000
b) Time in resolving of Severity 1; Paired T-Test and CI: S1-T, S1-K
Paired T for S1-T - S1-K
N Mean StDev SE Mean
S1-T 4 1.915 0.691 0.345
S1-K 4 2.295 0.326 0.163
Difference 4 -0.380 0.912 0.456
95% CI for mean difference: (-1.832, 1.072)
T-Test of mean difference = 0 (vs not = 0): T-Value = -0.83 P-Value = 0.466
152
c) Time in resolving of Severity 2; Paired T-Test and CI: S2-T, S2-K
Paired T for S2-T - S2-K
N Mean StDev SE Mean
S2-T 4 5.025 0.682 0.341
S2-K 4 4.907 0.912 0.456
Difference 4 0.118 1.457 0.729
95% CI for mean difference: (-2.201, 2.436)
T-Test of mean difference = 0 (vs not = 0): T-Value = 0.16 P-Value = 0.882
d) Time in resolving of Severity 3; Paired T-Test and CI: S3-T, S3-K
Paired T for S3-T - S3-K
N Mean StDev SE Mean
S3-T 4 7.248 0.287 0.143
S3-K 4 6.765 0.010 0.005
Difference 4 0.483 0.296 0.148
95% CI for mean difference: (0.012, 0.953)
T-Test of mean difference = 0 (vs not = 0): T-Value = 3.26 P-Value = 0.047
e) Time in resolving of Severity 4; Paired T-Test and CI: S4-T, S4-K
Paired T for S4-T - S4-K
N Mean StDev SE Mean
S4-T 4 22.7 2.8 1.4
S4-K 4 26.5 20.1 10.0
Difference 4 -3.73 18.64 9.32
95% CI for mean difference: (-33.39, 25.93)
T-Test of mean difference = 0 (vs not = 0): T-Value = -0.40 P-Value = 0.716
153
BIOGRAPHY
Name : Mr. Padej Phomasakha Na Sakolnakorn
Thesis Title : Knowledge Management System Improvement towards
Service Desk of IT Outsourcing in Banking Business
Major Field : Information Technology
Biography
Padej worked as senior process architect in IBM solutions Delivery Company, a
strategic IT outsourcing company, working on site at KASIKORNBANK during
April 2004 to May 2007. The purpose of process architect is to implement several
ITIL-based processes to outsourcing of KASIKORN Bank in particular IT service
desk function in Incident management process. Earlier joining the IBM, from October
1996 to March 2004, he worked as Quality assurance manager at SIAMTELTECH
computer company, an IT system integrator focuses on the areas of banking business
financial institutes, and telecommunication such as CAT and TOT.
For his education and certification, he earned a Bachelor of engineering degree
in electronics and telecommunication engineering from King Monguts Institute of
Technology Ladkrabang (KMITL) in 1991 and a Master of engineering degree in
management industrial engineering from King Monguts Institute of Technology
North Bangkok (KMITNB) in 1996. He was certified ITIL foundation in 2004.
Furthermore, he has been certified a License for professional practice in associate
electrical engineer (telecommunication and electronics) as well as he has been a
member of the Council of Engineers (COE), the engineering institute of Thailand
under H.M. the King's Patronage (EIT).
His interesting researches include IT service management (ITSM) improving
organizational IT outsourcing, Simulation study, Knowledge management system for
IT service desk, Text mining discovery algorithms and classification, and IT disaster
recovery planning (DRP).
Padejs home address at 23/123 Ladprao Road Cahnkaseam Chatujak Bangkok,
Thailand 10900 and his email is padejp@gmail.com .