Jan 29 2008

Why Your Agency Should Adopt ITIL

Framework offers a best-practice approach to managing IT services across an enterprise, but agencies likely will use it in a more-targeted manner.

With some frequency, new management concepts capture significant attention.

There’s a seemingly unending flow of approaches to improving organizations and results that bubble up in industry and academia, mostly in the form of what seems to be an alphabet soup: BPR, ABC, MBO, TQM, balanced scorecard, performance dashboards, Lean Six Sigma. In government, the administration also pushes its own management improvement programs, such as Reinventing Government and the President’s Management Agenda. And the information technology community has spawned its own improvement concepts, such as IT alignment to mission, enterprise architecture, Capability Maturity Model and CMM-Integration.

In the wake of many improvement concepts, the current “next greatest” concept in recent years is the Information Technology Infrastructure Library, a framework for IT best practices that’s gaining attention in the federal IT community.

How Does It Work?

ITIL provides a set of processes organized to support the functions of delivering IT service to customers in five categories (see sidebar, below). These processes are reputed to be best practices based on actual use by organizations to achieve expected results. Across the entire service lifecycle, these best practices are touted to deliver improved customer satisfaction, improved efficiency and cost savings.

A popular starting point for organizations that implement ITIL is to convert to ITIL guidelines for their IT incident management process, with the expectation that improved incident management will help CIOs restore normal service levels more quickly after anything that interrupts a system and with minimal disruption to users.

In some sense, ITIL is analogous to commercial, off-the-shelf software. You pull out the old software, implement the COTS software without change, create interfaces to other systems and revise business processes at the interface points to allow integration to take place. The anticipated results are business benefits derived from the new system and lower maintenance costs over the system’s useful life. With ITIL, you replace processes, not software. Both ITIL and COTS implementations involve a significant amount of individual, process and organizational change.

What Are the Drivers?

Adopting ITIL guidelines appears to involve significant effort by leadership and staff, and requires an organization to undergo substantial change. Do the expected benefits make this investment worthwhile?

In the global economy, many corporate organizations have worldwide operations and acquire other companies to increase their global footprint. ITIL provides a global standard for the best practice of IT service management, and that’s an important driver for commercial adoption. Implemented successfully, ITIL can help standardize the IT service environment across large global enterprises.

Unlike some other process-focused improvement strategies, ITIL is a library of advice and guidance on how to deliver and support IT services, not a methodology. Organizations can choose to implement parts of ITIL or the entire lifecycle, so it’s more adaptable to the needs and capabilities of an organization.

Large = More Likely to Use ITIL. 62% of respondents working in organizations with 10,000 or more employees have begun using ITIL, compared with 33% of organizations with fewer than 100 employees.
SOURCE: BT INS 2006 survey of 306 IT managers worldwide

ITIL processes are designed to perform requisite functions completely and efficiently — that is, get a job done with little wasted effort. The premise is that implementing ITIL processes will eliminate any gaps in an operation and support IT service delivery as well as require less effort (and cash outlay).

Over the past few years, both commercial and government organizations have faced increasing pressure to comply with new regulations focused on the internal controls, especially those that affect financial reporting. ITIL guidelines support such compliance challenges because they specify the business processes and control points involved in performing IT service management — no matter whether the environment is private or public.

But Will It Work in Agencies?

Given that the implementation challenges are significant, and the benefits to be gained are fairly soft, end-to-end federal implementations of ITIL seem unlikely. Without an ITIL evangelist with broad federal standing who can explain ITIL simply, as well as how to implement it and use it effectively, broad adoption in the government is unlikely.

At the same time, focused efforts to improve a component of the IT service delivery and management function are much more likely to be successfully implemented using ITIL guidelines. Incident management, for instance, is a focused, compact function that an agency can re-engineer using a set of processes defined by ITIL. The beauty is that end users can adapt a slightly modified process and interface, while the more significant change is confined to a small group of resources in the IT organization.

As there are proven results in pocketed ITIL rollouts, it seems likely that ITIL processes will increasingly be built into software for supporting IT service management, with the same impact: modest changes for end users, and more significant changes for the IT organization.