Implementing the ITIL framework

The Information Technology Infrastructure Library, a group of standards for service, is gaining acceptance as a non-proprietary framework for IT projects. See how one service-level administrator helped integrate ITIL into his organization.


Over the years, most IT shops have focused their energies inward and concentrated on resolving technical issues. Today’s business environment demands that IT be more attentive to customer requests by delivering quality solutions and aligning with the business objectives—in other words, to focus on service management.

When your clients turn to you for help in improving their IT service management, suggest that they implement Information Technology Infrastructure Library (ITIL) best practices. I’ll explain how to do it and some of the steps my company has used to implement the ITIL framework.

Assess
ITIL best practices cover five service support processes:
  • Incident Management
  • Problem Management
  • Change Management
  • Configuration Management
  • Release Management

ITIL also includes five service delivery processes:
  • Capacity Management
  • Financial Management
  • Availability Management
  • Service Level Management
  • IT Service Continuity Management

Begin your implementation by benchmarking the activities of the IT organization to determine how well it’s performing. The Office of Government Commerce (OGC), which owns ITIL, provides online resources that you can use to assess the IT organization and a worksheet that you can download from their Web site. You’ll answer sets of questions for each of the processes. For example, the evaluation for Incident Management includes questions like, “Is the business need for a Service Desk clearly identified and understood?” and “Does the Service Desk provide a status update to the customer on the closure of incidents?“

Take the test and score the results. When my organization went through the assessment, we expected our results to be much worse than they were. (I think there’s a normal tendency to predict that you’re not performing as well as best practice guidelines or you would not be going through an exercise like this.) What we found was that we were doing more things consistently with best practices than we realized. For example, our financial management process was well on its way to being optimized, mainly due to how we were able use a product/service model to determine the costs of the individual services we provide to our clients.

Determine goals
After you know where the organization stands, ask your client to what extent they want to implement ITIL best practices. You can use a Process Maturity Framework (PMF) to score the results from the assessment and determine what level the organization will attempt to attain. Scores range from zero to five; zero indicates “absence” and five indicates “optimization.”

As a consultant, this is where your input is extremely valuable. Your client may think that optimization should be the organization’s goal, but you may have to explain that it is too lofty because of the high cost. When my organization began its pursuit of ITIL, we decided that we would strive for processes that were defined and in control, which scores a three on the PMF. That way, we could take advantage of the ITIL best practices at a reasonable cost to the organization and our IT clients.

Identify gaps
Once your client has settled on an appropriate organizational goal, it’s time to determine the gap between how the organization is performing and the best practice target that they’ve selected. Analyze the results of the assessment and explain to your client’s management team where the gaps exist and how large those gaps are. Continue to seek their approval for the work that you’re doing on their behalf, because without the IT management team’s acceptance, the staff will never buy in to any changes that you might suggest. At my company, our CIO sends regular e-mail messages to all the IT staff reminding them of the benefits that we hope to achieve from our pursuit of ITIL, along with updates of our project plan progress.

Choose the process
After you’ve performed the gap analysis, it will become obvious which processes will be more difficult to improve. Most organizations choose not to improve all ten processes simultaneously.

Determining which process or processes to begin with is sometimes a difficult decision, but this is where your experience as a consultant can really pay off. Your client will expect you to offer advice about which process can most easily be brought to the defined, controlled state.

If your client’s Incident Management process hasn’t reached a controlled state, or a three on the PMF scale, I recommend starting there. The goal of Incident Management is to restore normal operation as quickly as possible to clients. Therefore, Incident Management is a foundation process on which many of the others will depend. Problem Management, Configuration Management, and Change Management may be the next processes for you to consider. In my company’s case, we determined that we could move our Incident Management process to a more controlled state with little effort due to its state of process maturity, so it was one of the first processes we set out to improve.

Begin a project
Develop a project plan for how your clients should expect to change an IT process to adopt the best practice standards. (A formal project management methodology like PRINCE2, Projects in Controlled Environments, is very complementary to ITIL because it has similar origins.)

Our organization uses The Project Success System, a project management methodology from Young, Clark, and Associates (YCA), for all development projects, and we chose to use it for our ITIL implementation as well. The project plan should allow for the development of multiple drafts of your deliverables and several checkpoints for reviews by your client’s organization to ensure that they buy in to the new way of managing IT services.

During the course of your project, you’ll identify process activities that should be monitored and measured. Your selection of these activities will be dependent on your client’s goals for the process and will support the client’s desire to meet the ITIL best practice criteria.

Measure
Once the project has concluded and the changes to the IT process have been implemented, it’s time to take measurements of various tasks—which ITIL helped you identify—throughout the process. For example, you might want to measure in percentage the reduction in time to respond to a help desk call after implementing changes to the process. By measuring these tasks, you’ll be able to determine whether the process will reach your client’s desired results. If the results aren’t being achieved, now is the time to make some adjustments to the newly revised process. If you’re satisfied with the results, perform another self-audit to ensure that the process has reached a defined, controllable state of maturity.

Continuous improvement
No process is ever perfect, so explain to your clients the importance of continuous improvement efforts. As the process is tested over time, employees will suggest further refinements. Likewise, when you help your client select another process to work on, there will be a natural tendency to revise processes—even those that have been deemed to be in control.

The overall implementation of ITIL best practices isn’t something that can or will happen overnight. In most cases, adopting these best practices will require a culture change for your client’s organization, in addition to the anticipated changes to the process itself.