The Skeptical Informer, March 2010, Volume 4, No. 2

The newsletter of the IT Skeptic. All the IT skeptical news that is fit to print... and then some!

Oh dear I've missed two months of the Skeptical Informer! Let's have a belated March edition. We're moving house, and boy does that have some lessons, or at least reminders, for IT. Two examples spring readily to mind: Requirements. At first I thought the whole process of house-hunting was a salient lesson in getting requirements right from the start. We spent a month and looked at a dozen houses before we decided that we weren't going to get what we wanted to buy for what we wanted to pay. In the current economy the money side wasn't going to move, so we trimmed one bedroom off the requirements. Presto! a whole bunch of nice houses opened up to us. So we should have got the requirements defined properly from the start right? Well, no: (a) we had to look at that many to properly understand the market and (b) it took that long to soften my wife up so that she could let the guest room go for a few years. So this was more a lesson in how iterative approaches to requirements definition are often better than monolithic waterfall methods. I'm advising a client to write a simple static descriptive Service Catalogue to get the process going. Detailed content, attached SLAs, and fancy technologies can all wait until they better understand requirements, which will come once something is out there. Right now many stakeholders have no idea what they need, and meaningful debate is impossible. "Monolithic" brings me to the second big lesson: standards and experts. In the 1980s New Zealand's big building materials suppliers lobbied the government to change the building code to allow single skin exterior cladding, and "monolithic" Mediterranean-style walls with no eaves or sills. Windows were inset into the wall with no sill to protect the wall. Walls stuck up above the roof (sometimes without capping). Flat roofs appeared, and complex roof-lines. Many walls had no cavity to allow the water to drain. In New Zealand it pisses down and blows howling gales. This is not Greece. Water ran down inside the walls, and couldn't get out. At the same time, local governments had deep cutbacks in funding for housing approvals and inspections; many staff were shed. In order to compound the growing tragedy, the same unscrupulous money-grubbing industry then lobbied the government in the late 1990s to allow cheaper untreated timber to be used in house framing, which is fine so long as it never gets wet. The resulting devastation of a whole generation of NZ houses is called "leaky building' syndrome. It has launched a multi-billion-dollar Weathertight Homes compensation scheme. Worse though, it has left a growing percentage of the population with houses that an increasingly savvy market doesn't want to buy. Many are rotting from the inside out. Even if they don't leak yet, they will. We build on steep slopes. We have earthquakes. It blows very hard. Houses are subject to lots of mechanical stresses; they shift and crack. The standards allowed them to seal those sheet claddings with plaster. Duh. There were plenty of experienced builders who cried "madness" but the industry-funded experts said we were over-engineering our houses. The architects and designers pumped the modern fad of smooth stark boxes. Inspectors fell behind under the case load. The large-scale suppliers of commodity materials cashed in. And more people could afford to build their dream McMansions. People wonder why I get upset when ITIL is regulated by the training and publishing industry and the nearest thing we have to a consumer representation, itSMF, is 70% funded by that same industry. Wait for ITSM to start rotting from the inside out. Perhaps it already is.


Complex systems are by definition broken. They will always break and sometimes they will break when everybody did what they are supposed to. Fixing the problem won't necessarily reduce the risk of another incident.

As far as I can tell there is no such thing as a policy framework for IT. ISO38500 bangs on about the need for policies. ITIL and COBIT mention legions of policies. But I can find nothing that gives us a comprehensive list of necessary policies, let alone describes what a policy structure looks like and what the priorities are.

A couple of years ago I wrote about how ITIL was heading for the top of the Gartner Hype Curve . I feel it is now deep into the "Trough of Disillusionment" .

Having recently stumbled on the itSMF International annual report for 2008/2009 (if there was any notification to members I don't recall seeing it, but then I don't recall many things...) I've been having an interested read of the financial accounts. One big question stands out: where does the money come from? In fact I'm left with a few questions after reading the accounts.

Fresh out of the pan today, the Scope and Development Plan: ITIL® V3 Update is released. (Thanks Liz for the tip!) I'm getting ready to leave for the Pink Elephant conference in Las Vegas (see you there! Come to my sessions, or see me in booth 203), so I may not get time to comment on this document. We all welcome your comments - leave them here.

One of the reasons IT is sinking under the burden of our work is all the projects and new services we are dealing with. This shouldn't be IT's job.

Wizard Wisdom

Dear Wizard

Does ITIL contain some reference about signatures, and disclaimers in outgoing mails ?

I'm certified in ITIL foundations, and i've done some research about but nothing has been found. There's the typical disclaimer, but nothing more i think.


Dear Mr Wizard

We would like to ISO20000 certify only for incident, problem and configuration. Can we do that?


Dear Wizard

A comment on this IT Skeptic blog said "I have always considered ITIL to be distinct from SM. It considers itself 'good practise' in other words an accumulation of experience or body of knowledge. Wheras SM is based on the concept of a 'service' which is defined in terms of a CMDB. To me both service and CMDB are not clearly defined and lead to confusion. ITIL for all it's faults is a framework take it or leave it wheras SM and iso20000 is a standard based on unclear concepts."

Is it true that service is defined in terms of a CMDB?


Dear W


Advertising on the IT Skeptic website

Sorry we no longer accept advertising.

We have in the past also made special arrangements for dedicated advertising on the site. Contact us.

Note: you can also commission the IT Skeptic to write content for your own sites and newsletters. We have several clients already.

Subscribe now

If you are not a subscriber already, click here to subscribe to have future editions of this newsletter emailed to you.

Get all the IT skeptical news that is fit to print ... and then some!

Classic Skeptic

This software salesman dies and, by some bookkeeping error, goes to Heaven. He gets issued with his halo and harp and assigned a cloud. He sits for a few days strumming the harp, perfect weather every day, constant peace and tranquillity.

After day four, he gets up and walks back to St Peter at the gates. “Hey buddy, does anything ever happen here?”

From the blog

We go round this question every week on LinkedIn. My answer is getting pretty well honed.

When IT advice is being handed out, by frameworks and books or by the chattering internet, there is much talk about the importance of having "executive support". It is tossed about in lots of contexts that involve cultural change or process improvement - my own one just happens to be ITSM: ITIL V3 etc. This is one of the most repeated glib statements in the IT world. What if you don't?

Some readers may be aware that the IT Skeptic authored a satirical book Introduction to Real ITSM several years ago. If you haven't seen it, go check it out at - most folks think it funny.

The guys at Cleverics in Moscow thought it was funny enough to translate it into Russian and make it available to clients and public. They launched the Russian translation on April 1st (an appropriate date and no this isn't an April Fool). I sent them a message of congratulation:

I have an analogy for CMDB - it is like a Swiss bank account. Allow me to paraphrase some of the conversations I've had around CMDB:

Some time ago I purchased the official OGC ITIL book Building an ITIL-Based Service Management Department but I have not got around to reviewing it until now. Part of my slowness stems from my disappointment with the book, and partly I was holding off to see what others thought. I hold Malcolm Fry in high regard: I expected much better and I wondered if maybe I had missed something. Apparently not.

When I presented my "layman's view of COBIT" to the local chapter of itSMF some time back, the main point I wanted to make was that COBIT has many practical uses - only one of them is audit. This is reflected in the changing makeup of the ISACA membership: auditors are now a minority.

I always enjoy listening to the rollocking conversations on the ITSM Weekly podcast between Chris Dancy, Matthew Hooper and Matt Beran (and great guests like Jim Finister). So I was delighted when I got the opportunity to join in last week.

Two Hills Ltd and itSMF International are pleased to announce that, following the satisfactory conclusion of negotiations, itSMF International has purchased the domain, content, copyright and brand of the IT Skeptic website at and the following books: Owning ITIL and The IT Skeptic looks at CMDB.

ISACA have published a draft design document of COBIT 5 for your comment. If you have an interest in IT management, ITSM or governance you should read it and provide feedback. Here's what I will be saying. What about you?

Common sense is not very common. On fad topics like CMDB it is rarer still. So I don't expect to find it in spades on the site of one of ITIL's most avid cheerleaders, HP. But Jody Roberts is singing my kind of song...

There appears to be more vendors certifying their products against more processes on PinkVerify than the OGC scheme. Why is that? What can OGC learn from Pink about making it easier for vendors? or does it show that PinkVerify is too easy? Does it matter?

ImageWhen it comes to ITSM products (whether software or consulting or content or training) I'm reminded of the old postcard vendors of Cairo during WWII, or the "Rolex" sellers of New York, or the hash-or-houseboat sellers of Srinigar, or the tart-touts of Bangkok - they're everywhere, on every corner. As a high-profile blogger, I get this constant stream of "hey buddy/mister/falang, wanna buy an ITSM?". In the past when ITSM vendors asked I've politely looked (or found excuses) because I know how your product is like your baby: you are immensely proud and nobody dares tell you it is ugly. Actually most products are like most babies: they aren't ugly, they just look like every other one (my dad reckoned all babies look like Winston Churchill). But from now on I'm going to adopt a simpler answer: when I need something, I may look at your offering. Right now I don't, so I won't, thanks anyway.

From a government job ad:

you'll be responsible for the workforce transition planning including developing a vision for the way forward and driving a positive culture change. Key to this role will be your ability to monitor and report on time, cost and resourcing.

Hmmm I won't be touching that. Dilbert couldn't have done better. As they say on twitter: #fail

We haven't had a Crap Factoid on this blog for a while, so it is time we had a good one. Look at Thriving in the Troubled Economy:
Ten ways you can slash IT costs and innovate in 2009
. Firescope take Crap Factoids to a new level with a barrage of unsubstantiated anecdotal numbers. Never have I seen so many "Oh really?"s in one document. Chokey the Chimp had to have a lie-down.

Pondering my recent (second) visit to Las Vegas, it is interesting the parallels and lessons about ITIL we can draw from the place.

The first is excess. Nobody can accuse the Las Vegans of being constrained by good taste or in fact by anything other than available funds. The motto of Las Vegas appears to be "nothing exceeds like excess". It is like super-size American food portions: I think the objective is for somebody to one-day eat a meal larger than their own head.

So often I see a cost estimate, or worse still a business case, based on the fallacy of the linear value of time. You know the sort: a five minute outage of the service costs $100k; our tool saves five minutes per employee per day which equates to $76M per annum.

A recurrent theme in conversations I have had here at the Pink Elephant ITSM Conference is how resources such as ITIL or related tools have no value or relevance until you understand your organisation's own context for them.

The new Chair, David Cannon seems intent on telling us what's going on within itSMF International - this is a great development, long may it continue. Thank-you David. Today we have the first of what will hopefully continue to be regular bulletins, Board Talk ("under the Board Talk..."). Of course the IT Skeptic always finds a few points of interest.

I hate technology. Really. I work with it every day, but I feel about it the same way that sanitation workers feel about their medium (or the way I HOPE they feel about it). I use technology when I have to, to do what I want to do. But I hate it. And it knows it and it hates me back. Take for example the weekend's outage on this blog. .

Ever wonder about the benefits derived from ITSM professional certification? Zip over to ITSM Portal and answer their 5 minute survey - they'll send you the results. "Participate in this survey and find out the net effects of ITIL certification! ". Actually it's ITPreneurs' survey but I found it on ITSM Portal, always a great source of ITSM news.

Have you heard ServiceSphere's ITSM Weekly podcast? ("What happens when a CIO, a Service Desk Manager and an Industry Junkie Chat Weekly?!") If you haven't you should, not least so you can enjoy Chris's dangerous style. Along with Coté's equally unpredictable People over Process, it's my pick of the podcasts (I don't listen to many podcasts). Except when it is offending me.

No not here, on the itSMFI website. If you have the slightest interest in the role and direction of itSMF, then go read it and come back here for my comments.

It seems to me that anonymity and the emotional detachment of typed communication lead to a decline in basic civilised behaviour. The dark side of the web is evident, such as two recent examples I have come across.

Just when I asked whether there was any change to ITIL V3 books, out comes Project requirements for an update to the ITIL® core publications. OGC say "scope of change is gradual and not too extensive." We've heard that before.

Please forward this newsletter to someone who would enjoy it

Subscribe | Blog | Blog RSS | Podcast RSS | Feedback

© Copyright 2006-2009 Two Hills Ltd All rights reserved
Permission is required to reproduce this content in any form. Brief extracts may be used without permission if attributed with a link to the site.
"The IT Skeptic™", "The Skeptical Informer™", "The IT Swami™", "Chokey the Chimp™" and "BOKKED™" are trademarks of Two Hills Ltd.

ITIL® is a Registered Trade Mark and a Registered Community Trade Mark of the UK Office of Government Commerce ("OGC"). ITIL® is registered in the U.S. Patent and Trademark Office.
COBIT® is a Registered Trade Mark of the Information Systems Audit and Control Association and the IT Governance Institute.
Microsoft® is a Registered Trade Mark of Microsoft Corp. in the United States and/or other countries.
CMM® is a Registered Trade Mark of Carnegie Mellon University.
ISO® is a Registered Trade Mark of the International Organisation for Standardisation.

This newsletter and its contents are neither associated with nor endorsed by the OGC or any other organisation.

The contents of this newsletter do not represent the views of Two Hills Ltd.