How to implement ITIL for a client?

Dear Mr Wizard

I am certified in ITIL V3 foundation and my company is planning to implement ITIL at one of our client's site.

I will be really grateful if you can throw some light on the following points

1. Is there any methodology which needs to be followed while implementing ITIL processes? If so, can you please provide me with brief information of the same?

2. I am sure while implementing ITIL, we need to do certain documentation.
Can you please provide me with those templates so that I will have an idea on how it should be documented.

I will be really grateful if you can help me on this as I am trying to find them every where...but no luck.

Hope to hear from you soon.


Dear WL

I don't think you need be overly concerned about methodology. ITIL doesn't specify one so clearly it is not important.

As you have so astutely deduced, anyone with Foundation certification can readily work it out as they go, especially when doing a paid implementation for a client. Your client must be greatly reassured now you have achieved the certification to demonstrate your grasp of the subject.

The main thing to remember is to implement ITIL in a structured manner. Make sure the project has a clearly defined start and end. Address the ITIL processes systematically one by one. if time is of the essence, and isn't it always, then you can implement processes in parallel. Since some processes share a common tool you can implement them together. Careful of scope creep or the project can easily run into months!

Yes you will need to do a few bits of documentation when implementing ITIL. Make sure they get done before the ITIL project is finished, or at least get one or two of the important ones done. Sadly you may have to resort to actually paying for the templates. The ITIL Wizard isn't in the business of selling templates but perhaps I should be, as there must be a growing demand from experienced and professional consulting firms such as yours who don't actually know anything about ITIL

Good Luck
the ITIL Wizard

[Note: This was in response to a genuine email]


Money spinning

"The Wannebees and The Confidence Tricksters", that is what James Finister called them in his blog post at

Unfortunately the certification industry has become a big money spinner and imho opinion has forgotten why certifications were introduced in the first place? I have always assumed that it was to "certify" knowledge (at least) and (preferably) specific skills, but maybe I missed the memo: it was money-spinning from the start?

What did Foundation Certification meant for me? I had enough knowledge to know that I was interested to know more (and subsequently did Service Manager), but what could I claim to do? More or less nothing, at best I could have claimed some previous work being "ITIL-like" [now there's a term for you :)] and I might have understood the purpose of some of the processes and practices "they" (management) would impose on me...

[Disclaimer: Note that I am a full-time professor and part-time consultant. The former would make some people say I can't do anything anyway, regardless. lol]

Certification not training

First of all thanks for the plug for the blog.

My personal view is that it is time to put the training back into training and focus on developing understanding and skills needed by service managers.

There are some brilliant ITIL trainers out there, but there are limits to what they can do given the current constraints.

The thing is that the

The thing is that the Foundation certification seems to drive candidates nowhere. I agree that there are some great trainers that are constrained by a poor syllabus and 3 days course duration (including exam).

I'm not sure why we have not seen training providers who dare to offer, for example a 5 days ITIL training with a more relevant content that includes topics such a cultural change management, tools and good guidelines for adapt and adopt.

But to be honest, there are more challenges besides the poor syllabus and the 3-days constraint:

1.- Many trainees enter the classroom with the idea of getting tricks for passing the exam, with not real context or interest in the topic.
2.- I said there are great trainers, but it's also common to see very mediocre trainers/consultants confusing people around, and not even getting what a best (or maybe just good?) practice is.

hundreds of thousands

We are cranking through hundreds of thousands of Foundation students per year

1) there aren't enough good trainers

2) most students just want the ticket for a job at minimum cost and effort

So who is paying?

Judging by the incredible heavy discounting I'm seeing in the UK courses are either being run at a loss or else the ATOs have been making a lot more profit than most people realise. In the early days of the Foundation course we used to run them with two tutors and still made a healthy profit.

Despite that clearly an awful lot of money is being spent on ITIL training, so where is the cash coming from? Is it students paying out of their own pockets, of from a discretionary training fund? I doubt it. Is it company wide sheep dipping? Possibly. Is an body in the big companies working out how much in total they are spending on ITIL training and what they are getting back in return other than a warm glow? I guess not.

Both during a recession and in the dangerous early stages of recovery it makes sense to spend money on the people who can make a difference to both your short and long term survival by sending them on the right kind of training. What is the right kind of training? Well that is a big question.

I don't know how many realise that the case study that ran through the original ITIL v1 manager course set up Peter Tebby, Ivor Evans, Brian Dennis and others, was all about an IT department that needed to turn itself around to survive, and the culmination of the two weeks was a competitive presentation to a real life senior manager who decided which of the alternative "suppliers" they would select. We weren't just teaching people ITIL, we were training them how to use ITIL.

So instead we have certification based courses that are costing everyone dear. No one is getting true Value for Money out of it.

The only bright light is the experiential training being developed by people like G2G3 and which stretches back to the old "ControlIT" game

Who is paying? In different ways we are all paying the price.

A strange "learning" economy


In training when “students” get shorter lectures, less opportunity for learning (assignments, tests, etc) and are trained “for passing the exam”, they go “ Yippee !!!” Let them buy anything else and if they don’t get maximum value, they are up in arms… To me it seems “learning” has got a different economy to it than other stuff?

I also find the typical evaluation form interesting: much more emphasis (seldom <50%, often more) gets placed on the peripheral stuff like the venue and the food. Now obviously these “things” does influence the ability to learn, but what about the learning and its facilitation. Yes, I don’t want to go hungry, but if I want really good food, I go to a restaurant… not a training course.


So who is paying? I agree we all are, in different ways. Certainly my perception, specifically at the Foundation level (at least in SA) is that there is a lot of company-wide sheep dipping going around. I have met some people locally who are trying to increase training efficiency through a.k.o. pre-training, post-training assessment of the trainees… Interesting to hear what many companies have to say… basically, “but we do have evaluation forms!” So they do know which training (or food) the people like, but have the training changed people’s behavior?

Back to the old adage: you can only manage what you measure...

abandonment of authenticity

...and the other old adage; you can lead a horse to water but you can't make it think

There's a wave of superficiality, selfishness, and abandonment of authenticity sweeping the planet. Some of it is cultural and some of it is generational, but either way it is screwing everything, and I'm fascinated how it doesn't show at all in the productivity stats. How can we do things so shallowly, poorly and dishonestly and still be growing the economy worldwide by 5-10% p.a.? Who's building anything?

The macro level must reflect what we so often see at the micro level: a few people get a decent job done and carry the many.

And perhaps the absurdly strong growth in the power of technology makes up for the dismal performance in average human intellect.

Certainly ITIL Foundations seems to encapsulate some much more general problems. The cyncism, the cheating, the crappy syllabus and the even crappier exams all developed by those who make money off them not those they are designed to serve, the lack of appreciation of quality or desire for quality from so many of those delivering and consuming, the awful carpetbagging money hunt at all levels, the utter debasement and the general apathy at it happening...

Adages galore....


Reap what you sow... a string of facts does not add up to the truth... jack of all trades - master of none... I believe we are in the 'KT Zone' for ITSM and ran a webinar on that about a year ago - because of the cleansing sunlight of this economy. ITSM projects and the professionals that encourage them, and the training that is posed as a pre-requisite - should and will be found out by any manager worth his salt (another adage?) and aware of what I term the 'Management Imperatives' (see blog here).

Every IT organization is already 'doing' service management whether its formalized or not. They are providing information system based services. It benefits from some form of recognition and deliberation. The harsher the economic conditions the more 'real' the need to manage the customer experience, to walk in their shoes, to respect the satisfaction-loyalty-advocacy customer lifecycle - the essence of customer or inside-out thinking.

Process, best practices (assuming they exist), maturity levels and services are all inside out thinking - as is ITIL - for the most part, and the education we are offered. It has not adapted to the market conditions and is therefore leading us astray in our time of need for proper counsel... heavy eh?

Strange gods

In difficult times people will believe anything. My fear is that rather than revealing so much of the ITSM industry for what it is the recession will instead make some consumers less discerning. Or else they turn to anyone who offers a message of certitude. Hasn't somebody already blogged on ITIL as a cargo cult? If not they should?


Here's my take on ITIL as a cargo cult, for what it is worth

Many people seem to be disappointed

I'm a V3 training critic and the usual reaction when talking to people who have taken the V3 Foundation class is that people open up and admit that they did not get anything (but the certificate) out of the training. I have also discussed with many V3 trainers who say they do not like to teach it as there is not enough time. Interesting situation.

One company told me that they have thrown out their ITIL trainers as they saw that the training was creating confusion. I wonder how long it will take until more people start doing it.

I remember the teamworking training in '90s. It was nice idea and I'm sure that some good teams had a great time but it did not do much to those teams that had problems. It was just a fad but it created a training industry.

Btw, have you noticed that Frances Scarff tells in that the training content will change "The qualifications scheme is not the driver".


Perhaps, but....

"1.- Many trainees enter the classroom with the idea of getting tricks for passing the exam, with not real context or interest in the topic."

I suspect that may not be the fault of the trainees. Likely, the organizations involved may placed an emphasis on passing the exam instead of learning the material. This points to deeper problems needing to be dealt with.

In our org, I always prefaced each class with a statement that the cert is nice, but the knowledge gained is why they are there. We kept all exam results private as well.


Shifting emphasis


My experience is dated but I found that as you say if the organization was putting the emphasis on the exam that sadly transferred to the individual. So what should have been an enriching experience became a nerve racking ordeal instead. However talking to trainers more recently there seem to be some delegates who do just want a tick in the box for career purposes.

It used to both amuse and sadden me me how many "senior" IT managers would say how important it was that everyone was qualified to Foundation level but refused to take the exam themselves.

A little knowledge is dangerous...

It amused me to read this thread and see how it debased from an original request for guidance on implementing ITIL into a slating of the whole commercialised ITIL training schema.

Also did I notice a slight sarcasm in what Skep said about the client being conforted that WL has passed his foundations exam?

If I were the client I would be trerrified at the thought of an ITIL rookie touching processes. ITIL foundations is like sitting for your drivers license. You now have knowledge of the road rules and a bit of common sense will avoid you getting into too much trouble. But having a drivers license does not qualify you to build a car, only to drive the end product.

Implementing ITIL tools and processes is not for the faint hearted and really needs someone experienced in managing cultural change more than ITIL. It also needs someone who knows the strengths and weakness of ITIL and can understand the difference between what the ITIL books says and what actually works. I have recently completed and passed my Manager's exams and I still see myself as a beginner, not expert.

Good luck to WL. It would be interesting to get feedback later on the success and how easy it was.

You need to develop these 21 strategies

These are all vitally important so make sure the whole management team and business representatives take part in the development. Rememeber that there are also a largish number of policies to develop. Good luck!
csi continual improvement strategy
csi communication strategy
SD environmental strategy
SD delivery strategy
SD IT Service Continuity Strategy
SD backup and recovery strategy,
SD security strategy.
SD supplier strategy
SD Supplier and contracts strategy
SD strategy for the acquisition and management of IT assets
so Backup and Restore strategy
so cost strategy
so Operations Strategy
ss Service Strategy
ss sourcing strategy
ST Transition strategy
ST Service Asset and Configuration Management strategy.
ST Test strategy
ST Knowledge Management strategy
ST Communication Strategy
ST Stakeholder management strategy

A Consultant from HELsinki

We consultants will be in clover forever!!!!!

What a wonderful list Aale! We need to also add all the "plans" referenced by ITIL that must be developed. Add to that, process designs for about 30 processes, and their associated work procedures, aaaaaaaand role descriptions for the 90 roles in ITIL. We consultants will be in clover forever!!!!!


Don't forget some policies as well.

So what conclusions can we draw?

Even though there is an entire volume on Service Strategy ITIL doesn't understand the concept of strategy?
Organizations are being encouraged by ITIL to develop a fragmented approach rather one driven by an overall vision?

So looking forward to my bridge course next week!

My bad

You are quite right. I had assumed that the writers were using strategy and policy as synonyms but that is not the case. There are several indications that they are different documents and that is also explained clearly in the glossary.

So here is the full list of 44 strategies and policies that must be formulated. For each policy and strategy there must be an annual plan, audits and reviews.

SD access control policy
SD anti-virus policy
SD asset disposal policy
ST Asset Management policy
SD backup and recovery strategy,
SO Backup and Restore strategy
ST Change Management policy
CSI communication strategy
ST Communication Strategy
ST Configuration Management policy
CSI continual improvement strategy
SO cost strategy
SD delivery strategy
SD document classification policy
SD e-mail policy
SD environmental strategy
SD information classification policy
SD internet policy
SD IT Service Continuity Strategy
SD ITSCM policy
ST Knowledge Management strategy
SO Operations Strategy
SD password control policy
SD procurement and contract policy
ST release policy
SD remote access policy
CSI Reporting policy
ST retention policy
SD Risk Management Policy
SD Security Policy
SD security strategy.
ST Service Asset and Configuration Management strategy.
ST service quality policy
SO Service Strategy
ST Service Transition policy
SS sourcing strategy
ST Stakeholder management strategy
SD strategy for the acquisition and management of IT assets
SD Supplier and contracts strategy
SD supplier policy
SD supplier strategy
ST Test strategy
ST Transition strategy
SD virus policy

This might be a good discussion subject for your class. You could ask the trainer to explain the differences between similair strategies and policies ;-)

Consultant from HELsinki (pronounce hell-sinky)

Strategies, Policies, Artifacts & Methods = Inside-Out Thinking


An interesting list drawn from the limited view offered by ITIL V3 and IMHO largely representing 'inside-out' thinking. My current work is explaining to folks that IT has a genetic trait to think inside out, or process, best practice and even service first, rather than outside-in - customer first. A failure to start with an outside-in approach will likely result in a failure to properly produce any of these!

We need to start to look at why we do the work we do and who we are doing it for before we look at what work we do!

A quick look at your list raises a huge question for me - what is your definition of the difference between a policy and a strategy? (Help Skep - we need a new thread on this!) We must be so careful in our use of words I think. Loose lips sink projects.

I'm going to use the work I completed to write the Guide to USMBOK to explain this a bit further.

A strategy is developed by a combination of service marketing and service planning skills, but generally the marketing 'strategic planning process'. A strategy (and there may be more than one) is a course of actions or countermeasures designed to support the achievement of a specific objective and these are all part of the activities performed within the business planning framework.

A policy is described thus, "acts as an operational rule or conditions under which specific actions will or will not be performed". Policies are often bound to specific actions and are set, and maintained through a policy management system, which is in turn an integral part of a governance framework (are ITIL V3 readers still with me?).

Although an important start, your list seems to contain a mix of strategies and policies, and ITSM agnostic - they should form part of any IT organization's list of to-dos. They also illustrate the complete lack of true customer focus in traditional ITSM and ITIL V3 thinking (customer outcomes apart) - and proof most if not all ITSM/ITIL initiatives I see are 'inside-out' and destined to fail the customer.

Why build all of this if there is no link to the customer success?

To succeed we all need to think more outside-in thinking - or customer first. What artifacts, methods, strategies and policies do we need to ensure successful customer outcomes? More on this at my blog here: ('My Service Management Professional ‘Bucket List’') and here ('Is ‘inside-out’ thinking threatening the survival of your ITSM initiative?')

What ITIL says


I think Aale simply collated the list from the documents mentioned in v3, including whether ITIL calls it a policy or a strategy, which doesn't seem to be based on a consistent criteria.

Read my signature


James is right. If you check the signature, I hope you see that was meant to be a joke. After all this is a Wizard thread.

Seriously I cannot understand how those strategies and policies were allowed in V3. It seems that some of the writers use the terms loosely and they probably mean the same document, they are just using a fancy word. Unfortunately Rob seems to be Pink with IT problems in Las Vegas (read his tweets) so we will not get a new thread immediately.

My opinion on this is that in most cases, there is no need for even a single ITSM strategy. If the company is an IT Service provider, it will have a business strategy, not an ITSM strategy. One company has one strategy and that is the CEO's job to create. IT makes plans to support the strategy. It is of course possible that IT is so important that it will be a part of the strategy but in that case the CEO is in charge and may delegate this part to the IT.

It is also quite possible that the IT will not be told the content of the strategy. The company may be planning important changes to the way it makes business. One part of the new plans might be to get rid of a part of the business or aquire a company which has important IT capabilities. These kinds of plans cannot be public which means that IT will hear them the same time as everyone else. Making substrategies is a waste of time and resources, a displacement activity. I can understand that from the authors' or consultants' point of view strategies look fancier than plans.

ISO 20000 is much better here, it says that there must be one ITSM plan and "any process specific plans produced shall be compatible with this service management plan".

Policy is a difficult term for me as there is no easy translation for the word in Finnish. Accordingly Finnish companies do not issue policies but of course they have general rules and instructions. Strict company policies can be a bad thing if a central planning function generates those with disregard for local situations.


Somebody has even a started a company for this

I noticed in the list of V3 refresh-refresh authors this. Randy Steinberg, ITSM Strategies Inc.

Unfortunately the company does not bring any hits with Google so I do not know do they offer one or 21 strategies for one customer. Maybe it is brand new company. I wonder does Randy read IT Skeptic.


Syndicate content