ITIL is a useful reference model but not an implementation model

Submitted by skeptic on Sun, 2008-06-15 09:08

Share this post with

The world has forgotten the ITIL principle of "adopt and adapt". And ITIL suffers as a result.

Jan van Bon made an excellent point on this blog recently: "ITIL [is] a useful reference model, but ...not an implementation model". This is what "framework" means. It is the message behind the old ITIL principle of "adopt and adapt".

Jan went on to say

the quote on ITIL being a reference model rather than an "implementable" framework is an original by my 'partner in crime', Wim Hoving... ITIL - in our eyes - clearly is a reference, to be used when doing practical things. It contains lots of good advise on how things can be done in certain sectors of the IT management market. I always say that that is not because ITIL invented it, but simply because these wise approaches existed and they were then (after the fact) collected and documented by ITIL, as they had been documented in many other ways before (articles, white papers, presentations, books, consultancy practices) over a long period of time. The fact that ITIL has been branded very strongly and was then adopted heavily by the vendor market, explains to a large extent why so many people now know it. Which doesn't mean that it is "the only" or "the best" source on ITSM - on the contrary.

To me what Jan is saying is that you don't "do" ITIL. ITIL is not a plan to be followed. Instead, you should design what your organisation needs, taking what fits from ITIL and other sources. You can check what you come up with against ITIL (and others) to make sure you are headed in the right direction. You can even assess your maturity against the ITIL reference model. But don't start at book 1 and implement until you get to end of book 5.

If only people saw it this way and used it this way I would be less fiercely critical of concepts like SKMS and CMDB. They make more sense if seen as some idealised infinite-maturity reference point rather than a blueprint for contemporary "good practice".

But people don't. "We are ITIL-compliant", "we do ITIL", "we are going ITIL across the board"... With Version 3, ITIL is "good" rather than "best" practice [yeah I know, I know: I just might be one of the reasons they changed it]. No vendor that I'm aware of provides an ITSM course rather than an ITIL course, reviewing multiple bodies of knowledge and the strengths of each. In popular perception, ITIL is how you do it.

People like it that way. They want the decision made, the rules packaged, the path simple.

So I completely agree with Jan, but I think on this point we are pissing in the wind. The world (and V3) long since forgot "adopt and adapt". ITIL is The Way. In effect, in practice, it is the implementation model.

Published in The Skeptical Informer, July 2008, Volume 2, No. 7

Previous story: Results of the IT Skeptic's poll on ISO20000 activity levels
Next story: Risk Management - the lost process of ITIL V3

ITIL

Comments

Submitted by JoePearson on Tue, 2008-06-17 13:44.

But "we have to do ITIL"

In your ongoing series on the ITIL business case, you've touched on the need to get motivation, financial business case, mind-set business case and all that good stuff.

But they still all* boil down to "we have to do ITIL" because the case has been made with great difficulty by those who know what ITIL is (or with great irrelevance by executives who don't). The boardroom discussion is of "doing ITIL" and the news releases are the same in more words. And worst of all, companies plan the order in which they are going to "do ITIL" by which processes to do first.

* all meaning all the cases I can think of right now

After all the headaches of building the business case and retaining executive motivation, I think most teams are more than happy to gloss over whether they are sticking to the strict letter and scope of the ITIL books, and not to challenge the publicity summary that the project is about "implementing ITIL".

Where it becomes much more sticky, and serious, is when tools vendors fall into the trap of claiming "ITIL compliance" even when there is nothing concrete to comply to (pace PinkVerify and so on). Then you have process designers (like me) drawing up something they claim should work because it matches something in the books, and tools specialists saying "but our tool doesn't do that"...

ITIL still falls short of being an implementation framework that specifies how to do things and what results you'll get - but it also falls short of being a reference model that assures interoperability (whether between two tool sets, or between tools and process models, etc).

It's just a reference for good practice. But you won't get that understood by the project steering committee.

Submitted by David Clifford FISM (not verified) on Tue, 2008-06-17 17:07.

The Framework Neutral approach

Why not turn it on its head and get that all too common question answered; "where do we start"?

As we know, ITIL is not the golden bullet. Yes it provides some useful reference material presented in a process or lifecycle dress. However, it is darn big and complicated for the uninitiated, some may say for the initiated too. So what else? COBIT, MOF, or dare I say it your own best practice.

What is the consensus of opinion worldwide on the "must do" activities/characteristics that all service providers will eventually wake up to and have to implement and manage? The consensus can be seen in ISO/IEC 20000. Even if you don't believe in standards and certification/surveillance audits you can still make use of the requirements documented in the standard and then use this to navigate your framework guidance of choice. You don't have to get certified but I would argue those that choose to certify are confident that they have a management system in place that is sustainable.

So where does this answer the "implementation" question that Joe highlights? On its own it does not as the standard does not say how the requirements must be satisfied. However, the new EXIN ISO/IEC 20000 Qualification Scheme looks to address this. Bound within the scope of the standard but drawing on best practice from many frameworks they have created a scheme that provides a practical "how to" approach. This also includes addressing the ubiqutous questions that never get answered; how do we change culture? how do we define a service management framework...

Ok, for those who know me I am an ISO/IEC 20000 evangelist. However, I'm in this field for the benefits that it can bring to a service provider and importantly their customers if used correctly as opposed to the "certificate based" approach which has its own merits in certain circumstances.

Yes, I will come out and say I am passionate about the benefits that the standard can bring, and I'm sure if we see the results rather than look simple at the "standards label" then we'll see IT Service Providers making some significant progress with enhanced results for their customers.

Submitted by ITMaturity on Tue, 2008-06-17 19:40.

How would "doing ISO20000" differ from "doing ITIL"?

There are many benefits to ISO200000 and I do like the idea of the Management System as the fundament under process management and improvement. The fact that the standard will give guidance and specific objectives is a real added bonus.
But I'm afraid that ISO20000 in the wrong hands, the ignorant, it will just be like ITIL in the same hands. They will ask for ISO20000 compliant tools (Which probably will be an 20000 version of PinkVerify). They will ask for a quick ISO20000 program to fix a complex IT organization issue and will be suprised when it doesn't work right away. And they will use ISO20000 to change the culture (and fail at it). ISO20000 is in my opinion not a viable alternative to ITIL. That doesn't mean that it is not good, it is. To me there is more to managing IT organizations than a management system. ITIL is not complete either, for instance it is missing the process/function to manage IT staff, and it contains lot more to work with.
At least with ITIL3 it is clear that you have to be a little bit clever to be able to understand the complexity of the framework. Maybe more people will understand that "doing a framework" is not what an organization needs.

Paul Leenards
Getronics Consulting

Submitted by David Clifford FISM (not verified) on Wed, 2008-06-18 09:16.

No framework, standard... will do what you're looking for Paul

Paul, I agree with you, 20k is not going to answer the issues you mention but nor should it. The fundamental issue that I believe you are referring to is the capabilities and competencies of the ITSM staff. You can have the best management system in place but if you don't have the correct people in the correct roles then you are going to struggle. If the industry can get more focus on the softer skills then that is the answer.

As I mentioned, the EXIN 20k qualification scheme aims to do SOME of this via their qualification syllabi by addressing the culture/management skills at the higher Management Track levels in particular. This will of course not address the issue entirely.

Why do service providers concentrate on improving their processes and tools but then "ignore" the role their staff play? Answer; they are concentrating on the "easy" bit.

It is still down to that complex body called PEOPLE to make the difference. There is a place for all the frameworks and standards as long as they are used as intended by the right people. So in the end I agree with some of you points.

Good debate! Dank u wel, David

Submitted by ITMaturity on Mon, 2008-06-16 07:08.

Adopt, Adapt and Improve

Indeed, ITIL (among other Service Management Frameworks) is more a reference framework than an implementation framework. The Adopt and Adapt Paradigm was in the original ITIL set of the CCTA. When ITIL2 came out it turned sour. To some degree the OCG and ITIL2 are to blame for the current blind following of the ITIL cult. Last week I encountered someone stating that they are still working on the implementation of the Service Support and Service Delivery books and are not ready yet for ITIL3. These two books and the subsequent ITIL Foundations and Service Manager certifications have given the impression that ITIL is only about Incident, Change and Service Level Management. And that you can implement these by following the manuals.
When you take ITIL3 and compare these with the original ITIL set, than you'll find some continuity. Both are trying to describe best/good practices for a complete IT organization. And in both cases it is impossible to use the set as simple guidance for implementation. I do not know anyone who have tried to implement all the ITIL1 books and I would not suggest anyone to try to implement the 5 ITIL3 books. Since the launch of ITIL3 we have been telling our customers that there is a lot of value in the ITIL3 books which can be used as reference model when transforming their IT organization to a more customer focused IT service supplier. Besides ITIL3 we also use CobiT, ISO20000, MOF, BiSL and other frameworks as reference model.
It is not only about Adopt and Adapt, we also want to improve the Service Management frameworks. Not only use the framework, but also give back to the community. In the previous versions of ITIL we've added for instance Maturity Models (PinkScan) and a book on Business IT alignment (drawings from that book can still be found in the Continual Service Improvement book). In the process leading to the ITIL3 version it has become more difficult to contribute improvements. ITIL is balancing between becoming a reference framework again (like ITIL1) or becoming obsolete as an implementation framework (like ITIL2). I'm curious to see which way it will involve or which other framework will take over the torch.

Paul Leenards
Getronics Consulting