Why the difference in numbers between PinkVerify and OGC ITIL product certifications?

There appears to be more vendors certifying their products against more processes on PinkVerify than the OGC scheme. Why is that? What can OGC learn from Pink about making it easier for vendors? or does it show that PinkVerify is too easy? Does it matter?

An interesting comment on LinkedIn re "The Official OGC ITIL Software assessment for ITIL compliant" which, it said, " has a smaller list of vendors at this higher level" in response to "there are 3 solutions who is [sic] certified in all the 14 ITIL processes defined by Pink Elephant".

Yes the OGC Scheme does indeed have a smaller list: none. The most processes that OGC has "endorsed" appears to be five: Incident, Problem, Change, Service Level and Service Asset & Configuration Management. No product has ever been "endorsed" by OGC for 14 processes.

Most of the products on the OGC list are endorsed for only one or two, which must be of limited interest to purchasers.

Note that the OGC scheme defines 24 processes (we don't know what they are: it might be a secret like the evaluation criteria).

Another big difference is the overall number of products. the OGC scheme has been going for nearly a year now, whereas PinkVerify has been around for many years. However the difference in total numbers of vendors obtaining certification is telling: PinkVerify 3.0 has certified 26, OGC has endorsed 7.
Yup, seven companies have OGC certification 10 months later. Not exactly a stampede.

it gets real fun if you look at the number of processes times the number of products. PinkVerify 3.0: 243, OGC 23. More than ten times as many product-process certifications from Pinkverify.

if you are wondering about the "3.0" bit of PinkVerify, that refers to the expansion of the scheme to 14 processes for ITIL V3. Presumably Pink thought there were only 14 processes that a tool could sensibly be assessed against. But OGC list 24 processes in their scheme, so Pink have now come out with PinkVerify 3.1 which is an officially accredited scheme for assessing OGC certification as well as PinkVerify certification. Interestingly, even though Pinkverify 3.1 came out late last year two companies have already certified in 12 "product-processes", half as many as OGC already.

Why is that? is it because PInkVerify paperwork is easier? Or cheaper per process? I have no knowledge of the difference but there seems to be one.

Or is it because vendors can self-assess first against the published PinkVerify criteria whereas they can't with OGC, and they have no confidence that commercial confidentiality will be respected if they fail or pull out of the OGC scheme?

On the other hand, is it a good thing that Pink have granted so many more? Maybe PinkVerify is too easy to get.

Of course the big question is: who cares? Does certification of a product tell you anything interesting. I'm soon to blog more broadly about selecting products, but for now consider this: do you choose a car based solely on a safety test? No, but it is a reassurance, and definitely a factor. Likewise I think a compliance certification (or "endorsement" in OGC doublespeak) is mildly useful as one tick in a checklist. The absence of such a certification only means, of course, that it hasn't been tested.


Maths and difficulty

OGC certification can be delivered by any Licensed Software Assessor. Pink Elephant is a Licensed Software assessor, and thus delivers the same OGC certification as SMCG. Every time Pink Elephant does a certification, it is a +1 to the OGC count also. From a mathematical standpoint, there's no way OGC can have more certified products that Pink.

On a pure question by question basis, PinkVerify is much more difficult than OGC because you need to have a yes to 100% of the questions when doing the Pink Elephant certification and only 70% when going for the OGC certification as conducted by Pink Elephant, even if Pink won't tell you which one of the questions are in the 70% subset. Read page 15 of the public white paper here : http://www.pinkelephant.com/uploadedFiles/Content/PinkVERIFY/PinkVERIFY_Service_Whitepaper(1).pdf)

And page 16 :
"Pink Elephant, under the terms of the LSA agreement, does not provide the vendor with the total score for the ISS assessment. Rather, Pink Elephant will inform the vendor of specific areas that need improvement throughout the demonstration and in the final assessment wrap up".

My personal translation of this : The OGC certification is so secret Pink Elephant is not even allowed to tell precisely on which question a vendor failed... Still better than the SMCG certification that does not even tell against what criteria a vendor is measured.

Another guess: the OGC certification distinguishes levels. From a marketing standpoint, there is really no point not reaching the gold level, especially if you are a leader in the market (like 90% of the vendors if you believe them). But to reach the gold level, you need to have 3 in production customers on the certified process. It is probably difficult the software vendors to find a live customers on Service Portfolio Manager using their software.

There used to be a pointless fight about who has the biggest **** (mine is 14, yours is just 7, muhahaha). Thank god, Pink Elephant noticed this and changed the logo by removing the number of processes from the logo and not sorting the vendors by number of processes but by name.

Just my 2 cents,


Personal disclosure : I'm working with a software vendor, but giving personal opinion not necessarily endorsed by the company who employs me

Not the same

Not quite right.

PinkVerify 3.0 certifications are pre-OGC-agreement. so all of the 3.0 counts are NOT also reflected in the OGC count.

What is really interesting is that the PinkVerify 3.1 certifications do not tally with the OGC list either. Pink have certified HP Service Manager 7.1 in 7 processes. It appears on the OGC list with 4 processes. [corrected: Easit Service Desk appears the same in both lists]

Agreed, PinkVerify 3.0 does

Agreed, PinkVerify 3.0 does not award the OGC logo. I should have said "Every time Pink Elephant does a certification *in PinkVerify 3.1*, it is a +1 to the OGC count also."

PinkVerify 3.0 is a few years old. (as far as I remember, it was issued a few months after the release of ITIL V3).
PinkVerify 3.1 has been published in December 2009. That's only a few months history. A product assessment probably takes several months. Already two certifications is pretty good actually.

Difference between PinkVerify 3.1 and OGC products :
I see two possible explanations :

1 - The paperwork
OGC is a public organization. It may take some time to review all this paper and award the logo. Thus splitting it in two. We'll see in a few months.

2 - The customer base
EasyIT is bronze => No customer screenshots required
HP is Gold => Customer documentation, including screenshots required

Isn't the customer screenshot requirement playing against the certifications ?

Proof is in the eating

I wonder which scheme buyers take most notice of?

My biggest concern is that Ken never seems to acknowledge why people have concerns about his scheme in comparison to one that is openly commercial in nature.
My personal view is that any of these schemes should only allow a vendor on to your long list.
Regardless of the scheme since so much of my work is now around sourcing contracts I do worry about where the liability would lie when things go wrong.
I use a tool based on the apparent recommendation of X, but it can't meet my needs. Who do I sue?

What about OGC

Intereresting question. Think about a US corporation which has spent tons of money on ITIL and related products. One day it realizes that the CMDB product will never pay itself and that the processes it has implemented are a mess. Why not sue OGC for bad advice. OGC has really deep pockets and it is even aware of the defects in its product but it has not issued a warning. Some Alabama jury should not have any difficulties slapping a 100.000.000 $ damages payment in favor of some poor US Company.


Litigous liberties.....?

James, Aale - interesting points you make about legal action against a vendor, or consultant come to that, who has recommended a solution on the basis of an ITIL credential or compliancy scheme certificate. Here is my 2c worth. I know if at least one client who attended plenty of ITIL training then purchased a well known and Pink/OGC certified product around which to implement the infamous incident, problem and change processes. Followed shortly by a service catalog and service level agreements.

Expectations were set, or at least encouraged that all would be so much better once the 'implementation' was some way complete. First issue - lack of connectivity 'out of the box' to basic features such as automatic prioritization of an incident based upon a prevailing SLA. Other 'ITIL compliancy' checks that you would expect to ensure the products capabilities was customer and service relevant were missing. All pointed to infrastructure, or rather a technological view of things.

Perhaps worse, being ITIL 'compliant' meant the product lacked basic problem and change management capabilities, much needed, no mandatory to success - I'll offer a few - no control barrier, change, task analysis flow in problem management. No link of problem impact statements back to customer activities, no ability to perform an initial cause analysis or apply a problem management authorized contain or workaround control within incident.

The value of a product being certified against a framework is in the most part grounded in the framework actually describing a comprehensive, or proven solution that works out of the box. From what I have seen, many products out function the ITIL compliancy scheme, and when a customer (outside-in) perspective is added, many customers out require the software.

Events at a number of well known US organizations tell me its only a matter of time before someone thinks of getting their investment back by resorting to litigious tactics. Differentiation should be a combination of knowledge and experience in the form of results achieved on projects. And results should be verifiable and linked back to customer and business success.

The absolute drivel offered as 'consultative advice' on many ITIL linkedin discussion threads (most of which forget to ask anything about the requirement or customer context and plough straight into an ITIL book based mantra), tells me those consultants, many of which seem to be newly branded 'ITIL Experts', should take out additional business insurance before they offer any additional project guidance that encourages an expensive 'build it and benefit will come' approach.

When will we ever accept that ITSM is bigger than ITIL.... ITIL is but a contribution.... and that process improvement is irrelevant unless it improves customer satisfaction levels...

I was Twittering with

I was Twittering with someone about certifications last week. I think there would certainly be more value in certifying the product as installed at client sites in support of their processes rather than a blanket endorsement of product capabilities. Assessing at that level would certainly be more valuable to a buyer of those products than what is be certified right now. As I said in my tweets on the subject, the unintended consequences of Certifying a product for a tool vendor is similar to giving a loaded handgun to a toddler and telling them to act responsibly. It might happen, but do you really want to play the odds?


Neener Neener


First - I won't keep it a secret, my company has been through the OGC process and is one of the solutions assessed.

Great comment. What's happened is what I predicted last year. Vendors, out of requirement by customers go through the certification assessment, and of course the cost gets passed along to the customer. And since both Pink and OGC are "by process", there is cost involved with the more processes assessed. Pink used to "Verify" against Service Support processes as a group.

If you ask me, a solution should be measured (and tested) on its ability to a) Implement measureable process improvements, that are b) Cost justified (ie. cost less than what you were doing before) and c) Be customer focused. And not in any particular order.

The fact a tool passes a test (or number of tests) with Pink or OGC is interesting, but not significant... What I do like about the OGC test is that to acheive gold, you have to have three customers. Something I think is directionally correct. Is ITIL what I would assess against? Probably not. Far too many dead bodies lying on the road "to ITIL implementiation". The most important test, I would argue, is the one that occurs in a Proof of Concept against a customers specific goals and requirements.

If rationale people make rationale decisions against a set of rationale goals and objectives - the best solution wins and it's not always the same solution. Unfortunately, even before I entered the software industry, I watched customers make major purchasing decisions based on entirely the wrong set of data points and it ended in disaster.

Like I stated in a blog of mine last year; DON'T TRUST ANYONE (including me) - Buyer Due diligence is ultimately the answer and one should make EVERY vendor prove the declarations made during the sale...


I am confused about the OGC Certification on many levels but I want someone to explain this to me.

http://www.smcgltd.com/ + http://www.smcgltd.com/ITILa - http://www.itpreport.com/default.asp?Mode=List&Lev1=Ken%20Turbitt%20Blog&R=GL * http://www.itpreport.com/default.asp?Mode=Show&A=2200 = 999.00 pounds.

So a company can be paid to assess software and a blog the owner of that company is associated with sells information about the process for a thousand pounds.

How's that working out for everyone?

Smart business practice ?

I call it Smart Business Practice. Sell expensive stuff to people who have a lot of money and don't really understand/care about it but need to have figures to produce nice pie charts : the marketing departments of software vendors.

That's exactly the business model of so many analysts out there.


Syndicate content