«    »

What is ITIL Service Management?

I recently attended a three day course on ITIL Service Management and wanted to share what I learned and what my impressions of ITIL were.

ITIL - Information Technology Infrastructure Library - is a library of books that defines a framework of processes for IT and provides guidance regarding their implementation. ITIL was created by the British government in the 1980's to help manage the IT organizations of its agencies. ITIL has continued to be maintained and updated by the British agency Office of Government Commerce (OGC), and the use of ITIL has spread across Europe and more recently North America. ITIL has also expanded beyond a set of books. ITIL was used as the basis for the recently-created ISO 20000 standard. ITIL also provides three levels of training and certification: Foundations, Practitioner, and Service Manager. The course I took was at the introductory Foundations level which focuses on concepts and terminology, leaving the details concerning each practice to be covered at the Practitioner level.

ITIL views IT as a collection of services. The provision of each service includes the necessary hardware, software, documentation, support, and management. This is a holistic viewpoint that aligns with the needs of the business, rather than organizing by technology which tends to result in separate silos that have difficulty coordinating. IT Service Management comprises the core of ITIL, focusing on the provision of high-quality IT services to the business in a cost-effective manner. Service Management is divided into two core areas, each consisting of a set of related processes: Service Support and Service Delivery.

Service Support focuses on the daily operation and support of IT services and consists of:

  • Service Desk: Formerly known as the help desk, the service desk functions as the single point of contact for users.
  • Incident Management: Handles incidents - interruptions to a service - with the goal of restoring normal operation as quickly as possible.
  • Problem Management: Focuses on long-term improvements to reliability by determining the root cause of incidents and proactively preventing problems.
  • Configuration Management: Provides a logical model of the IT infrastructure by tracking the status of all significant configuration items such as hardware and software. This model not only lists individual components, but also relationships between them. This is not the same as version control for application development (i.e. with version control software such as Subversion), but is at a higher level and is much broader in scope, which confused me initially. As an example, consider several applications deployed to several clusters of production servers. Configuration Management might decide to track each physical server and each application. For each application, the version deployed in production is identified. The list of servers that each application is deployed to could also be tracked.
  • Change Management: Controls changes to the production environment by reviewing and approving or rejecting all changes and coordinating the implementation of the change.
  • Release Management: Responsible for the building, packaging, testing, and deployment of a release - a collection of authorized changes. This can include deploying new software, new hardware, or both. I and others in the course were confused at the distinction between Change Management and Release Management. My impression is that Release Management is better named Release Packaging and Deployment because the role has very little to do with actual management and is subordinate to the Change Management role.

Service Delivery performs the long-term planning and improvement of IT services, operating at a tactical level rather than the daily operational level of the Service Support processes. Service Delivery consists of:

  • Service Level Management: Primary point of contact with the customer - the payer of the bills - to ensure business needs are being met by agreeing to service level agreements (SLAs) and monitoring and reviewing the actual service levels achieved.
  • Availability Management: Ensures the availability of the service according to the agreed service levels. This includes reliability, maintainability, serviceability, and security.
  • Capacity Management: Ensures that both current and future capacity needs are provided cost effectively. Capacity includes both storage and performance requirements.
  • Financial Management: Performs budgeting and accounting to explain the cost of providing each service to ensure that services are run cost effectively.
  • Continuity Management: Ensures that IT services can be recovered within agreed time spans after a disaster, euphemistically called an "interruption to the business" by ITIL.

I found the Service Support area more relevant than Service Delivery given my time spent on application maintenance and support. The Service Support processes were an unexpected hybrid of practical, common-sense processes and theoretical or idealistic approaches. The essence of the Service Desk, Incident Management, and Problem Management are all common-sense and implemented in to some degree in many IT organizations, although I think more emphasis needs to be placed on Problem Management - both the root cause analysis and the proactive prevention of problems. Configuration Management was the most theoretical of the approaches. ITIL showed almost every other process workflow updating the database of configuration items maintained by Configuration Management. This may be valid at an abstract, conceptual level, but does not correspond at all to anything I have seen in practice. This made it hard to understand how Configuration Management would be applied. This was actually my biggest disappointment with the course - it did not cover the details on how to set up and execute each of the processes. As a result, I finished the course feeling that I had nothing concrete to apply to my day-to-day activities. When I talked to the instructor about this, he explained that process details are not covered in the introductory Foundations course I took, but they are addressed in the Practitioner level courses.

ITIL needs to be approached from a pragmatic viewpoint. The ITIL materials acknowledge that you do not need to implement all the processes immediately, and should only apply them to the extent that they add value versus imposing unnecessary overhead. There is a definite risk with ITIL that rule makers will want to rigorously implement all the processes beyond what is reasonable.

Should you pursue ITIL Service Management training or certification? For the typical software developer, I think the benefits are low. Certification only matters if clients or employers are asking for it. From what I have heard ITIL is growing in popularity within large organizations, so ITIL certification may grow in importance for consultants. The ISO 20000 standard that is based on ITIL is too new yet to determine if organizations in North America will adopt it. Ignoring certifications and standards, the ITIL Service Management Foundations material does provide some value. For those new to IT - whether they are managers or support staff, the material provides a good overview of IT as a whole. The most significant benefit of ITIL is that it provides a common language with which to discuss IT.

If you find this article helpful, please make a donation.

«    »