BMC are ahead of their competitors in ITIL compliance

[Updated 7th May: see below]

It's true folks.

BMC announce:

BMC Software [NYSE: BMC] has been awarded the first “ITIL® Process Compliant” certification and trademark, achieving this important milestone ahead of any of its competitors

They don't mention that the Licensed Assessor at SMCG is recently ex-BMC so it is not surprising he turned to his old friends for the first pilot of the ITIL V3 compliance certification scheme (the standard for which which he reportedly wrote). No other vendor has yet had the opportuntity to apply for compliance so BMC's head start is hardly clever.

[Correction: rumour has reached the Skeptic that other vendors had conversations regarding certification, so others had the opportunity to go for this as early as BMC did]

“We consider ITIL to be a key success factor for dramatically driving down IT costs, increasing productivity and delivering quick ROI throughout the organization,” said Oscar Ceballos, global services IT governance manager at Telvent. “Because the BMC Remedy IT Service Management suite embeds ITIL into applications and integrates well with the other pieces of our existing infrastructure, we were able to rapidly achieve our IT goals including consolidating change management processes across multiple data centers and providing better customer segmentation data back to the business.”

Telvent are BMC's most fervent cheerleader making giddy claims of 300% ROI that generated a recent Crap factoid alert. Intriguing that Telvent talk about "consolidating change management processes " and yet...

... the BMC Remedy IT Service Management suite successfully completed rigorous testing for ITIL fundamentals in the areas of Incident and Problem Management.

I also note that Ken's departure from BMC hasn't stopped them selling the magic instant fix:

to ensure customers receive an ITIL compliance solution “out of the box.”


Tool Certification

Ah takes me back to the good old days of Pink Verify. Peregrine were claiming to be ITIL out "of the box" - didn't help much... At least now it's the OQC who are independent of the vendors. Hopefully the community will just roll their eyes at this one. Haven't we moved on from being hooked by this type of stuff?


seems like I, too,am stirring up the pot

[Update by the IT Skeptic: for those who are not LinkedIn members and members of that group, the debate started out over the wording of ITP's survey of the ITIL Software Scheme and then kinda veered off into the merits or otherwise of the scheme itself. Good discussion - check it out. or debate the scheme here :D ]

Congratulations to Ken Turbitt

Cary King
Minerva Enterprises
Managing Partner

smart move

Yes a smart move deftly executed.

Back in the Old Days, old heads decided product certification was a can of worms they weren't going to open. I hope Ken and Sharon prove them wrong.

But what if someone actually read the ITIL books...?

Well its my recollection that ITIL V3 is missing a few key concepts and examples of artifacts that are required to implement a reasonably effective practice, sorry process. Skep - I'll be sending you the draft of my assessment of just Incident management any minute now for a comment, but as an example, problem management has the following holes (sorry CSI - gaps):

1. No how to on how to actually define a problem - only what it might contain - if incorrectly done problem management can act as a fire accelerant and encourage of 'resistance to change'
2. No respect of the basic cause analysis stages, dare I mention control barrier, task an change....
3. No help on associating a problem with its impact upon various stakeholders
4. No help on how to associate likely course of actions or resolutions with individual causes - everyone should know that the root cause is almost always impossible to determine...
5. No help on how to integrate the solution/resolution part with change managment beyond lump it over the CAB fence
6. No link back to service/product plans where problems relate to missing or poor performing functionality
7. No linkage to the CSI book...

I'll stop here... except to say that my analysis of Incident and Problem management has found 57 and 36 best practice statements respectively...

My point - does anyone actually READ ITIL to understand its scope and depth of content before 'standardizing' on it or spending hard earned cash to become 'compliant'. I'm afraid compliancy might be a backward step for many....

Is it a good idea?


"BMC Software [NYSE: BMC] has been awarded the first “ITIL® Process Compliant” certification and trademark"

Well, if the certification is per process it is not clear from this statement what processes are "compliant" and what have not been assessed. Just sounds like the whole BMC software has received the seal of apporval.

What will happen to the smaller players if the assessment it too much for what they provide. Is this just for the fat cats which would seem a little unfair (but perhaps that's business).

I missed it first time too

I missed it first time too but it is there in BMC's announcement: they certified Incident and Problem Management.

Still not convinced

The ITIL books were never designed to be a standard so I am still not convinced how you can be compliant (in a quality way) unless the are completely re-written. Is this standard a recognised one?
If a set of requirements for each process were extracted out of the ITIL framework, I could see the value in scoring against these requirements but ITIL itself is far to woolly to use directly for this purpose. And there are additional requirements to the ITIL process ones that are vital in tool selection.
Also the tool approach has another problem for the big vendors as they use multiple products to tool each ITIL process. So the same product with other products could be compliant to many processes and on it’s own, compliant to none.

I really don’t see the point of complying with a poor standard – vendors need to be thought leaders and strive to create the best practice of tomorrow that ITIL can follow and not the other way around.

and politicians should have the best interest of people in mind

You seem to believe in the good in people and organisations. Nice, but vendors do not want to be thought leaders nor create best practice of tomorrow, they want to take the stuff that is available and use it to sell their sometimes usefull, but mostly not very special nor problem solving software. And they want to rip as much money out of the companies pockets as possible. Software vendors do not tend to think in the long-term business relationship, since for many service is still the effort & cost factor attached to a successful sale.

Good business is...

Not all vendors are like you describe. Sounds like you had a bad experience. Good business has always been about relationships and following through (delivering). Ripping people off is a poor unsustainable business model.
I work for a vendor and everyone from sales to engineering understands the importance of delivering value to stay in business. As a leader in a specialised area our customers expect us to show vision and thought leadership.
Maybe one day we will get acquired by a big vendor and loose this idealistic approach. That will be the time to move on to another startup. But my belief in this is based on results – it is working very well for us!!

Nice guys finish last

You seem implicitly to agree that the big vendors are not quite so focused on the wellbeing of their clients. And yet they are the big , successful, profitable, long-lived survivors. Looks like the market rewards the hard-assed bastards. Nice guys finish last in the IT industry.

same bs packaged differently

ofcourse when the big vendors buy up smaller companies which(in most cases are foucsed on the customer) for a preminum they are going to do what ever to make up for the money that was spent. i know of cases where after the big vendor bought out the smaller competitor, most of the smaller vendors team was let go and some of the bright ones who worked on the product left on their own since they could not put up with the new culture. the bigger vendor will let loose their marketing machine to drum up crap like "xyz has been awarded the first “ITIL® Process Compliant” certification and trademark" for the same products that fundamentally would not have changed. the sad part is the customer (or the CIO) will buy it hook, line and sinker for an extra $$$$$ :) - because they will realize a return of 400% in 6 months or some bs like that.

Nice guys may be happy survivors

The picture is not contrasted: there are some ISVs who are successful, profitable, long-lived while small. I personnaly know a few small ISVs' CEOs and CTOs who have founded their business 20 years ago or more, and whose primary goal is not to have a double-digit growth but to continue to have fun and to innovate (while being profitable, of course). They do believe serving their clients better than the big vendors is the better strategy to survive. It may seem naive, but it actually works, as their customers are often very loyal. Nice guys may finish last, but not being in the top 10 or top 100 vendors in the IDC or Forrester ranking is not an issue for them.

This will be an RFP checkbox

Even if it really is $10,000 per process, which is only a rumour, then it would be a good marketing investment no matter how small the vendor. As you point out nobody cares much which processes are branded, certified. They only need do two or four. Look at Telvent raving about how BMC's incident-problem-certified product helped them with change.

Buyers are going to love an official rubber stamp. Look how popular the unofficial PinkVerify was with buyers. This will be an RFP checkbox before long.

OGC/APMG/SMCG have got the vendors by the balls.

Compliant with all V3 errors too

As we all know, the V3 books contain a fair amount of errors. This would mean that the tool must be compliant with the errors too? Has BMC just bought a certificate that their product is "rigorously tested" to be illogical & full of bugs?


Consequences & risk

Certification would be useful if it told you the consequences of a tool being able or not able to meet a requirement. Because it is in ITILv3 doesn't automatically make it an essential or even a desirable tool feature.

I was under the impression

I was under the impression the scheme was supposed to asses (the level of) compliance of the tool to individual processes - i.e. the result I was expecting would be something like this:

Incident Management - 95%
Problem Management - 80%

Am I wrong or this just wasn't published? Where can one find more detailed results of the "certification"?

Documentation unavailable!

I am interested where you have the info from, since nobody has seen a shred of documentation for this scheme yet. The only place I found which contains infos is:

And that does not contain much...

All in all I do not believe in certification schemes for software in this case anyway, but the way the involved parties handle communication and development of it is worse than I could imagine.

Here it is

Well part of it was from original skep's article here: where it quotes from Ken Turbitt's blog (see ):

To allow for the fact that different vendor solutions deliver against different sets of ITIL processes, compliance will be measured against individual ITIL processes. In terms of the cost to vendors, assessment fees will be set by the licensed assessors [SMCG] with APM Group charging a fixed fee per process, per annum, for the use of the ITIL-compliant trademark...

The other part was (wrongly) remembered from skep's April's Fools post here that says the assessment has 1476 criteria ;-)

Still the first part indicates strongly (by Ken Turbitt himself) the assessment is per-process so I expect to see how much BMC will score. I'll be greatly curious on how much will IBM's and HP's platforms score. In one of the last magic quadrants IBM's Maximo was banished to lower left quadrant (the loosers) even though their platform is most modern and probably best covering from the HP/BMC/IBM trio. On the other hand HP's Service Manager (formerly Service Center) is a piece of legacy disorganized crap heaping various technologies without clear architecture, perverting database use and still got to upper right corner (the leaders).

ITIL product certification is per process

Now now, I've just written a comment about no product endorsements please

As an ex-CAer I'm always puzzled that Unicenter often gets left out of the HP/BMC/IBM set. I refer to the Fat Four.

yes it is per process. As well as the quote from Ken above, BMC's announcement refers to the fact they got certified in Incident and Problem.

Rumour is $10,000 per process.

Oh, sorry about that (feel

Oh, sorry about that (feel free to execute your censorship rights) - wasn't meant as marketing (more of an opposite of) for any of them and I was commenting more on architecture and concept than on ITIL itself.

You probably rightly call them Fat Four and not Fat Three. My list comes from personal experience - the company (and its department) I work for is partner for those three mentioned (pretty unusual I know and there really wasn't a place to get fourth on board even they (CA) tried to) so I have some first-hand experience with these three (and their predecessors).


mumble grumble mumble, "can't implement ITIL so how can you certify it" grumble mumble "if you want certification then consider a ISO cert" mumble mumble grumble "out of the box ITIL is a complete waste of money", mumble grumble "what are those people at OGC smoking"

Ahh well. We can only hope people understand the business model of tools vendors and don't buy into this..


Brad Vaughan

very very successful

In the 21st Century everyone is going 1000 miles an hour through a blizzard of information with no idea where they are or where they are going, just chasing the tail lights of the guy in front.

When they have to think they're forgetting how and losing the thought-muscles to do it and don't have the time anyway. They want instant packaged fixes. They want someone else to do the thinking and say so with a stamp.

This ITIL Software Scheme is going to be very very successful.

Good recap of current decision making

The scheme will be successful for Ken and all the other buddies in this plot. Every single tool that wants to be in the ITSM market will achieve compliance (hey, even I can produce 3 customer imlementations if I want) and customers will allways be on the safe side to buy a "solution" (it had the stamp of approval, so I can't be wrong to buy this ITIL'in'a'box). New tool vendors just have to cough up the money to enter the market and hey that's what the scheme is about.

Hey Rob, why this corporate like "promotion" title of the article? My own post is titled: Bullshit Alarm: BMC awarded "ITIL(r) Process Compliant" certification. Are you loosing your bite?

bait for bite

I'm substituting bait for bite on this one - it's an experiment.

A "bullshit alarm" sounds a lot like a "crap factoid alert™". I'll have my lawyers call your lawyers.

Ken thinks about CobiT compliancy for tools next

My hearty title and post (Bullshit Alarm: BMC awarded “ITIL(r) Process Compliant” certification) obviously provoked a comment from Ken Turbitt. In his comment he revealed plans for a scheme to audit CobiT compliant tools. See Even Worse: Cobit Tool Compliancy.

Let's lure them into the trap!

We will come to some sort of licensing agreement, if I can include chokey the chimp into the deal ;-)


Barry the Bull™ might be more appropriate

Compliant to a framework ????

ITIL itself isn't a standard so how can they be compliant. ISO2000 or BS15000 yes but not ITIL.

I am ITIL compliant = I don't know what I am talking about or I am Barry the bull and think I can fool others.

ITIL is a standard now

ITIL is a standard now. Ken wrote one. OGC adopted it.

Everyone has backed off from calling it a standard but it is. A unilateral decreed unconsulted so-far-secret standard, but a standard nevertheless. For two years I 've been told "You can't have compliance without a standard". Now we have compliance. Ergo, we have a standard.

ISO compliance

And even with ISO it wouldn't be the tool that was being assessed it would be how the tool is being used. IIRC some early adopters were using very basic solutions


One of the first slides in our ITIL Foundations courses we talked about how ITIL is a framework, a set of best practices to follow, to borrow from, to use what WORKS FOR YOUR ORGANIZATION.

What is all this about compliance? ITIL itself is not a standard.

Syndicate content