The Beginner’s Guide to ITIL

When the British government became dissatisfied with the quality of IT services in the 1980s, it tasked the Central Computer and Telecommunications Agency (CCTA) with developing a high-quality, cost-effective, and client-focused IT service delivery framework. In response, the agency launched the Government Information Technology Infrastructure Management (GITIM) framework, which both government and non-government agencies soon adopted.

In 2000, the CCTA and the Office of Government Commerce (OGC) merged. Together, they revised ITIL and released Version 2 in 2001, version 3 in 2007, ITIL 2011 in 2011, and most recently, ITIL 4 in 2019. ITIL is the best-known and most widely adopted ITSM framework around the world.

Axelos, a U.K. government organization, was set up in 2014 and charged with managing all frameworks and methodologies that were previously under the purview of the OGC. This agency is the current go-to for the most accurate and up-to-date ITIL information.

ITIL 4 incorporates the most modern trends in IT operations, such as Agile, DevOps, and Lean.

ITIL vs. ITSM

ITIL and ITSM are not rivals: You don’t have to choose one or the other. ITSM is what you do to deliver IT services to your customers or end users, while ITIL is the framework that helps guide those processes. ITIL is not a must-have, rather something that can help you work more efficiently.

Five core ITIL books (sometimes known as stages) cover the entirety of the IT service lifecycle:

1. ITIL Service Strategy

2. ITIL Service Design

3. ITIL Service Transition

4. ITIL Service Operation

5. ITIL Continual Service Improvement

Each of the five ITIL publications details specific processes that correspond to the IT service lifecycle. Processes are a group of activities that set a path toward a goal. ITIL processes have a start and end point, a purpose, actions that take place in a specific sequence, assigned roles, outcomes, and end users who receive the result. The processes include the following:

1. ITIL Service Strategy

   • Business relationship management

   • Demand management

   • Financial management

   • Service portfolio management

   • Strategy management

2. ITIL Service Design

   • Availability management

   • Capacity management

   • Design coordination

   • Information security management

   • IT service continuity management

   • Service-level management

   • Service catalog management

   • Supplier management

3. ITIL Service Transition

   • Change evaluation

   • Change management

   • Knowledge management

   • Release and deployment management

   • Service asset and configuration management

   • Service transition planning and support

   • Service validation and testing

4. ITIL Service Operation

   • Access (identity) management

   • Application management

   • Event management

   • Facilities management

   • Incident management

   • IT operations control

   • Problem management

   • Request fulfillment

   • Technical management

5. ITIL Continual Service Improvement

The main goal of ITIL is to standardize and improve the delivery of IT services to the business. Improved efficiency, predictable performance, and a better reputation for the IT department are common results of ITIL. ITIL also culminates in these improvements:

• Customer satisfaction

• Time to resolution

• Staff productivity

• Reputation and value for the IT department (viewed as more than just a cost center and instead as a significant business partner)

• People, process, and technology specialization

• Ability to support change

• IT alignment with business operations

• Visibility into IT assets, costs, and resources

• Management of business risk

• Support of business, industry, and economy change

• Service quality

• Efficiency

At the same time, ITIL can bring down business disruptions due to IT issues, as well as costs.

The configuration management database (CMDB) is a core element of the ITIL service lifecycle. The CMDB stores information about hardware and software assets, called configuration items (CI), that are critical to the delivery of business services. The CMDB tracks the relationship of CIs to one another and the services they support.

For example, the functions of a server and an application are interdependent. The server runs the application, while the application runs on the server. When the server is compromised, so is the application. When the application is compromised, the server may or may not be impacted, depending on the application’s purpose.

Several ITIL processes are dependent on the CMDB. Change management, problem management, incident management, and release management all draw on CMDB information for decision making. For example, change management relies on the CMDB to determine if other CIs are impacted when a shift occurs. This may help determine the time of day you implement the change.

Below is a sample of attributes that may be stored in the CMDB:

• CI name

• CI upstream and downstream relationships

• CI maintenance information

• CI status

• CI priority

• CI ownership

Organizations of all sizes and across all industries apply ITIL as part of their IT service management strategy. These organizations can choose to adopt a single ITIL process or any combination of ITIL processes, depending on their business requirements.

The personnel structure is an important part of the ITIL framework. The organization must define process roles and teams in order to manage processes and ensure quality service delivery. It is not uncommon for one person to wear multiple hats (for example, an incident manager may also be the problem manager). No matter how many staff you have and how many hats they wear, it’s necessary to clearly designate who is responsible for the processes and associated tasks.

Completing a RACI matrix is a great way to specify who is responsible, accountable, consulted on, and informed about responsibilities.

Common IT roles include the following:

Whether you will implement on a small or a large scale, you may feel overwhelmed as you get started with ITIL. With five ITIL publications and over 20 processes to take into account, where does an IT organization begin?

Before implementing ITIL processes, ask yourself these questions to make sure ITIL is the right fit for your organization:

• What are your problems and challenges?

• What business areas require a new process framework to improve?

• What are you currently good at? What are you currently bad at? What do you need to do to improve your weaknesses?

• Where will ITIL make the greatest and fastest impact?

• Is ITIL the right framework to help you improve?

Once you are confident that ITIL is the way to go, you must gain an understanding of your organization’s pain points and opportunities. This provides a baseline and a measuring stick as you improve. Following this assessment, define your vision and target goals, what you can do to meet them, and proof point measurements.

Below is a checklist that can help you get started:

Download Getting Started Checklist

Keep in mind that each organization is unique in the processes it chooses to implement and its team structure. Start small with one or two processes, and demonstrate quick wins to business stakeholders.

ITIL consulting agencies are available to help with training and implementation. An ITIL consultant can teach the essential elements of the framework, analyze your current processes and process maturity, roll out new processes, support technology solutions, and train other team members. It may make sense to invest in a ITIL-certified consultant so that you don’t miss timelines, exceed project budget, and fall short on adoption.

ITIL comes with challenges. In fact, the framework is quite extensive, and simply getting started can overwhelm many organizations. The first step toward success is overcoming the commitment issues that accompany a long process such as implementing ITIL.

One of the most common misconceptions about ITIL is its supposed rigidness and complexity. In fact, ITIL is quite flexible, allowing organizations to adapt the processes in a way that is useful to them. However, ITIL can be expensive, and budgets can limit necessary investments in training and consulting.

The main challenges associated with ITIL adoption include the following:

• Expensive training, books, and other materials

• Lack of executive support

• Taking on too many processes at the beginning

• Selecting the wrong process to implement first

• Internal debate over the need for ITIL and other frameworks

• Confusion between ITIL and other IT frameworks

ITIL training and certifications are available for individuals and software solution vendors. Individuals can take training courses and become certified at five different levels: foundation, practitioner, intermediate, expert, and master (each is more advanced than the previous stage).

• ITIL Foundation Level: Basic, entry-level certification provides a general understanding of ITIL elements, concepts, and terminology, as well as how the processes contribute to service management.

• ITIL Practitioner Level: Includes all foundation ingredients, plus the ability to incorporate the ITIL framework into organizations.

• ITIL Intermediate Level: All of the above, plus the choice of modules that focus on different areas of the framework, such as change management and/or configuration management.

• ITIL Expert Level: Covers the entire ITIL framework and is typically obtained after an individual achieves previous-mentioned certifications. This designation is necessary prior to achieving the master-level certification.

• ITIL Master Level: Confirms your ability to apply ITIL principles, methods, and techniques to achieve desired outcomes in the workplace. To become an ITIL master, practitioners must first achieve expert-level certification and work in IT service management for at least five years.

Certified individuals may work directly for an organization as an ITIL information resource, or they can operate independently as a trainer or consultant on a contract basis. Several organizations offer accredited ITIL training programs, including the following:

• Beyond 20

• Learning Tree International, Inc.

• New Horizons Computer Learning Center

• PassionIT Group Inc.

• Pink Elephant Corp.

You can find additional accredited training providers on the Axelos search page.

ITSM software vendors can align software solutions with ITIL processes through the Pink Elephant PinkVERIFY™ program.

Finally, organizations that want to improve efficiency by increasing their alignment with ITIL may choose to perform an ITIL maturity model self-assessment. This involves a set of questions for each ITIL process. The results include a description of the organization’s maturity level and strategies for improvement.  

In order to determine an accurate maturity level, self-assessments follow these steps:

• Provide a profile of the organization

• Provide information about processes and functions

• Provide details about process outcomes

• Provide details about inputs

Thousands of organizations around the world have adopted ITIL, and Axelos continues to expand the framework to meet the modern and increasingly complex needs of today’s organizations. For the past two years, a team of industry experts, content writers, and IT industry contributors have worked on ITILn 4, which was released in January 2019. ITIL 4 encompasses the new ways that organizations are delivering services. DevOps, Agile, and Lean are all becoming part of modern business, and the current release of ITIL discusses how the best practice frameworks can work together to deliver business services efficiently.

As Pink Elephant’s CEO, Fatima Cabral, wrote in a blog post about the ITIL 4 books, “the first volume ‘ITIL Foundation’ will be released in mid-February and the other titles will follow later in 2019 and into 2020. What’s different for this release is that for the first time the entire set hasn’t been available at launch. We do however know that the body of knowledge contains 34 practices and moves away from ITIL v3’s emphasis on the service lifecycle to a new focus on a Lean-type service value system.”

• ITIL service strategy is composed of the following processes:

  • Service portfolio management

  • Financial management

  • Demand management

  • Business relationship management

  • Strategy management

ITIL process mapping is similar to business process mapping: designing an easy-to-follow process diagram that is unique to your organization for each ITIL process you adopt.

The best way to document ITIL processes is to illustrate them using a process diagram. You can break down each process down by task, assign tasks to roles, and construct a narrative that provides additional information.

Below you will find ITIL process workflow samples for incident management, problem management, and change management.

ITIL is a guiding framework, not a prescriptive methodology. This means that each organization can apply its unique requirements while using ITIL to guide best practices. Defining activities within each process can begin with the basic process workflow samples above. Discuss these samples with relevant team members and stakeholders, editing and enhancing them along the way. The final product will be a unique and detailed process flow diagram.

Evaluating process performance on a regular basis is an important part of continual service improvement (CSI). The information you gather during your initial implementation will help in the audit process. You will measure current performance, and then benchmark against previous performance and process maturity data.

The CSI process is all about continually evaluating and creating better processes. CSI uses metrics to identify development opportunities. The goal of CSI is to build up IT operations, service quality, and business continuity.

You can choose from thousands of metrics to measure performance. It is important for each organization to define critical success factors (CSF) for each process and key performance indicators (KPI) that will measure whether the CSF has been achieved.

Deming’s cycle, also known as Plan, Do, Check, Act (PDCA), is part of many organizations’ CSI initiative.

• Quality: The ability of a product, service, or process to provide the intended value.

• Utility: The ability to improve customer performance; fitness for purpose.

• Warranty: The ability to operate reliably; fitness for use.

• Capabilities: Resource skills and abilities that create value.

• ISO 20000: An international set of service delivery standards provided by the International Organization for Standardization (ISO). These standards include requirements for an ITSM system.

• Control Objectives for Information and Related Technologies (CobiT): Developed by ISACA, CobiT is a governance and management framework for IT that facilitates the implementation and organization of controls. It can be used to link both the goals of the business and IT through a set of process domains.

• eTOM: A business process framework that outlines the processes necessary in an Agile enterprise organization.

• FitSM: Standards designed for lightweight ITSM. FitSM is not managed by a standards organization.

• DevOps: A combination of software development and operations methodology (values, principles, methods, and practices) to deliver applications and services. DevOps promotes frequent communication and ongoing, real-time collaboration between traditionally disparate workflows of developers and IT operations teams. 

• Risk Management: The process of managing IT risks in order to minimize impact.

• Compliance Management: Ensuring adherence to a set of rules or standards.

• IT Architecture Management: Verifies that technologies operate as defined by the enterprise architecture baseline.

• Service Review: The examination of an organization's services to identify opportunities for improvement.

• Process Evaluation: The regularly scheduled assessment of ITIL processes to identify opportunities for improvement based on unmet metrics.

• Root Cause Analysis: A problem management activity used to identify the cause of a problem or failure.

• Service Support: ITIL version 2 terminology that included incident management, problem management, change management, release management, and configuration management.

• ICT Infrastructure Management: A European classification that stands for information and communications technology, referencing the management of all communications hardware and software across an organization.

Empower your people to go above and beyond with a flexible platform designed to match the needs of your team — and adapt as those needs change. 

The Smartsheet platform makes it easy to plan, capture, manage, and report on work from anywhere, helping your team be more effective and get more done. Report on key metrics and get real-time visibility into work as it happens with roll-up reports, dashboards, and automated workflows built to keep your team connected and informed. 

When teams have clarity into the work getting done, there’s no telling how much more they can accomplish in the same amount of time. Try Smartsheet for free, today.