Key Considerations for Establishing ITIL in your Enterprise

Copyright (c) 2009 robertkeahey.com - All rights reserved

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL® IN YOUR

ENTERPRISE

July 2009

WHITE PAPER

CONTENTSExecutive Summary ............................................................................................................................................... 1

Benefits of Using ITIL as an IT Service Management Framework ............................................................................ 2

ITIL Benchmark Study Results ............................................................................................................................ 2

Factors affecting benchmark results: .............................................................................................................. 2

Overview of the ITIL Framework ............................................................................................................................ 3

Get Ready... Get Set... Wait! ................................................................................................................................. 4

Five Areas of Focus ................................................................................................................................................ 4

Focus Area 1 - Organizational Preparedness ....................................................................................................... 4

Focus Area 2 - Scoping ....................................................................................................................................... 5

Focus Area 3 - Governance ................................................................................................................................. 6

Governance Model ......................................................................................................................................... 7

Governance Committee ................................................................................................................................. 8

Focus Area 4 - Training ....................................................................................................................................... 9

Focus Area 5 - Tools and Resources .................................................................................................................. 10

CMDB ........................................................................................................................................................... 10

Toolkits .........................................................................................................................................................11

Summary ............................................................................................................................................................. 12

Appendix A - Organizational Preparedness Self-Assessment ............................................................................... 13

Appendix B - Comparison of Key Frameworks and Models ................................................................................... 15

Appendix C - ITIL Certification Model ................................................................................................................... 16

Appendix D - Recommended Training ................................................................................................................... 17

Appendix E - Essential ITIL Toolkit Elements ........................................................................................................ 18

About robertkeahey.com ..................................................................................................................................... 19

Figures

Figure 1 - ITIL Benefits ........................................................................................................................................... 2Figure 2 - ITIL Processes and Functions .................................................................................................................. 3Figure 3 - Key Focus Areas...................................................................................................................................... 4Figure 4 - KEY ITIL Processesses and Functions for Service Delivery ....................................................................... 5Figure 5 - Governance Model Relationships and Drivers ......................................................................................... 7Figure 6 - Sample Governance Committee Model .................................................................................................. 8Figure 7 - Organizational Preparedness Self-Assessment Matrix .......................................................................... 13Figure 8 - Comparison of Key Frameworks and programs (Source Wikipedia) ...................................................... 15

robertkeahey.com KEY CONSIDERATIONS FOR IMPLEMENTING ITIL® IN YOUR ENTERPRISE Page 2

Figure 9 - ITIL Certification Model ........................................................................................................................ 16Figure 10 - Recommended Training....................................................................................................................... 17Figure 11 - Essential ITIL Toolkit Elements ........................................................................................................... 18

www.robertkeahey.com KEY CONSIDERATIONS FOR IMPLEMENTING ITIL® IN YOUR ENTERPRISE Page 1

EXECUTIVE SUMMARY

IT service management is at a critical juncture. A "perfect storm" is brewing that holds the potential to wreakhavoc on already fragile IT organizations, severely impacting both internal and external service delivery and doingirreparable damage to your company's brand.

The economic melt-down that has occurred over the last 12 months has all but eliminated the ability of most ITorganizations to invest in new technologies - thus burdening them with the task of responding to business unitdemands with antiquated resources. And more and more of those resources, both physical and human, are beingeliminated on a daily basis, leaving IT managers faced with an even greater challenge of trying to deliverresponsive solutions to meet satisfy the enterprise's need to gain first mover advantage in a volatile marketplace.

As companies "repaint" themselves to respond to the latest cloud computing industry buzz, IT managers are facedwith the tough job of weeding through the hype to determine who can really deliver stable, cost effective ITservices. Even more challenging is responding to the lines of business demands for more responsive, self-provisioning services. What is the right IT infrastructure architecture to support the optimal blend of legacyservices and next generation social networking capabilities?

The third element of the perfect storm may be the most challenging - how do IT managers justify their existence?Should internal IT provide services to the enterprise or should they be outsourced? Is it an all or nothingproposition? How does the IT manager articulate the value of her organization's services in terms of the strategicobjectives of the corporation? Is IT relevant to the business?

These are tough questions that challenge even the most effective IT organizations. Unfortunately, long beforethe current crisis IT managers were faced with the task of demonstrating, implementing and executing a strategyto ensure effective delivery of IT services. The vast majority have been focused on one thing - cost cutting. But aswe all know, very seldom does cost cutting result in improved services and responsive organizations.

Now is the time to take what may be the biggest risk many IT managers have ever contemplated - positioning forthe future. No amount of additional cost cutting is likely to solve the challenges that lie ahead - respond tomarket needs, grow the business, improve service levels, with no additional resources. In order to accomplishthis, IT managers must institutionalize industry best practices that provide balance between two opposing forces -control and flexibility. Accomplishing this task is by no means easy, but with proper planning and execution it canbe done - and the benefits of a well-managed service delivery organization can be realized!

This white paper is the second in a series that takes a look at the journey to creating a business relevant ITinfrastructure. It focuses on the critical steps that should be followed in order to successfully implement anInformation Technology Infrastructure Library® (ITIL®) V3 framework within your IT service managementorganization. It is not intended to be an ITIL primer, but rather a guide to getting started with ITIL.


BENEFITS OF USING ITIL AS AN IT SERVICE MANAGEMENT FRAMEWORKImproved alignment with corporate strategy and business objectivesCommon model for the definition of IT products and servicesImproved communication, awareness and supportImproved product and service lifecycle managementReduction of financial and regulatory riskIncreased operational efficiency and effectivenessIncreased productivity and asset utilizationIncreased focus on continual service improvementGreater operational and business agility

ITIL BENCHMARK STUDY RESULTS

FACTORS AFFECTING BENCHMARK RESULTS:Companies that used external ITIL expert consultants achieved a higher level of results.Companies that implemented the complete suite of ITIL processes, as compared to companies thatimplemented ITIL in selected processes, achieved a higher level of results.Companies that invested in IT management tools to assess process changes and enable IT servicesachieved a higher level of results, compared to those companies that performed process changes withlittle or no investment in IT tools.

Source: Research study of 55 global enterprises conducted by Glomark-Governan

ITIL Benefits Category % ImprovementLow High

Reduction in help desk calls 8 14

Reduction in overall IT support costs 16 32

Reduction in number of failed changes from improved testing 15 27

Reduction in FTEs assigned to incident matching, as a result of greaterinsight into the relationship between users, configuration items, andincidents

25 38

Reduction in the number of recurring incidents 7 13

Average reduction of time spent on problem management 9.4 9.4

Decreased user downtime as a result of better incident management 10 28

Reduction in the number of customers lost during systems failures, causedby inefficient management of changes 10 40

Reduction in the average incident resolution time 28 48

Companies experiencing improved recovery time after disaster 40 74

FIGURE 1 - ITIL BENEFITS


OVERVIEW OF THE ITIL FRAMEWORKFirst and foremost, it's important to understand what ITIL V3 is and is not. ITIL is a framework, much like theframing of a house or building. It is the support structure upon which the remainder of the facility is built - tailoredto the specific design requirements for the intended tenants. ITIL is a framework on which policies, standards,methods, processes, tools and "good practices" (commonly referred to as best practices) can be applied. As itsname implies, ITIL is a "library" of process and function definitions and templates which can be deployed invarying degrees within an IT service management organization. It is not a system, software product or tool. Youdon't "install" ITIL, you deploy the framework.

People are what make ITIL work in an organization. Unless the people in the enterprise are committed to ITIL ithas very little chance of producing meaningful value. The people are the practitioners of the ITIL framework andtheir skills and expertise can be measured through the various levels of the ITIL practitioner certification process.ITIL itself does not have a certification process like ISO, so it is very important that close attention is paid to thecare and feeding of the practitioners who implement and oversee the framework. They are your "measurementstick" for determining the health of the framework itself (the value of ITIL is measured via business performance).

ITIL V3 consists of five "core" publications shown in Table 2, which represent the phases of the IT servicemanagement life cycle. Within each phase a set of functions and processes is defined. ITIL in and of itself is not"prescriptive", instead providing guidance with respect to implementing good practices to improve different areasof IT service management. Thus, it is up to the ITIL practitioners to determine on which areas and strategies tofocus to provide the greatest return on investment - relative to the business strategy and objectives of theenterprise.

The remainder of this white paper will focus on the key considerations to address before establishing ITIL withinthe enterprise, rather than the actual execution of the functions and processes that make up the IT servicemanagement capability. Without the proper foundation and framework, it is highly unlikely that the IT servicemanagement improvement initiatives within your enterprise will be able to support themselves under theimmense pressure of day-to-day operational requirements.

Service Strategy Service Design Service Transition Service Operation Continual ServiceImprovement (CSI)

Financial Management Service CatalogManagement

Transition Planning andSupport

Event Management Seven-step ImprovementProcess

Service PortfolioManagement Service Level Management Change Management Incident Management Service Measurement

Demand Management Supplier ManagementService Asset and

Configuration ManagementProblem Management Service Reporting

Capacity ManagementRelease and Deployment

ManagementRequest Fulfillment

Return on Investment forCSI

Availability ManagementService Validation and

Testing Access Management Business Questions for CSI

IT Service ContinuityManagement

Evaluation Service Desk

Information SecurityManagement

Knowledge Management Technical Management

Requirements Engineering IT Operations Management

Data and InformationManagement Applications Management

FIGURE 2 - ITIL PROCESSES AND FUNCTIONS


GET READY... GET SET... WAIT!We all want results. Immediate, tangible validation that our efforts are bearing fruit and satisfying the goals andobjectives that drives them. But all too often we plunge head first into initiatives without laying the groundworknecessary to ensure a defined minimum standard for success. ITIL has many different entry points and choosingwhere and how to start is extremely important since ITIL covers the entire spectrum of IT service management -from strategy through continuous improvement. So picking the right scope and entry point for your ITIL strategyis essential to success.

FIVE AREAS OF FOCUSThere are many different ways to approach corporate initiatives, butalmost all of the approaches have a common set of steps that are requiredto ensure a successful launch. This white paper outlines five areas of focusto help prepare for the initiation of your ITIL program within yourenterprise. Each area focuses on key aspects that are unique to ITIL, withthe intent of accelerating the launch process and improving your odds forsuccess. While not all of these areas are absolutely required, and they canbe rearranged to fit your company's business model and organizationaldynamics, it is recommended that you follow the recommendations asclosely as possible.

FOCUS AREA 1 - ORGANIZATIONAL PREPAREDNESS

Organizational preparedness (readiness) is at the center of the focus areas for a very basic reasion - if theorganization is mssing the key ingredients required for an effective ITIL implemenation then it is highly unlikelythe investment in people, time and resources will pay the expected dividends. ITIL is not for the faint of heart. Itrequires commitment and discipline. Therefore its deployment and ongoing operations must be treated with thesame level of energy and focus as any other corporate initiative. The good thing about ITIL is that many IT servicemanagement organizations are already performing a lot of the functions and processes defined by ITIL. Thus theinvestment to bring them together under a structured framework can be quite small in terms of capital and P&Lexpenses. But if the organization is not prepared to adopt a framework as an accpted way of working, then eventhough the financial investment may be small, the negative impact on the organization from a failed initiativecould be significant.

There are many aspects of program management that will not be covered in this white paper - planning,organization, sponsorship, communication, measurement, etc. These are basic ingredients of any successfulinitiative and it is assumed that your enterprise has established methods, processes and tools in place to supportlarge scale programs. If not, then is it is highly recommended that you establish these capabilities first - and thentackle the task of IT service management improvement through an ITIL framework approach.

There are several factors that underpin a successful ITIL framework rollout. The Organizational PreparednessSelf-Assessment matrix found in Appendix A can be used to assist in determining if your organization (orenterprise) has these essential organizational dynamics in place to successfully roll out an ITIL framework for ITservice management improvement. These dynamics focus on key aspects that relate to the five phases of ITIL -ranging from change orientation to working with outside suppliers and partners.

FIGURE 3 - KEY FOCUS AREAS


After completing the self-assessment if any of the dynamics are rated "Not at All" or "Accepted" then it is highlyrecommended that you not launch an ITIL initiative until you have improved the dynamic to a minimum rating of"Initiated". Even then, proceed with caution, and it is suggested that you seek outside resources experienced inITIL implementations to help you avoid the many pitfalls along the way. All too often organizations believe thatimplementing a framework brings the organizational dynamics and discipline required for improvement. Just theopposite is true. Organizational dynamics and discipline must be in place before any framework can help improvean organization's performance. Implementing a framework is much like implementing automation tools andtechniques. If you try to automate a mess then you end up with an automated mess.

FOCUS AREA 2 - SCOPING

ITIL is a big framework. Simply put, the framework is too comprehensive for any organization to adopt in itsentirety. At least not all at once. Companies that have successfully implmented the full ITIL framework normallyspend at least 18 to 36 months in establishing the framework and then populating each of the phases with bestpractices and tools required to operationlize the framework. Regardless of your ITIL implementation strategy,defining the subset of business and IT processes and functions that will provide the best return on investment is acritical first step.

There are several approaches to determining which areas of your IT service management capability can benefitthe most from the implementation of the ITIL framework and associated best practices and tools. Hopefully yourIT organization has basic controls and measures in place that provide some degree of insight into theeffectiveness of your operations. If so, then it is recommended to use that data as a starting point for determiningwhich phases of ITIL will be most beneficial. If not, then there are studies that have been conducted that provideuseful information about the areas of IT service management that lend themselves to improvement through theapplication of structure, control, measurement and continuous improvement.

Given today's focus on improving IT service delivery while maintaining or reducing expenses, it is somwehat aforegone conclusion that most enterprises emphasize operational improvement as their primary goal. Thus, theService Transition and Service Operations phases of the ITIL framework are usually the place where mostenterprises choose to start. This leads us to a recommended subset of processes and functions within these twophases:

Service Transition Service OperationChange Management Event Management

Incident ManagementProblem Management

Service Asset & Configuration ManagementRelease & Deployment Management

Service DeskRequest FulfillmentAccess Management

FIGURE 4 - KEY ITIL PROCESSESSES AND FUNCTIONS FOR SERVICE DELIVERY

This subset is selected because they are closely related:

Service Asset & Configuration Management is a foundational element required for managing change.Before you can reliably modify your existing operational evnrionment you must have a clear and accuraterepresentation of the infrastructure assets that are used to deliver services.Change Management and Release & Deployment Management go hand-in-hand for establishing thecontrols required to successfully deploy changes to the operational environment.


Event, Incident and Problem management all deal with the same fundamental functions and processes -identifying and managing disruptions (even though they may not cause an outage) to the operationalenvironment.Request Fulfillment and Access Management provide the mechanims to ensure that requested servicesand access are reliably provided.Service Desk is the underpinning function that provides direct customer service for the management ofall requests - whether they be for service requests, problem reporting or requests for information.

Thus it makes sense to focus on these areas together to optimize the planning, methods, processes and tools thatwill be used to deploy new capabilities for IT service management improvement. So why not focus on the otherfucntions and process in Service Transition and Service Operation? First, scope - biting off more than you canchew on a first attempt at ITIL is risky. Secondly, the functions defined by Technical Management, IT OperationsManagment and Applications Management are very broad, and encompass many different processes anddisciplines. Finally, for organizations initially focusesd on service delivery (versus strategy, portfolio management,etc.), these areas have been identified as key areas by several different surveys and studies. In 2008 the IT ProcessInstitute in conjunction with Computer Associates published its Change, Configuration, and Release PerformanceStudy. The report is based on an extensive survey of 341 companies and eleven executive interviews to identifybest practices that predict the highest levels of performance impact. As you will see from this report, the keyareas of change and release management and the requisite support functions were identified as the areas thatprovide the greatest operational improvement for the investement of time and resources.

FOCUS AREA 3 - GOVERNANCE

Governance is a topic of discussion that makes most people cringe when they hear it. Unfortunately it hasbecome synonymous with bureaucracy, control, snooping, meddling and several other descriptors that imply thatgovernance is counterproductive to forward progress within an enterprise. If not properly organized, managedand reviewed it can become just that. But when governance is effectively applied to a program or initiative it canprovide significant benefit in terms of sponsorship, guidance and support.

Initiating an ITIL framework program or initiative without proper governance is guaranteed to fail. As mentionedin the previous focus area, ITIL is a large framework, and without proper oversight the rollout program or initiativewill quickly experience scope drift, cost overruns, and unwanted (but well deserved) scrutiny from auditors,controllers, business unit leaders and senior executives.

There are many aspects to governance and depending on the maturity of the enterprise, governance may be partof everyday business operations, or it may be something that is recognized as a "need to have". In the context ofthis whitepaper, it is assumed that most organizations that are focusing on IT service management improvementare more than likely part of an established enterprise - thus the focus will not be on the benefits of governanceand how it works, but rather on the aspects of ITIL that are important to consider when building your governancemodel to support your framework rollout.

Two areas of governance will be addressed. The governance model itself, and how the relationships betweenother frameworks and quality management systems need to be considered. The second area will focus on howthe governance oversight - in terms of a governance committee - should be structured for maximum return oninvestment.


GOVERNANCE MODEL

Figure 5 depicts a typical enterprise environment. At the center of the enterprise is a series of basic businessoperations functions such as planning, architecture and service management. These business operationsfunctions are shaped by the market, customers and business constraint imposed by stakeholders and aresupported by one or more frameworks that focus on a particular aspect of the service delivery model. Servicelevel drivers determine how broadly and deeply the framework is populated with methods, processes, tools andbest practices. Surrounding the business operations functions and frameworks is (typically) some type of a qualitymanagement system - shaped by the same market, customer and stakeholder constraints, and further defined byexternal government and regulatory compliance requirements.

FIGURE 5 - GOVERNANCE MODEL RELATIONSHIPS AND DRIVERS

While ITIL is focused on the improvement of IT service management, it is broad in the number of businessfunctions with which it must interoperate to be effectively deployed within an enterprise. Thus the opportunityfor overlap with other frameworks and quality management and control systems is fairly high. The key toremember about ITIL is that as a framework it focuses on structure, nomenclature and discipline rather thanspecific methods, processes, tools and best practices - and the ability to integrate those capabilities within theframework is at the core of a successful deployment.

Appendix B provides a comparison of some of the most common business frameworks and quality and controlmodels. An essential step in preparing to deploy ITIL is to assign priority to which framework or model will be the"primary" governance model for a particular function or process within the enterprise service delivery model.With respect to ITIL, the following primary governance areas are recommended as a starting point:

IT portfolio development and managementIT service management architecture and designAsset and configuration managementChange management and release managementRequest managementService desk


GOVERNANCE COMMITTEE

A well organized and managed governancecommittee provides great value in not only"controlling" the deployment andmanagement of a business capability, butalso in providing the key sponsorship neededfor any program to be successful. Thus themakeup of the governance committee iscritical - with the key being to have theproper number and mix of stakeholdersinvolved.

Figure 6 depicts a sample governance committee model for an ITIL framework. The model represents sevenstakeholders (five required, two optional) that must be actively engaged in the oversight and support of an ITILdeployment. Supporting the governance committee is a program office which should leverage themethodologies, tools and best practices of your enterprise. However, since continuous improvement is aunderpinning aspect of ITIL, it is suggested that the function of quality management be included in the programoffice oversight, adding it as a stakeholder as the framework is institutionalized within the enterprise and theContinuous Service Improvement phase is addressed as a separate initiative.

Each of the stakeholders has a key role within the governance committee:

IT Operations - must be the senior director or executive responsible for the day-to-day IT servicemanagement. The executive is at the center of the improvement initiative and is ultimately responsiblefor the results from the deployment of the framework. IT may or may not "own" the budget for therollout program or initiative.Executive Committee - a single representative from enterprise executive team who will providesponsorship and represent the voice of enterprise.Business Units - a single representative (recommended) who represents the business strategy for theenterprise. Depending on the size and complexity of the enterprise there may need to be multiplerepresentatives, but it is highly suggested to keep the number as small as possible.Finance - oversees the budgeting and accounting with respect to the program and provides oversight forthe financial impact of the rollout and ongoing operations.Chief Information Officer (CIO) - represents the business systems view of the enterprise service deliverymodel and supply chain. It is recommended that the CIO also represent both the physical andinformation security aspects of the enterprise service delivery model.Supplier(s) - this optional representative provides oversight for externally supplied IT services. If theenterprise has engaged in an outsourced service delivery model then this position should be consideredto be required instead of optional.Customer(s) - this optional representative provides direct feedback on the performance andrequirements for IT service management capabilities. It is recommended that customer representativesbe included after the initial rollout of one or more key functions or processes has been completed.

The key to a successful governance committee is to keep it "optimized" in the number of participants. Fewer isbetter for the initial rollout and as the framework is institutionalized with the organization the makeup andnumber of participants of the governance committee can be adjusted.

FIGURE 6 - SAMPLE GOVERNANCE COMMITTEE MODEL


FOCUS AREA 4 - TRAINING

Like other frameworks and quality and control models, ITIL offers a accreditation program - the details of whichcan be found at the ITIL website. The accreditation is recognized by the United Kingdom's Office of GovernmentCommerce (OGC), and is administered by their official accreditation agency, APM Group, Limited.

In a nutshell, ITIL certification, like similar certifications is a long, arduous task. Appendix C outlines the variouscertification levels that may be obtained. Tracing the various options can also be a daunting task and it notnecessary for the establishment of ITIL as a framework. So the ultimate question is should you requirecertification within your organization and to what level?

Certification for the Foundation, Lifecycle and Capability modules simply validates awareness and knowledge ofthe material. Only when you enter the Managing Across the Lifecycle, Expert and Master levels of certificationdoes the validation of application of the principles of ITIL occur. Obtaining certification at these levels ismeasured in years and is limited to a handful of practitioners who specialize in the field of IT service management.Ultimately the value of certification comes down to the individual and how they use the knowledge andexperience. However, it is recommended that the managers who will be responsible for the major phases of theITIL IT service management phases complete the ITIL V3 Foundation certification. This will help to ensure thecommon understanding and communications capabilities are in place.

Appendix D illustrates the most commonly used high level roles defined by ITIL (there are over 90 roles in total).For each of these high level roles a recommended training program is outlined, focusing on the timing of thetraining during the first year of the ITIL rollout initiative. For certain roles it is imperative that the ITIL V3Foundation training occur before the official launch of the initiative, as it provides the foundation forunderstanding and communication. For other roles, the Foundation training may occur shortly after the programlaunch.

For specific assignments under a high level role definition, a particular path may be followed. For example, a SLAManager would want to pursue Service Strategy and Service Design lifecycle modules in conjunction with theService Offering and Agreements capability module. A Release Deployment Manager would want to pursue theService Transition and Service Operation lifecycle modules in conjunction with the Release, Control and Validationcapability module. And an Operations manager would want to pursue the Service Operations lifecycle and theOperational Support and Analysis capability module. Obviously each of these roles would want to complete theentire lifecycle and capability curriculum, but to ensure short term success it is suggested that these types ofgroupings be utilized to provide maximum awareness and knowledge for the particular role.

ITIL training is available from a variety of classroom and self-study sources. For ITIL V3 Foundation it isrecommended that a classroom, certification, train-the-trainer, self-study path be utilized. That is, a selectednumber of individuals should participate in a structured classroom environment, followed by completion of the V3Foundation certification (which is administered by a controlled group of providers outlined on the ITIL website).These individuals can then act as coaches and mentors for others who can use a variety of self-study coursewareand materials to complete the preparation work for V3 Foundation certification.

Beyond the V3 Foundation training and certification level, it is recommended that structured classroom deliverybe utilized as the primary means of training for lifecycle and capability modules. These modules address specificelements of the service management framework and utilize hands-on case studies for knowledge transfer, whichare generally not effectively delivered through self-study methods.


FOCUS AREA 5 - TOOLS AND RESOURCES

Like the foundation and walls of a house, ITIL provides the framework to which other elements (methods,processes, tool, best practices, etc.) are attached and built upon to create a structure - in this case, the functionsand capabilities that provide improvement in an enterprise's IT service management capabilities. Similar to ahouse or building, there are many elements that make up the final structure of IT service management - too manyto address in a single white paper. However, there are two that should be addressed before taking the initial stepsto implement an ITIL framework - the configuration management database (CMDB) and toolkits.

CMDBITIL describes the CMDB and its importance as follows:

“Configuration Management provides the foundation for successful IT Service Management and underpins everyother process. The fundamental deliverable is the Configuration Management Database (CMDB), comprising one ormore integrated databases detailing all of the organisation’s IT infrastructure components and other importantassociated assets. It is these assets that deliver IT services and they are known as Configuration Items (CIs). What seta CMDB apart from an ordinary asset register are the relationships, or links, that define how each CI is interconnectedand interdependent with its neighbours.”1

However, the IT Process Institute report described in Focus Area 3, cites the following: "Only 19% of surveyrespondents have a CMDB. And only 47.4% of top-performers have CMDB enabled change linkage practices.However, the change linkage practices are a statistically significant predictor of top levels of performance in releaserollback rate, configuration drift, and SLA fix rate."2

There are significant debates concerning the need and value for a fully integrated CMDB. On one side of theargument there are those that say it is an impossible task to fully implement a CMDB as described by ITIL. Theother side of the argument states that the only way to effectively manage an environment that is constantlychanging is to have a reliable source of truth that represents the assets and provides line of sight between them(relationships). This white paper takes the latter position - a CMDB is an essential element of managing a servicedelivery environment - especially when service level agreements are utilized. This white paper does notrecommend a particular CDMB architecture (fully integrated versus federated) nor does it recommend any vendorproducts. However, there are several key aspects/recommendations that should be considered before launchingan ITIL initiative:

Do not launch an ITIL initiative without a source of truth that describes the elements that are essential forthe lifecycle phase(s) being deployed. ITIL describes many different elements that make up a CMDB - ITassets (computers, data storage, networks, software, etc.), processes, people, tools, product collateral,documentation, to name just a few.Do not initially "over populate" the CMDB - start only with the elements required for the initial rollout.However, do not create an architecture/schema that prevents future expansion.Utilize existing CMDBs whenever possible. If you have a vendor supplied CMDB that represents some orall the aspects of your enterprise business model, then use it (extend it) to accommodate the elementsneeded for your ITIL implementation. Do not create another instance of a CMDB just for ITIL - this willonly increase the cost and complexity of your enterprise business operations.

1 An Introductory Overview of ITIL, itSMF, 20042 Change, Configuration, and Release Performance Study, IT Process Institute & Computer Associates, 2008


Use a vendor supplied (including open source) CMDB rather than a "home grown" database. CommercialCMDBs usually provide a wide range of features and adhere to published or de facto standards, ensuringforward compatibility.Utilize a CMDB that provides open, documented interfaces for data insertion and extraction. A keyaspect of the CMDB within ITIL is the ability to create reports that represent the current and plannedstate of the IT service management environment.Utilize a CMDB that provides scripting capabilities that allows for the enforcement of policies regardingutilization of resources, change monitoring, and versioning, etc.Incorporate, where appropriate, tools (e.g., LAYERZngn CPlane, Tideway, Blazent, EMC SMARTS, et al)that automate the discovery and correlation of business assets to improve the quality and integrity of theCMDB data elements.Implement strict controls for the access, management and maintenance of the CMDB contents.Execute regular integrity checks (incomplete data, missing relationships, duplicates, etc.) to ensure theintegrity of the CMDB contents.

By following these simple guidelines you will create a source of truth for your IT service managementenvironment that will provide a clear and accurate picture of the essential elements of your service deliveryfunctions and processes, and can be expanded along with the scope of your service improvements initiatives.

TOOLKITS

Constructing a solid house or building requires good materials and the right tools to assemble the structure. Nomatter how good the materials may be, if the proper tools are not available then the quality of the outcome may,and more likely will, be less than desired. The same holds true for ITIL implementations. You may have lots ofenergy, enthusiasm and support, but if you don't equip the team with the essential tools required to successfullycomplete the job then the initiative will quickly lose momentum - and more than likely result in failure.

The essential toolkit elements for ITIL, outlined in Appendix E, comprise a series of lifecycle publications,reference documents, guides, assessments and models that provide the foundation and common language thatwill help ensure a consistent approach to the deployment of the ITIL processes, functions and best practices.These toolkit also contains a series of templates that can be tailored to fit the specific strategy and needs of yourenterprise.

Obtaining ITIL toolkits is relatively simple (and inexpensive when compared to the overall rollout) and should bedone well in advance of the program launch. Most of the commercially available toolkits contain the same basicinformation and can be purchased from providers such as:

The ITIL Toolkit - www.itil-toolkit.comThe Art of Service - www.theartofservice.comITIL Central - itsm.fwtk.org

In addition to commercial resources there are also several good open community organizations that provideuseful ITIL toolkit resources and advice:

The ITIL Community Forum - www.itilcommunity.comThe ITSM Community - www.itsmcommunity.orgBest Practice Management - www.best-management-practice.com


SUMMARYMore than ever, IT service management is under the microscope of corporate scrutiny. As new technologies pavethe way for even more self-service capabilities, the potential for uncontrolled infrastructure growth andunmanaged services is escalating. If left unchecked, these problems can result in unnecessary expenses, poorservice and loss of confidence in the IT organization.

Implementing policies, processes and best practices within your IT service delivery environment gives you theability to improve your services while responding to new business and technology requirements. Butimplementing these changes to your existing operational model must be done with careful planning and well-managed execution.

ITIL provides a foundation for service improvement, but in and of itself does not change the way yourorganization performs. Methods, processes, tools and best practices must be deployed on top of the ITILframework to create an environment that supports continuous service improvement. Proper planning for rollingout ITIL within your organization is the critical first step and requires that you address some considerations beforeyou launch your initiative.

ITIL is big, complex and the effort to deploy it should in no way be minimized. But it a successful implementationcan be accomplished if you remember some of these key points:

Know your organization's capabilities - everybody has to pull in the same directionIdentify the critical areas for improvement - start small and build on successesBuild a strong governance team to help guide and support your initiativeUse a source of truth - knowledge is powerEquip the team - they are your key to success

Good luck!


APPENDIX A - ORGANIZATIONAL PREPAREDNESS SELF-ASSESSMENTThe following self-assessment matrix can be used to determine your readiness to engage in an ITIL frameworkdeployment initiative. The ten organizational dynamics described here relate to key mindsets, orientations andservice delivery practices that are essential for the successful deployment of ITIL within any IT service deliveryorganization.

Instructions: Using the key on the following page, place an "X" in the "Degree to Which the Dynamic is Present inthe Organization" column that best describes your organization (or enterprise) for each dynamic. When selectingyour answer, think in terms of where your organization is today or where it will be when you plan to initiate an ITILrollout.

Organizational Dynamics Degree to Which the Dynamic is Present in theOrganization

Dynamic DescriptionNot at

AllAccepted Initiated Institutionalized Embraced

1 Change Orientation

The organization is open to new methodsof service delivery and is prepared tomodify its behavior in order to improveoperational effectiveness and efficiency

2 Process Culture

The organization understands the valueof structure, discipline and control andrecognizes the benefits they bring toservice delivery

3 Business Focused

The organization understands thatbusiness (not technology) is the key driverfor product, service, function and processdesign and development and the successof the business is the ultimate measure ofsuccess for the IT service deliveryorganization

4 Matrixed Management

The organization is open to working in across-functional, cross-organizationalenvironment where direct control andmanagement may reside in anotherorganizational structure

5 TransparencyThe organization recognizes the value ofvisibility into the performance of itsmethods, processes, tools and people

6 Continuous Improvement

The organization recognizes the value ofinvesting resources in defining,measuring, reporting and developingimprovement plans for service deliveryprocesses and functions

7 Product Discipline

The organization utilizes defined productsand services and works within theboundaries defined by the product orservice description

8 SLA-based Service Delivery

The organization is focused on customersatisfaction and understands the value ofdelivering services according todocumented service levels

9 Self-Service OrientationThe organization is open to the practiceof allowing users to provision and to somedegree manage their own IT services

10 Outsourcing/Partnering Mindset

The organization recognizes the value ofusing partners and external supplierswhen appropriate and creates a win-winrelationship

FIGURE 7 - ORGANIZATIONAL PREPAREDNESS SELF-ASSESSMENT MATRIX


Key:

Not At All - the organization has displayed no initiative to pursue behavioral changeAccepted - the organization recognizes the need for change, but has not taken any specific actions tomodify its behaviorInitiated - the organization has implemented programs and initiatives to change its behavior, but it is tooearly to determine if it has improved effectiveness and efficiencyInstitutionalized - the organization has implemented programs, policies, best practices andmeasurement systems and rewards behavior based on resultsEmbraced - the organization recognizes the benefits of changed behavior, consistently rewardsorganization effectiveness and efficiency, and places continuous improvement high in its businesspriorities


APPENDIX B - COMPARISON OF KEY FRAMEWORKS AND MODELSName Type Description

Information TechnologyInfrastructure Library(ITIL)

Framework

A customizable framework of best practices that promote qualitycomputing services in the IT sector. Built on a process-model viewof controlling and managing operations, ITIL addresses thestructure and skill requirements for an IT organization bypresenting a comprehensive set of management procedures

enhanced TelecomOperations Map (eTOM)

Framework

A guidebook, the most widely used and accepted standard forbusiness processes in the telecommunications industry. TheeTOM model describes the full scope of business processesrequired by a service provider and defines key elements and howthey interact.

Application ServiceLibrary

Framework

A public domain standard, which describes a standard forprocesses within Application Management (the discipline ofproducing and maintaining information systems and applications).The term "library" is used because the ASL standard is based onthe descriptions of best practices from the industry.

Microsoft OperationsFramework (MOF) Framework

A series of guides aimed at helping information technology (IT)professionals establish and implement reliable, cost-effectiveservices.

COBIT Control Objectivesfor Information andRelated Technology(COBIT)

Quality andControl Model

A framework for information security that provides managers,auditors and IT users with a set of generally accepted IT controlobjectives to assist them in developing appropriate IT governanceand control in a company.

Capability MaturityModel (CMM)


A method for evaluating and measuring the maturity of thesoftware development process of organizations on a scale of 1 to5. A revised version, the Capability Maturity Model Integration(CMMI), provides guidance for improving an organization’sprocesses and a way to manage the development, acquisition andmaintenance of products or services.

Six Sigma Quality andControl Model

A data-driven quality-management program to control variationand thereby achieve extremely high levels of quality. "Six sigma"refers to six standard deviations in statistical measurement, whichin the methodology corresponds to a maximum of 3.4 failures permillion units.

Total QualityManagement (TQM)


A business management strategy aimed at embedding awarenessof quality in all organizational processes. TQM has been widelyused in manufacturing, education, hospitals, call centers,government, and service industries, as well as NASA space andscience programs.

Committee of SponsoringOrganizations (COSO)


Provides guidance on critical aspects of organizationalgovernance, business ethics, internal control, enterprise riskmanagement, fraud, and financial reporting

FIGURE 8 - COMPARISON OF KEY FRAMEWORKS AND PROGRAMS (SOURCE WIKIPEDIA)


APPENDIX C - ITIL CERTIFICATION MODEL

FIGURE 9 - ITIL CERTIFICATION MODEL

Key

Source: ITIL®


APPENDIX D - RECOMMENDED TRAININGCore Lifecycle Modules Capability Modules

ITIL V3 Foundation SS SD ST SO CSI OSA PPO RCV SOAGovernance Committee Members

IT Operations Manager • • • • • • • • • •Executive Committee •CIO • • • • • • • • • •Finance • • • • • •Business Unit(s) • • • • • •Supplier(s) • • • • • •Customer(s) • • • • • •

Practitioners(1)

Analyst - Lead • • • • • • • • • •Analyst • • • • • • • • • •Architect - Lead • • • • • • • • • •Architect • • • • • • • • • •Consultant • • • • • • • • • •Coordinator • • • • • • • • • •Designer - Lead • • • • • • • • • •Designer • • • • • • • • • •Developer • • • • • • • • • •Engineer • • • • • • • • • •Liaison • • • • • • • • • •Librarian • • • • • • • • • •Manager • • • • • • • • • •Operator - Lead • • • • • • • • • •Operator • • • • • • • • • •Owner • • • • • • • • • •

FIGURE 10 - RECOMMENDED TRAINING

Key

Not required/optional• 3 months prior to ITIL rollout initiation

• Within first 3 months of ITIL rollout



Note (1): The ITIL job classifications vary by toolkit and implementation.


APPENDIX E - ESSENTIAL ITIL TOOLKIT ELEMENTSToolkit Element Description/Purpose

ITIL Lifecycle Publication Suite The definitive ITIL reference source published by the UK Office ofGovernment Commerce.

Beginners Guide Overview of the management model, the history, implementation, theprocesses and different disciplines.

FactsheetsDescribe the goal and basic activities of each of the processes and actas a reference guide for everyday use. Include explanations of why,goals/objectives, activities, results, costs, and benefits.

Reference Sheets

Provide a more detailed description of the methods and frameworks incommon use across the IT Service Management sector. Outlines withnumber of related approaches, providing both understanding and aquick reference point.

Terms and Definitions Provide detailed descriptions of the elements that comprise the ITILframework.

ITIL V3 Process Model Provides a one page overview of the ITIL frameworks and therelationships and flows between the phases.

Management PowerPointPresentations

Provide insight into the discipline of service management in generaland the ITIL framework. Explain the concepts to executives andmanagement and covers everything from the ITIL framework tocertification to benefits and risks.

Readiness/PreparednessAssessment

Examines a range of organizational, operational, financial, process andinfrastructure aspects, helping to identify areas that are in particularneed of attention.

Process Compliance AssessmentQuestionnaires

Assist in determining what areas are working well and which areas arein need of attention with respect to best practice.

Job DescriptionsProvide a detailed description of the responsibilities and skills requiredfor each of the roles defined in ITIL.

Project Roles & ResponsibilitiesProvide a detailed description of each of the project roles and theassociated job descriptions.

Framework Descriptions andComparisons

Outline the key aspects of the most common business frameworks andquality and control models to support the rationalization of overlapsand conflicts.

ITIL V3 Bridging Kit (Optional) Outlines the relationships between the 12 main concepts inITIL V2 and the new concepts in ITIL V3.

FIGURE 11 - ESSENTIAL ITIL TOOLKIT ELEMENTS


ABOUT ROBERTKEAHEY.COMSuccessfully identifying, analyzing and creating compelling value propositions for emerging technologies thatdrive both top and bottom line value for global enterprises of all sizes is Robert Keahey’s expertise.

Mr. Keahey, who holds an Information Technology Infrastructure Library (ITIL) V3 Foundation certification, bringsto his clients a successful track record of innovation, strategic technology and business planning anddevelopment, superior service delivery and operational know-how complimented by a variety of informationtechnology industry experiences. He has a network into high level executives in the information technologyindustry and has partnered with key players such as Microsoft, Sun, Cisco, EMC and Oracle to develop industryleading capabilities. He also has relationships with numerous venture capital firms and has assisted in theevaluation, development and acceleration of the business plans of several of their portfolio companies.

Contact Robert Keahey via his website at www.robertkeahey.com

The information herein is provided "as is" without warranty of any kind, express or implied. robertkeahey.com shall not be responsible for any damages arising outof the use of, or otherwise related to, this information. Nothing contained herein is intended to, nor shall have the effect of, creating warranties or representationsfrom robertkeahey.com. All brand and product names are trademarks or registered trademarks of their respective holders. Reference to a company or a productname does not imply approval or recommendation of that company or product to the exclusion of others.

Key Considerations for Establishing ITIL in your Enterprise

Documents

Transcript of Key Considerations for Establishing ITIL in your Enterprise