Introducing the Defendant
ITIL was born in 1987 to modest critical acclaim and spent its formative years
as the preserve of large government and corporate IT departments with equally
large budgets. Eighteen years after its creation ITIL is preparing, just as every
other teenager/young adult does, to find its place in the world and make its
presence felt. The prior publication of BS 15000, and its internationalization
with the publication of ISO 20000, looks set to catapult this set of IT best
practices into the mainstream. Love it or hate it, you certainly cant ignore
it ITIL is coming to an IT shop near you.
ITIL is now big business and is considered by some as the thing that will
finally legitimize the IT function within the business world. Traditional references
to nerdy back office geeks with beards and sandals have been replaced
by talk of systematic incident management processes implemented by problem
managers, solution engineers, change approvers and the like. The IT landscape
is changing for sure, but is the brave new world of ITIL all that it is cracked
up to be?
Before embarking on a project to embrace these standards you might be
advised to take a few moments to consider whether or not they are right for
your particular organization and specific business requirements.
What is ITIL?
Unless you have been living under a rock for the past couple of years you
will know that ITIL is a documented set of processes designed to define how a
companys IT functions can operate. It contains a series of statements defining
the procedures, controls and resources that should be applied to a variety of
IT related processes.
ISO 9000 A Lesson for the IT Industry
The similarities between ITILs latest incarnation as BS 15000 and the ISO
9000 family of standards for quality management are clear. This is hardly
surprising since both sets of documents were drafted by the same standards
organization. To put it simply, ITIL can be thought of ISO 9000 for the IT
department.
Just as BS 5750 and latterly ISO 9000 attracted massive popular support
within the business world during the 1980s and 1990s, ITIL looks ready to
ride the wave of management popularity into the next decade. During its
hey day ISO 9000 became an industry of its own with consultants advising
on how to implement the standard, certification bodies auditing to see that
the standard had been implemented and yet more consultants employed to
rationalize the monolithic procedural manuals that were often created to gain
certification so that they were usable. There were articles, training courses,
text books, workshops, seminars and even government assistance programs
dedicated to the implementation of the standard.
Despite all of this, ISO 9000 is infamous for failing to deliver upon its
hype and has since been abandoned by many of its former supporters and
advocates. The common response to critics of the standard from the industry
gurus of the time went something along the lines of Theres nothing wrong
with the standard you must be implementing it wrong. This helpful advice
fueled the market for further consultancy services even more and perpetuated
what some consider to be one of the worst episodes in the arena of quality
management.
Some brave organizations resisted the overwhelming market pressures to
adopt the standard because they did not see sufficient benefits from it many
of these companies are still in business today and have suffered no long term
effects from their decision not to ride the ISO 9000 gravy train.
The Case for ITIL
Structured approach There is no disputing the fact that ITIL covers
all the major areas of interest that concern todays IT executive. Its
structured and systematic approach mean that it will allow managers responsible
for a chaotic IT organization to implement the various processes
step be step without absolute confidence that they will have hit the major
bases.
Good foundation upon which to build There is nothing in ITIL that
is superfluous or unnecessary in the absence of a defined system. ITIL is an
excellent starting point from which to build your IT service management
system.
The Case for ITIL 3
Analyst support/Easy ride for the CIO No-one is going to be
criticized openly for deciding to implement ITIL. The press coverage and
popular management appeal of it mean that it is the safe decision for
any IT executive wishing to demonstrate that they are up to date with
modern(ish) IT thinking.
Can be used to help prevent knowledge loss from the organization
The documented procedures and requirements for documenting
activities undertaken by the IT organization mean that should your
key personnel decide to leave then they will leave less of a void than
previously.
Prescriptive nature means that you dont have to think too
much Many people dont like to think. Others claim that they dont
have the time to think. And some prefer not to expose themselves by revealing
that they cant think on their own. Either way ITIL will relieve
you of the need to use your own thoughts and judgment when determining
how you want to run your organization.
Allows for job specialization The demarcation of roles and responsibilities
within ITIL will provide your HR department with many happy
hours determining a whole series of role based job titles. These in turn
may help you retain staff longer by offering them a defined career path
through your organization.
Requires IT management to formally review all processes
delivered by their teams When implementing ITIL, departmental
managers will need to take time out to map their current operations to
those flows defined in the framework. This in depth review can only serve
to do good as it forces management to get down into the nuts and bolts
of their business to reinforce their understanding of the issues facing their
staff and the requirements of the business.
Encourages the use of flow charting techniques to map out
business processes Visualisation of business processes is often the first
step to process improvement. Having documented and defined the process
graphically it becomes readily accessible to everyone within the organization
and can the diagrams can become an invaluable troubleshooting and
improvement tool.
Consistent usage of defined terminology across the industry
promotes understanding and simplifies communication This is
possibly the greatest benefit that ITIL brings to the industry. A common
vocabulary allows us all to communicate more effectively and enables
closer comparison of like with like than has ever been possible.
Traceability and accountability With structured systems come the
ability to formally trace and review what was done about any particular
incident or problem. Such audit trails are an invaluable aid to piecing
together a picture of what transpired and allow even those not directly involved
with a case to get up to speed quickly and contribute if appropriate.
Ambiguities and vagueness in definitions give you flexibility It
should be remembered that ITIL is a loose framework of guidance notes
and as such has sufficient holes to allow you to operate in many different
ways whilst remaining in alignment with ITIL general direction.
The Case Against ITIL
Stifles creativity/innovation The very fact that ITIL lays down a
framework of business processes means that those implementing do not
have to go through the process development phase for themselves. Whilst
this is undoubtedly a massive time saving it does also mean that those
adopting the standard are locked into the overall direction of the ITIL
model and will find it hard to do anything innovative or novel.
Food for consultants Just as the ISO 9000 phenomena created an
industry of its very own, ITIL looks certain to do the same with countless
companies already offering Certification, Compliance audits, BPR, Process
consultancy and the like.
Diverts attention from real objectives/Becomes a goal in itself
Implementing ITIL has become a job in itself for some IT executives.
This misdirection of resources means that the improvement of services,
reliability and user satisfaction can take a back seat.
Allows senior management to pay lip service to real issues
Were ITIL so were alright Being ITIL certified or implementing
an ITIL certified system does not guarantee any level of system performance
or achievement. It is dangerous to suggest that ITIL will fix all, or
any, of the ills of your IT infrastructure. Only hard work and a systematic
approach to problem resolution and subsequent prevention will do this.
Seen as a Magic Pill/Silver bullet Adding ITIL processes
on top of a chaotic IT infrastructure is likely to make matters worse
rather than better. The added burden of ITIL procedural requirements
can make an overstretched IT operation lose its way and cause it to fail
under the load.
Creates inertia/Can be used as an excuse for inactivity Formal
procedures always bring some level of inertia into an organization. The
need for everyone to be trained and the need for everyone to buy in to the
new way of working is only one example of how ITIL could impact your
operation. If you then throw into the mix the need for a procedural review
body to oversee and approve any changes it is easy to see how you can
spend more time on the paperwork than on what your actually supposed
to be doing.
Lack of credible research into its effectiveness and value To date
there has been no study into the implementation of ITIL on a large scale to
identify and prove the benefits that its supporters claim. After sixteen plus
years it is surprising that someone somewhere has not collected this data.
The Case Against ITIL 5
Doesnt promote a continuous improvement culture ISO 9000
was initially slated by many quality professional for its consistency rules
approach. In subsequent revisions this was rectified somewhat with the addition
of clauses relating to preventive action etc. Regrettably ITIL hasnt
yet learnt from its quality focused relative and has very little to do with
the systematic prevention of problems and incidents at this time. Even the
areas of Error Control do not truly address what it is required to prevent
something happening. Instead, they focus solely on root cause analysis
with somewhat morbid fascination.
Best practices by definition mean that you are only average
If everyone accepts something to be the best and adopts it wholeheartedly
then everyone has the best, and the best then becomes only average. Unless
organization continually review their processes and change them in order
to achieve greater efficiencies, greater level of service or reduced costs then
they will soon fall behind the marketplace and become less than average.
Devised by bureaucrats for bureaucrats ITIL was originally developed
by government officials to allow government officials to manage IT
projects more effectively than they had done previously.Whilst ITIL probably
did do great things to improve the effectiveness of these institutions,
it should be remembered that government is not, and is not likely to become,
the performance standard against which modern business measures
itself.
Creates arbitrary boundaries between functional groups The
distinctions between problems and incidents highlighted within the ITIL
framework do little to encourage cross departmental liaison and cooperation.
There is a real danger that front line organizations will only focus on
incident management and will not dedicate sufficient time and resources
to problem resolution. Equally, second line organizations may feel justified
in passing their customers to the first line rather than dealing with them
directly with obvious detriment to customer service.
Blind faith on the part of some managers that ITIL processes
are the best way of working The trade media has spent so much time
extolling the virtues of ITIL that many IT executives have forgotten their
usual scepticism. Managers that would never take the word of a vendor
on its own are blindly following the pronouncements of a few industry
luminaries as gospel.
Lack of detail in some areas/Over prescriptive in others The
ITIL framework adds value in areas where it brings clarity to the unclear
and definition to the chaotic. Unfortunately, some subject areas are covered
in more detail and with more thought than others. This is the price to be
paid by any document that has multiple authors contributing standalone
chapters without a strong overriding editorial direction.
Fails to tie the provision of IT services back into the overall business
goals and objectives Remember ITIL was born in government
where the usual business rules dont always hold true. Sure, cost control
is important as is efficiency, but we should bear in mind that all government
departments are constantly looking to increase their size and remit
because with size and influence comes power.
Increased administrative burden Additional process steps and increasingly
data hungry support systems can significantly increase the
amount of reporting required of your employees. Dont be surprised if
some of your staff resent this additional element to their duties and claim
to have two jobs rather than one the second being to write about what
they do!
The Jury is Still Out . . .
It is not the intention of this book to answer the question Is ITIL right for
you?. This is something that only you can answer and even then only after
you have conducted a careful review of the pros and cons as they apply to
your organization. The following set of points are intended to act as a guide
for readers when deciding on whether or not to go the ITIL route or not.
1. Make your own assessment
2. Dont believe the hype Healthy scepticism is a good thing!
3. Use the framework as a starting point/foundation on which to build
4. Dont change for the sake of change Know why you are changing and
what you want to achieve from the change
5. Measure before, during and after any process change
6. Keep it simple Please!
7. Dont be afraid to question the validity of the framework Always, always
ask why?
8. And remember to be better than average you will have to go beyond ITIL!
Many solution vendors are jumping on the ITIL band wagon to add weight
to their claims about their products and services. Until such time that ITIL
has been proven in the field by legitimate research it would be wise to treat
such statements as any other marketing sound byte.
The industry is already awash with people claiming to certify solutions
and organizations against ITIL. The publication of ISO 20000 is likely to
increase the number of parties involved in these activities and means that
buyers should be increasingly careful to do appropriate due diligence on any
expert they are planning to engage.
Ultimately ITIL will probably be a good thing for everyone involved in
the IT industry it will require all IT professionals to raise their games to
a reasonable level and may even help eradicate some of the more technology
centric practices of the past.
ITIL wont change the world, but it might just make it a little less
chaotic . . .Providing you implement it correctly for your own individual
circumstances and treat it as the starting point of your ITSM journey and
not the final destination.
