Standards and practice. ITIL, the next generation - a leap forward
On June 14th, ITIL version 3 was officially introduced in the Netherlands at the ITSMF Academy, the annual conference of ITSMF Netherlands. For many organisations, the introduction of ITIL3 is an opportunity to further improve their IT services. Yet ITIL3 is also criticised, and other strong players are entering the best practices market, such as ISO/IEC 20.000, ASL, CobiT and BiSL. What does ITIL3 have to offer? Will it resolve the problems of ITIL2? And who is its target group?
ITIL3 is the result of a long development route by the British OGC, the Office of Government Commerce. It is being called a ‘refresh’ of the current ITIL2, and its release is accompanied with new books, training and certifications.
.jpg)
Why ITIL3 was developed
There were several reasons for developing ITIL3. The first is that ITIL was last updated in 2000. Since then, technologies have developed further and the needs of both the business and of IT users have changed. To meet these changes, existing ITIL processes needed to be brushed up and new processes had to be added.
Another aim of ITIL3 is to respond to the criticism that ITIL2’s process description is somewhat abstract. In addition, these abstract processes are implemented at various levels of the organisation’s hierarchy, and therefore at multiple departments and authorisation levels. This causes the implementation to be difficult and time-consuming. It occurs more and more often that organisations have to implement ITIL for a second or even third time.
A third reason for developing ITIL3 was to make ITIL more easily approachable for smaller organisations. Many organisations have experienced ITIL2 as too complex, extensive and hardly scalable. This is not only due to the number of ITIL processes, but also to the complexity of the processes themselves. Service level management, for example, is something that few organisations have been able to organise properly.
The lifecycle of products and services
The next generation ITIL has therefore shifted its focus. Whereas ITIL2 was based on working process-based – Incident management, Change management, et cetera – the central concept behind ITIL3 is the service lifecycle. This describes the lifecycle of products and services. The IT service has been divided into five domains: Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement.
The main aim of the service lifecycle is to optimise the provision of IT services, thereby securing its continuity. The IT organisation is given a more strategic role, keeping an eye on changing circumstances and adapting their services to them. The integration of processes, assets and people is vital in this.
Alternative options
IT organisations that now wish to introduce a best practice approach can choose from a wide range of standards and approaches to process management. In the Netherlands, two of the most prominent players in this field are ISO/IEC 20000 and BiSL.
ISO/IEC 20000 is not so much a model for process management as a formal standard for IT service management. It serves to measure the requirements standards with which an organisation should comply. Whereas ITIL is currently coming into favour in the U.S.A., South Africa, Australia and Europe, ISO/IEC 20000 is gaining popularity in Germany and Asia.
The Dutch BiSL (Business Information Services Library) has also been around for a few years. The main aim of BiSL is to bridge the gap between company processes and information systems. BiSL takes the point of view of the users of IT facilities and offers a process model to better and more efficiently apply information systems to support company processes. BiSL is therefore focused mainly on managers and professionals, whereas other best practices are focused solely on IT organisations.
Central theme
When choosing a best practice, many organisations take into account the theme of business/IT alignment. This alignment concerns the gulf between business and IT that exists within organisations. Business and IT are worlds apart, and gearing the IT services to the users’ demands is a great challenge for many organisations. The creators of ITIL3 state that the integration of business and IT is one of the points of interest for ‘version 3’. BiSL is a framework that has been developed with that statement in mind.
Popularity of ITIL
The main advantage of ITIL is that of all best practices, it is by far the best-known and most implemented. A representative survey of ITSMF shows that 85% of all IT organisations in the Netherlands use ITIL, wholly or in part. The fact that this percentage was 64% in 2005 indicates ITIL’s growing popularity.
ITIL earned its popularity partly because it has always been public property. There is a wide range of providers for consultancy and implementations, and there is plenty of documentation. But this is changing.
OGC has recently subcontracted the management of ITIL to a commercial institution, namely TSO, the former state-owned publisher in the UK. The ITIL certificates have been contracted to the APMG group, creators of amongst others Prince2. Suppliers of service management applications or IT consultants that intend to use ITIL will probably have to start paying for it. ISO/IEC 20000 and BiSL however are still public property, which means you do not have to deal with a commercial service supplier for licenses, implementations and consultancy.
Best credentials
Which IT service management standard has the best credentials cannot be determined. Nor does the use of one standard exclude the use of another – ITIL can for example serve to comply with standards set by ISO/IEC 20000. Many organisations already use ITIL and are therefore more likely to update to ITIL3, instead of adopting another unknown standard. In addition, many IT service management applications, such as TOPdesk, have been designed according to ITIL.
ITIL3 and ISO/IEC 20000 both have good credentials. ITIL3 has a well-established reputation and ISO/IEC 20000 is a transparent, auditable standard. BiSL is yet another of the many alternatives to ITIL and ISO/IEC 20000 that offers process organisation for the IT organisation. Which set of best practices is the best, is something that each individual organisation needs to decide.
Belangrijk thema
In hun keuze voor een best practice nemen veel organisaties ook het thema business-IT alignment mee in hun overwegingen. Deze alignment betreft de kloof tussen de business en de IT-afdeling binnen organisaties. De business-wereld en de IT-wereld spreken nog niet altijd dezelfde taal. De afstemming van de diensten op de behoefte binnen een organisatie is in veel organisaties nog steeds een uitdaging. De makers van ITIL3 beloven echter dat de focus op business-IT integratie een van de eigenschappen is die in ‘versie 3’ zal worden benadrukt. En BiSL is natuurlijk een framework dat juist met het oogmerk hierop ontwikkeld is.
Comment: Manager itSMF Netherlands Arjen Droog
.jpg)
We asked Arjen Droog, manager of ITSMF in the Netherlands, what his thoughts were on ITIL3: “ITIL3 is even more abstract than the current ITIL2. To the process description as we know it from ITIL2 they’ve added another layer: the service lifecycle. Depending on the ‘maturity’ of an organisation (the CMM model distinguishes five levels of maturity for IT service providers – ed.), one organisation will apply this more efficiently than another. Organisations that are on level 5 of the CMM model will probably implement ITIL3, as they already have a very pro-active approach. However, research of ITSMF shows that over 90 % of our members are on level 2 and only a few of them are on level 3 – hardly any of them have reached level 4 or even 5. In practice, organisations mostly do not need to be on a maturity level of 3 or 4; the impact of a malfunction is mostly not that high. Implementing ITIL3 may be useful from level 3 or more. A possible consequence – and danger – of implementing ITIL3 may be that the people on the shop floor can no longer keep track of the processes.”
“When ISO/IEC 20000 was introduced, many organisations felt that this was a serious alternative. ISO/IEC 20000 is extremely concrete, compactly described and easy to understand. It also has audit possibilities. An audit can be very useful to objectively report on the quality of a service. ITIL speaks the language of IT, whereas ISO/IEC 20000 speaks the language of the business world, bridging the gap between business and IT. An IT manager who chooses to implement ITIL3 may therefore miss out on the demonstrability of quality and the communication with the business.”
Comment: TOPdesk Consultant Sander Jerphanion
TOPdesk consultant Sander Jerphanion states: “Reading the five ITIL books raises the question as to whether ITIL can still call itself a ‘best practice’. You could conclude that ITIL would do better by letting go of the term, because despite relevant improvements, ITIL3 has turned out to be even more theoretical and abstract than ITIL2. The problems and criticism of ITIL2 that we experience on a daily basis have not really been tackled. In ITIL3, the number of processes has increased and the information has been spread out over five books; this creates a demand for experts that can extract the essential information and make the text understandable. It is therefore no great surprise that ITIL3 has been (almost) entirely written by consultants.
Nevertheless, much can be learned from ITIL3. There are some concrete improvements and relevant additions in the form of processes and activities; think of the Request Fulfilment process for example, which describes the processing of Requests and Standard Changes. It covers the grey area that existed between Incident management and Change management. These sorts of improvements will definitely be included in our software and implementation routes.
“On a theoretical level, ITIL3 is also a step forward. The way the service in a life cycle is described for example is very interesting for our consultants, although it is of no use to a large part of the small and medium-sized organisations. The material of ITIL2 has not yet been exhausted, and we can still benefit from much of its content. I would only recommend an organisation to take a (serious) look at ITIL3 when they’re fully and maturely using Service Delivery and Service Support processes.”
Leave a comment