The Skeptical Informer, September 2008, Volume 2, No. 9

The newsletter of the IT Skeptic. All the IT skeptical news that is fit to print... and then some!

I give up. Like many readers I would like to see ITIL certifications being a serious contributor to the professionalism of the IT industry, but I get the distinct impression this isn't going to happen. Foundation certification is a boom industry. The post I made on "ITIL Version 3 certification: seven sources of free ITIL V3 Foundation practice exams, and some ITIL Version 2 sources too!" has moved into the blog's all-time top 10 for popularity. People just want to get the ticket. The ITIL Intermediate and Expert (hah!) certifications are aimed at the same market. They aren't about making better practitioners; they are about selling certificates. They don't test ITSM; they test the holy books. The courses are built to be delivered by non-experts and marked by machines (You can't test an "expert" through multi-choice. And it is the usual Castle ITIL arrogance that says the questions are beyond challenge by real experts. It has already happened that written answers to ITIL V2 Manager's exam gave an alternate answer that was rewarded. Impossible under multichoice). And yet V3 Intermediate and Expert exams won't be available via Prometric, i.e. you have to sit a face-to-face training course first if you want to be examined. Why? Well it could be said it is to make sure you get the training you need. But I call that hypocracy. The exam should test the quality of the candidate, not the associated course. And if the candidate is too poor or remote to attend a course (think developing nations), or just smart and experienced enough not to need to, then they should have that option. So the real reason is evident to me: to maximise revenue to the training money machine. The trainees are complaining. The trainers are complaining. The ATOs are complaining. Even the EIs are complaining. But Castle ITIL shows no sign of even acknowledging the issue publicly (while busily hosing it down behind closed doors). They aren't going to budge on this one. It's all about the money now. ITIL is too big and too successful for it to be anything else. I don't see this changing. People need to accept that ITIL is a commercial product focused on financial gain for the ITIL industry. Play their silly games when you need the ticket. Learn the magic formulas that get you a pass. And understand the value of the certifications when they are presented to you on a CV. When you need to get the job done, use ITIL when you have to (usually politically) or it is best fit, and look for less-voracious alternatives otherwise. I've written about how the COBIT suite of publicatuions is a substantial body of knowledge now, and how it is increasingly pushing down from the overarching framework and audit criteria into ITIL's territory of the practical "how". Wait until you see the new COBIT's User Guide for Service Managers. We had some fun on the blog this month with vendors asking for a drubbing with some published bullshit (there are those who would say that adequately describes this blog but we try to stick to facts and we don't hide, disguise or abuse them). BMC and Forrester published some supposed research which was as laughable as it was misleading. Really the BMC paper was beyond the pale. You should heap scorn and derision on any BMC employee who tries to use this crap on you. EMA scored an own goal with numbers that suggest CMDB is successfully implemented in only a tiny percentage of sites. A firm called Interfacing technologies tried to spam the blog so we took a hard look at their ITIL "solution". I got email spam from a group whose use of the term ITIL was just silly. And ITSMWatch ran an artcle of mine under the banner "How Software Vendors Lie About ITIL Support " - even harsher than I would have been :-D Polls and competitions typically don't get a lot of response on the blog. (Congratulations to Mike Walter for winning the photo competition). You readers prefer to read - but I would really love to see some input from you on the latest one: Legends of IT. We could really have some fun digging out all the great yarns ('tall tales and true") from our past. And I'm giving away a $100 gift voucher. I know you have a story or two - please share. A few changes to the blog this month: a changed look, a tag cloud of topics, a comments browser, a CMDB widget, free IT magazine subscriptions for qualifying subscribers, a Dipity timeline, a thread for your favourite books, and you can post photos of yourself on "My Account". In fact you have a whole node about you now, we may look at allowing you to create a profile page on The IT Skeptic if anyone is interested? On a final note, personal tragedy once again affects those close to me, and reminds me that ITIL is only business, not anything important. Let's all keep some perspective on Father's Day.


Overwhelmed by ITIL V3? In order to make your ITSM life easier, the IT skeptic has created a body of knowledge (BOK) called Real ITSM and the associated philosophy of Realitsm. The official Introduction to Real ITSM introduces Realitsm to the world!
Making IT Real. Get Real.

The long awaited ITIL V3 - COBIT V4.1 mapping white paper is available ... for a price. This is the final paper in a long-awaited series that answer the question left unanswered by the ITIL V3 books - how does ITIL relate to the standards and frameworks around it? The answer is that ITIL is very much a subset of COBIT's more comprehensive coverage.

This post has been podcast

[Updated again: links to COBIT planned content]
Those who say "COBIT is the what and ITIL the how" either haven't read COBIT, are oversimplifying or are being excessively polite to ITIL.

Introducing a new series of posts: The Legends of IT , written by you.

Tell us the great Legends from your IT past, and vote on the Legends of others.

Best Legend will receive a Christmas present of a US$100 Amazon gift certificate, and of course bountiful glory.

ITIL v3 has shed the down-home, amateur grittiness that provided its appeal, as I wrote recently in ITSM Watch.

Its new commercialism might help ITIL’s appeal in some sectors but it diminishes it in others. While the largest organisations and the Service Management zealots have all embraced ITIL v3 with fervour, many of the less obsessive are lukewarm in their enthusiasm for v3.

When we speak of a new profession(alism), could it be that by focusing on IT we are focusing on the wrong thing?

Following on from ITIL V3's after-the-fact attempts to link up with external standards such as ASL and ISO20000 (something one thought might have happened as part of the design and development of ITIL V3 rather than as a retrospective scrabble) we have eTOM.


New IT Skeptic blog widget on CMDB

There is a new blog widget available for those who would like it for their own website... and it uses an illustration from the new IT Skeptic book.

More IT Skeptic widgets here - help yourself for your own website.

The illustration is from the IT Skeptic's new book Introduction to Real ITSM. It depicts a typical vendor idea of a CMDB: existing old asset or network or desktop software with a few bells and whistles.

Comments are a great resource of this site

Comments are one of the greatest assets of this website. Here is better access to them.

Lately I've been especially impressed by the depth of the comments on this site, though they have always been good. We have had very little of the "Me too" type of comment - the value has always been excellent. I'd like to say a special thankyou to all the contributors who have made the site so rich in content.

So you can make better use of the comments, I've created a new page that allows you to browse them. The page also appears in your sidebar menu.

You can sort by author or timestamp or title of the post, or select by topic (of the post).

I hope this will help readers mine even more value out of the IT Skeptic site. Please let me know what you think.

For the technically minded, this took me less than thirty minutes to build using Drupal, including the page, search, view, sorting, menu entries, access authorisation levels... the works. Viva la Drupal!!

New design at the IT Skeptic Shop just for our British readers

You can get this on a cap or mug or shirt or mousepad or badge...

Recent podcasts

A podcast of the original post a back-of-an-envelope re-analysis of Forrester and BMC's own CMDB research

Several readers argue well that ROI is not the right measure for a CMDB, but nevertheless management want to know what they get for their money, and BMC's own research suggests "not much".

A podcast of the original post

OGC is celebrating the first year of ITIL V3. What do we have to show after a year? I'm underwhelmed.

A podcast of the original blog post Crap Factoid Alert: CMDB savings of more than $1 million per year .

This is a CATEGORY 1 Crap Factoid alert from Chokey the Chimp at the IT Skeptic's Crap Factoid Warning Service. THIS IS NOT A DRILL. Be on EXTREME danger alert for CF "CMDB savings of more than $1 million per year". BMC and Forrester are shovelling it.

Classic Skeptic

This article has been podcast

[Updated: mention of COBIT]

In five years time most organisations will consider ISO/IEC 20000 certification as a normal part of operating: a minimum benchmark. The horse has bolted with ISO/IEC 20000: the world sees it as “the ITIL standard” but OGC and itSMF have zero control of it.

From the blog

We have a great discussion going regarding Root Cause. As usual so much comes down to precise definition of terms. What does Root Cause mean?

[Update: OGC/TSO no longer provide online preview or search for the ITIL 2011 books. Bastards. ]

The IT Skeptic does not support infringement of intellectual property rights, but there is a way to access the ITIL Version 3 books (and many others) online that the IT Skeptic believes is legitimate. And free.

It has always seemed to me that most IT monitoring and measuring tools are very self-serving. They look at the world from the internal IT silo perspective. In ITSM terms they are mildly interesting diagnostic tools for incident and problem resolution, but in terms of service level measurement the only really useful tools are the ones that measure the end user experience.

Change is about people. Without people, change doesn't happen. Without their assent, buy-in, cooperation, enthusiasm and effort, change doesn't happen. it seems this can't be said too often. The latest survey from McKinsey Quarterly Creating organizational transformations (McKinseys being an analyst firm whose crap factoids are less crap than most) says it all:

I found a fascinating article from the ever-interesting Nicholas Carr (remember "IT Doesn't Matter"?) on how Google is making us stupid.

This post has been podcast.

[Updated June 2009: the paper, entitled "The Total Economic Impact of the BMC Atrium CMDB Solution" is here.]

Several readers argue well that ROI is not the right measure for a CMDB, but nevertheless management want to know what they get for their money, and BMC's own research suggests "not much".

You can have CMDB for free.

By request, we have a thread on your favourite books. Let's keep it to books on ITSM, ITIL, and IT Operations. [Bump this back to the top: Come on folks! I'm sure there are more indispensible ITSM books out there.]

Some SLAs assign a key metric to how long IT is going to take to resolve incidents. Really. This is like firemen promising to put a fire out in ten minutes. Worse still if an SLA makes this mistake it almost always also has it the wrong way round.

[updated February 2009]

Most readers of this blog know this stuff but certainly not all so here's the IT Skeptic's shaky understanding of the world of ITIL V3 certification. I welcome corrections and elaborations.

Recent "research" (in the analyst sense of the word) from EMA shows that even amongst those who say they are working on a CMDB [which other numbers indicate is 10%-30% of the ITIL population], those with functional CMDBs remain a minority. This confirms our recent assertion that CMS and SKMS and CMDB represent best practice blue sky. There is nothing "generally accepted" about CMDB practice: about 2%-5% of IT shops I reckon. In true market-hyping fashion Dennis Drogseth of EMA is fond of referring to the "CMDB tidal wave". Based on their own numbers I gotta ask: where's the wave Dennis?

Further to my posts on Vendor marketeers stretch to reach out for ITIL and It is a helpdesk so it must be ITIL, see my just-published article on ITSMWatch How Software Vendors Lie About ITIL Support [I didn't write the title :-D]. [Updated: now also available on this site]

The IT Skeptic has confirmed pretty reliably that ITIL V3 Intermediate and Expert exams will NOT be available online without an associated training course. [updated: no it isn't. things changed between the start and end of August. Online training is back on!]

It is interesting that three quarters of the scientifically invalid sample of readers who actually responded to our survey on "IT has no respect for or understanding of customers and users" either agreed or partly agreed with the statement. This could mean one of several things:

  • IT is particularly hard on IT
  • Never give process geeks a "maybe" option
  • IT has no respect for or understanding of customers and users

You'd like to think we would be making some progress on this one by now.

Let's try another (with a less satanic node number this time): "Lack of Management Commitment seriously affects project delivery in our organization". How do you feel about that statement?

[Updated 22 Aug 2008]

There is no rush to go to ITIL version 3:

  • There is nothing much wrong with ITIL2
  • ITIL3 is too big with little help available (yet) on getting there - no sign of any complementary guidance about the path to ITIL yet, the meta-lifecycle
  • ITIL3 is too raw and nobody understands it properly yet; certainly not Service Strategy :-D
  • ITIL3 certification isn’t even finished yet, and
  • Only a small proportion of the ITIL community are advanced enough to need ITIL3

It is an interesting question: is there a useful distinction between organisational change and administrative production change?

Should we maintain the two concepts as distinct because their natures are so different?

Or should we treat them the same and see one as a small subset at the execution end of the other?

And if so, which is a subset of which? - you'll get opposite answers depending who you ask.

Triggered by a good point made by Burrado.

Welcome to the new-look IT Skeptic. Nothing major: I took advantage of some standardisation of the underlying infrastructure to do some minor decorating, avoiding ETF.

Apparently the IT job market is a great generator of traffic. So much so that any story will do. Up one day, down the next.

Here's the story told to me by one who was "really there", about the computer that sang to its operators.

Question for readers: am I being oversensitive on your behalf or do they have a damned gall? There is a company that wants to pay me advertising revenues to promote free magazines and white papers to you. OK fine, great idea. Except

It must be easy and cheap - look at this ad for a freelance programmer:

Looking to create a ITIL CMDB database. Very standard datastructure you can go online and check it. Would prefer someone with experience... MS SQL ... MS Windows... Delhi

Budget? $30-$250

No, dollars.

As a result of this comment, I was reading Managing IT as an Investment and I noticed a quote from Michael Porter that was from a Harvard Business Review article. So what? Well just the other day I noticed that ITIL V3's Service Strategy quoted Porter from a Harvard Business Review article - not the same one.

We were demoing a database product. It wasn't our product - we were the local agents for it in a far away country. We had spent a week of twenty-hour days setting up a system to their specifications on the client's VSE mainframe (a baby IBM machine compared to the OS370 brutes) - what we used to call a "benchmark" demo.

Now on the Friday the big bosses had come down to see. And one of them thought he had us nailed.

Why do most incident priority systems go from 4 (low) to 1 (high)?
What does zero mean? What does 5 mean?
Just when you thought you had seen the worst thing that can go wrong, something comes along that makes all past priority 1 incidents look mild. How can you communicate this?

Last post on MyCMDB: I want to share with you the comment I left over on a really great post on CIO Weblog, because it leads in to a couple of posts I will be making about the Folly of the Crowd.

Who else thinks Plaxo is an unethically intrusive piece of malware?

Google AdWords/AdSense is a fascinating thing. Internet advertising may be the most revolutionary thing ever to happen to small business marketing (or big business for that matter). The sensitivity and feedback are extraordinary for testing and refining marketing messages. (So why do vendors still do so badly?).

The point of this ramble is that right now someone is paying over five bucks a click for the "itSMF" keyword.

Today we have a product review. Scott Armstrong of Interfacing Technologies was kind enough to draw attention to his product with a comment on this blog, so we will take a look at its capabilities.

Two years ago I asked "Is ITIL dead in the water?". One year ago, itsm_stephen asked me for an update. I did mean to respond, but to my shame I note today I never did. So, Stephen, here it is... a year late.

Further to my Big Uncle series on privacy, here's an interesting quote from Privacy on the Web: Is It a Losing Battle?

A new publication from OGC highlights three good reasons why an ISO20000 certification of an organisation does not provide ITIL V3 certification (and the last one applies to ITIL V2 as well).

The IT Skeptic's favourite quote of the month:
"People change slowly, so don't expect technology to alter the way business is run."
The Future is About Information, Not Tech

My paraphrase: people change process and process changes technology, not the other way around.

I don't know where these people get my email from. Every marketeer has to use the ITIL and CMDB buzzwords.

The ITIL V3 examinations are seriously flawed. "Subjective" and "multi-choice" don't go together.

As it becomes clearer that CMDB is a flawed concept, I'm seeing occurences of folk talking about CMDB as a process rather than a thing. It isn't. CMDB is the (nutty) thing. Configuration Management is the perfectly sensible process associated with it - and often forgotten.

This article has been podcast

Perhaps the saddest sight in the ITIL world is organisations that adopt ITIL processes when the old ones were working OK. Don’t tell me it doesn’t happen.

[The following post appeared as a comment on this blog on the original "dead elephant" article, but I like it so much I've moved it up to a posting: "work with your supplier like your business did 20 years ago when they were starting with ERP in getting the functionality you need into your CMDB of choice. In short, step out of that damned box, stop moaning like silly end users and get the job done!"]