Key Considerations for Establishing ITIL in your Enterprise by Robert Keahey

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE July 2009

WHITE PAPER

CONTENTS Executive Summary ............................................................................................................................................... 1 Benefits of Using ITIL as an IT Service Management Framework ............................................................................ 2 ITIL Benchmark Study Results ............................................................................................................................ 2 Factors affecting benchmark results: .............................................................................................................. 2 Overview of the ITIL Framework ............................................................................................................................ 3 Get Ready... Get Set... Wait! ................................................................................................................................. 4 Five Areas of Focus ................................................................................................................................................ 4 Focus Area 1 - Organizational Preparedness....................................................................................................... 4 Focus Area 2 - Scoping ....................................................................................................................................... 5 Focus Area 3 - Governance ................................................................................................................................. 6 Governance Model ......................................................................................................................................... 7 Governance Committee ................................................................................................................................. 8 Focus Area 4 - Training....................................................................................................................................... 9 Focus Area 5 - Tools and Resources .................................................................................................................. 10 CMDB........................................................................................................................................................... 10 Toolkits .........................................................................................................................................................11 Summary ............................................................................................................................................................. 12 Appendix A - Organizational Preparedness Self-Assessment ............................................................................... 13 Appendix B - Comparison of Key Frameworks and Models ................................................................................... 15 Appendix C - ITIL Certification Model ................................................................................................................... 16 Appendix D - Recommended Training...................................................................................................................17 Appendix E - Essential ITIL Toolkit Elements ........................................................................................................ 18 About robertkeahey.com ..................................................................................................................................... 19

Figures Figure 1 - ITIL Benefits ........................................................................................................................................... 2 Figure 2 - ITIL Processes and Functions .................................................................................................................. 3 Figure 3 - Key Focus Areas...................................................................................................................................... 4 Figure 4 - KEY ITIL Processesses and Functions for Service Delivery....................................................................... 5 Figure 5 - Governance Model Relationships and Drivers ......................................................................................... 7 Figure 6 - Sample Governance Committee Model .................................................................................................. 8 Figure 7 - Organizational Preparedness Self-Assessment Matrix .......................................................................... 13 Figure 8 - Comparison of Key Frameworks and programs (Source Wikipedia) ...................................................... 15

Figure 9 - ITIL Certification Model ........................................................................................................................ 16 Figure 10 - Recommended Training.......................................................................................................................17 Figure 11 - Essential ITIL Toolkit Elements ........................................................................................................... 18

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 2

EXECUTIVE SUMMARY IT service management is at a critical juncture. A "perfect storm" is brewing that holds the potential to wreak havoc on already fragile IT organizations, severely impacting both internal and external service delivery and doing irreparable damage to your company's brand. The economic melt-down that has occurred over the last 12 months has all but eliminated the ability of most IT organizations to invest in new technologies - thus burdening them with the task of responding to business unit demands with antiquated resources. And more and more of those resources, both physical and human, are being eliminated on a daily basis, leaving IT managers faced with an even greater challenge of trying to deliver responsive solutions to meet satisfy the enterprise's need to gain first mover advantage in a volatile marketplace. As companies "repaint" themselves to respond to the latest cloud computing industry buzz, IT managers are faced with the tough job of weeding through the hype to determine who can really deliver stable, cost effective IT services. Even more challenging is responding to the lines of business demands for more responsive, selfprovisioning services. What is the right IT infrastructure architecture to support the optimal blend of legacy services and next generation social networking capabilities? The third element of the perfect storm may be the most challenging - how do IT managers justify their existence? Should internal IT provide services to the enterprise or should they be outsourced? Is it an all or nothing proposition? How does the IT manager articulate the value of her organization's services in terms of the strategic objectives of the corporation? Is IT relevant to the business? These are tough questions that challenge even the most effective IT organizations. Unfortunately, long before the current crisis IT managers were faced with the task of demonstrating, implementing and executing a strategy to ensure effective delivery of IT services. The vast majority have been focused on one thing - cost cutting. But as we all know, very seldom does cost cutting result in improved services and responsive organizations. Now is the time to take what may be the biggest risk many IT managers have ever contemplated - positioning for the future. No amount of additional cost cutting is likely to solve the challenges that lie ahead - respond to market needs, grow the business, improve service levels, with no additional resources. In order to accomplish this, IT managers must institutionalize industry best practices that provide balance between two opposing forces control and flexibility. Accomplishing this task is by no means easy, but with proper planning and execution it can be done - and the benefits of a well-managed service delivery organization can be realized! This white paper is the second in a series that takes a look at the journey to creating a business relevant IT infrastructure. It focuses on the critical steps that should be followed in order to successfully implement an Information Technology Infrastructure Library速 (ITIL速) V3 framework within your IT service management organization. It is not intended to be an ITIL primer, but rather a guide to getting started with ITIL.

www.robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 1

BENEFITS OF USING ITIL AS AN IT SERVICE MANAGEMENT FRAMEWORK Improved alignment with corporate strategy and business objectives Common model for the definition of IT products and services Improved communication, awareness and support Improved product and service lifecycle management Reduction of financial and regulatory risk Increased operational efficiency and effectiveness Increased productivity and asset utilization Increased focus on continual service improvement Greater operational and business agility

ITIL BENCHMARK STUDY RESULTS ITIL Benefits Category

% Improvement Low High

Reduction in help desk calls

Reduction in overall IT support costs

Reduction in number of failed changes from improved testing

Reduction in FTEs assigned to incident matching, as a result of greater insight into the relationship between users, configuration items, and incidents

Reduction in the number of recurring incidents

Average reduction of time spent on problem management

9.4

Decreased user downtime as a result of better incident management

Reduction in the number of customers lost during systems failures, caused by inefficient management of changes

Reduction in the average incident resolution time

Companies experiencing improved recovery time after disaster

FIGURE 1 - ITIL BENEFITS

FACTORS AFFECTING BENCHMARK RESULTS: Companies that used external ITIL expert consultants achieved a higher level of results. Companies that implemented the complete suite of ITIL processes, as compared to companies that implemented ITIL in selected processes, achieved a higher level of results. Companies that invested in IT management tools to assess process changes and enable IT services achieved a higher level of results, compared to those companies that performed process changes with little or no investment in IT tools. Source: Research study of 55 global enterprises conducted by Glomark-Governan

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 2

OVERVIEW OF THE ITIL FRAMEWORK First and foremost, it's important to understand what ITIL V3 is and is not. ITIL is a framework, much like the framing of a house or building. It is the support structure upon which the remainder of the facility is built - tailored to the specific design requirements for the intended tenants. ITIL is a framework on which policies, standards, methods, processes, tools and "good practices" (commonly referred to as best practices) can be applied. As its name implies, ITIL is a "library" of process and function definitions and templates which can be deployed in varying degrees within an IT service management organization. It is not a system, software product or tool. You don't "install" ITIL, you deploy the framework. People are what make ITIL work in an organization. Unless the people in the enterprise are committed to ITIL it has very little chance of producing meaningful value. The people are the practitioners of the ITIL framework and their skills and expertise can be measured through the various levels of the ITIL practitioner certification process. ITIL itself does not have a certification process like ISO, so it is very important that close attention is paid to the care and feeding of the practitioners who implement and oversee the framework. They are your "measurement stick" for determining the health of the framework itself (the value of ITIL is measured via business performance). ITIL V3 consists of five "core" publications shown in Table 2, which represent the phases of the IT service management life cycle. Within each phase a set of functions and processes is defined. ITIL in and of itself is not "prescriptive", instead providing guidance with respect to implementing good practices to improve different areas of IT service management. Thus, it is up to the ITIL practitioners to determine on which areas and strategies to focus to provide the greatest return on investment - relative to the business strategy and objectives of the enterprise. The remainder of this white paper will focus on the key considerations to address before establishing ITIL within the enterprise, rather than the actual execution of the functions and processes that make up the IT service management capability. Without the proper foundation and framework, it is highly unlikely that the IT service management improvement initiatives within your enterprise will be able to support themselves under the immense pressure of day-to-day operational requirements.

Service Strategy

Service Design

Service Transition

Service Operation

Continual Service Improvement (CSI)

Financial Management

Service Catalog Management

Transition Planning and Support

Event Management

Seven-step Improvement Process

Service Portfolio Management

Service Level Management

Change Management

Incident Management

Service Measurement

Demand Management

Supplier Management Capacity Management Availability Management IT Service Continuity Management Information Security Management

Service Asset and Configuration Management Release and Deployment Management Service Validation and Testing

Problem Management

Service Reporting

Request Fulfillment

Return on Investment for CSI

Access Management

Business Questions for CSI

Evaluation

Service Desk

Knowledge Management

Technical Management

Requirements Engineering

IT Operations Management

Data and Information Management

Applications Management

FIGURE 2 - ITIL PROCESSES AND FUNCTIONS

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 3

GET READY... GET SET... WAIT! We all want results. Immediate, tangible validation that our efforts are bearing fruit and satisfying the goals and objectives that drives them. But all too often we plunge head first into initiatives without laying the groundwork necessary to ensure a defined minimum standard for success. ITIL has many different entry points and choosing where and how to start is extremely important since ITIL covers the entire spectrum of IT service management from strategy through continuous improvement. So picking the right scope and entry point for your ITIL strategy is essential to success.

FIVE AREAS OF FOCUS There are many different ways to approach corporate initiatives, but almost all of the approaches have a common set of steps that are required to ensure a successful launch. This white paper outlines five areas of focus to help prepare for the initiation of your ITIL program within your enterprise. Each area focuses on key aspects that are unique to ITIL, with the intent of accelerating the launch process and improving your odds for success. While not all of these areas are absolutely required, and they can be rearranged to fit your company's business model and organizational dynamics, it is recommended that you follow the recommendations as closely as possible. FIGURE 3 - KEY FOCUS AREAS

FOCUS AREA 1 - ORGANIZATIONAL PREPAREDNESS Organizational preparedness (readiness) is at the center of the focus areas for a very basic reasion - if the organization is mssing the key ingredients required for an effective ITIL implemenation then it is highly unlikely the investment in people, time and resources will pay the expected dividends. ITIL is not for the faint of heart. It requires commitment and discipline. Therefore its deployment and ongoing operations must be treated with the same level of energy and focus as any other corporate initiative. The good thing about ITIL is that many IT service management organizations are already performing a lot of the functions and processes defined by ITIL. Thus the investment to bring them together under a structured framework can be quite small in terms of capital and P&L expenses. But if the organization is not prepared to adopt a framework as an accpted way of working, then even though the financial investment may be small, the negative impact on the organization from a failed initiative could be significant. There are many aspects of program management that will not be covered in this white paper - planning, organization, sponsorship, communication, measurement, etc. These are basic ingredients of any successful initiative and it is assumed that your enterprise has established methods, processes and tools in place to support large scale programs. If not, then is it is highly recommended that you establish these capabilities first - and then tackle the task of IT service management improvement through an ITIL framework approach. There are several factors that underpin a successful ITIL framework rollout. The Organizational Preparedness Self-Assessment matrix found in Appendix A can be used to assist in determining if your organization (or enterprise) has these essential organizational dynamics in place to successfully roll out an ITIL framework for IT service management improvement. These dynamics focus on key aspects that relate to the five phases of ITIL ranging from change orientation to working with outside suppliers and partners.

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 4

After completing the self-assessment if any of the dynamics are rated "Not at All" or "Accepted" then it is highly recommended that you not launch an ITIL initiative until you have improved the dynamic to a minimum rating of "Initiated". Even then, proceed with caution, and it is suggested that you seek outside resources experienced in ITIL implementations to help you avoid the many pitfalls along the way. All too often organizations believe that implementing a framework brings the organizational dynamics and discipline required for improvement. Just the opposite is true. Organizational dynamics and discipline must be in place before any framework can help improve an organization's performance. Implementing a framework is much like implementing automation tools and techniques. If you try to automate a mess then you end up with an automated mess.

FOCUS AREA 2 - SCOPING ITIL is a big framework. Simply put, the framework is too comprehensive for any organization to adopt in its entirety. At least not all at once. Companies that have successfully implmented the full ITIL framework normally spend at least 18 to 36 months in establishing the framework and then populating each of the phases with best practices and tools required to operationlize the framework. Regardless of your ITIL implementation strategy, defining the subset of business and IT processes and functions that will provide the best return on investment is a critical first step. There are several approaches to determining which areas of your IT service management capability can benefit the most from the implementation of the ITIL framework and associated best practices and tools. Hopefully your IT organization has basic controls and measures in place that provide some degree of insight into the effectiveness of your operations. If so, then it is recommended to use that data as a starting point for determining which phases of ITIL will be most beneficial. If not, then there are studies that have been conducted that provide useful information about the areas of IT service management that lend themselves to improvement through the application of structure, control, measurement and continuous improvement. Given today's focus on improving IT service delivery while maintaining or reducing expenses, it is somwehat a foregone conclusion that most enterprises emphasize operational improvement as their primary goal. Thus, the Service Transition and Service Operations phases of the ITIL framework are usually the place where most enterprises choose to start. This leads us to a recommended subset of processes and functions within these two phases: Service Transition Change Management Service Asset & Configuration Management Release & Deployment Management

Service Operation Event Management Incident Management Problem Management Service Desk Request Fulfillment Access Management

FIGURE 4 - KEY ITIL PROCESSESSES AND FUNCTIONS FOR SERVICE DELIVERY

This subset is selected because they are closely related: Service Asset & Configuration Management is a foundational element required for managing change. Before you can reliably modify your existing operational evnrionment you must have a clear and accurate representation of the infrastructure assets that are used to deliver services. Change Management and Release & Deployment Management go hand-in-hand for establishing the controls required to successfully deploy changes to the operational environment. robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 5

Event, Incident and Problem management all deal with the same fundamental functions and processes identifying and managing disruptions (even though they may not cause an outage) to the operational environment. Request Fulfillment and Access Management provide the mechanims to ensure that requested services and access are reliably provided. Service Desk is the underpinning function that provides direct customer service for the management of all requests - whether they be for service requests, problem reporting or requests for information. Thus it makes sense to focus on these areas together to optimize the planning, methods, processes and tools that will be used to deploy new capabilities for IT service management improvement. So why not focus on the other fucntions and process in Service Transition and Service Operation? First, scope - biting off more than you can chew on a first attempt at ITIL is risky. Secondly, the functions defined by Technical Management, IT Operations Managment and Applications Management are very broad, and encompass many different processes and disciplines. Finally, for organizations initially focusesd on service delivery (versus strategy, portfolio management, etc.), these areas have been identified as key areas by several different surveys and studies. In 2008 the IT Process Institute in conjunction with Computer Associates published its Change, Configuration, and Release Performance Study. The report is based on an extensive survey of 341 companies and eleven executive interviews to identify best practices that predict the highest levels of performance impact. As you will see from this report, the key areas of change and release management and the requisite support functions were identified as the areas that provide the greatest operational improvement for the investement of time and resources.

FOCUS AREA 3 - GOVERNANCE Governance is a topic of discussion that makes most people cringe when they hear it. Unfortunately it has become synonymous with bureaucracy, control, snooping, meddling and several other descriptors that imply that governance is counterproductive to forward progress within an enterprise. If not properly organized, managed and reviewed it can become just that. But when governance is effectively applied to a program or initiative it can provide significant benefit in terms of sponsorship, guidance and support. Initiating an ITIL framework program or initiative without proper governance is guaranteed to fail. As mentioned in the previous focus area, ITIL is a large framework, and without proper oversight the rollout program or initiative will quickly experience scope drift, cost overruns, and unwanted (but well deserved) scrutiny from auditors, controllers, business unit leaders and senior executives. There are many aspects to governance and depending on the maturity of the enterprise, governance may be part of everyday business operations, or it may be something that is recognized as a "need to have". In the context of this whitepaper, it is assumed that most organizations that are focusing on IT service management improvement are more than likely part of an established enterprise - thus the focus will not be on the benefits of governance and how it works, but rather on the aspects of ITIL that are important to consider when building your governance model to support your framework rollout. Two areas of governance will be addressed. The governance model itself, and how the relationships between other frameworks and quality management systems need to be considered. The second area will focus on how the governance oversight - in terms of a governance committee - should be structured for maximum return on investment.

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 6

GOVERNANCE MODEL Figure 5 depicts a typical enterprise environment. At the center of the enterprise is a series of basic business operations functions such as planning, architecture and service management. These business operations functions are shaped by the market, customers and business constraint imposed by stakeholders and are supported by one or more frameworks that focus on a particular aspect of the service delivery model. Service level drivers determine how broadly and deeply the framework is populated with methods, processes, tools and best practices. Surrounding the business operations functions and frameworks is (typically) some type of a quality management system - shaped by the same market, customer and stakeholder constraints, and further defined by external government and regulatory compliance requirements.

FIGURE 5 - GOVERNANCE MODEL RELATIONSHIPS AND DRIVERS

While ITIL is focused on the improvement of IT service management, it is broad in the number of business functions with which it must interoperate to be effectively deployed within an enterprise. Thus the opportunity for overlap with other frameworks and quality management and control systems is fairly high. The key to remember about ITIL is that as a framework it focuses on structure, nomenclature and discipline rather than specific methods, processes, tools and best practices - and the ability to integrate those capabilities within the framework is at the core of a successful deployment. Appendix B provides a comparison of some of the most common business frameworks and quality and control models. An essential step in preparing to deploy ITIL is to assign priority to which framework or model will be the "primary" governance model for a particular function or process within the enterprise service delivery model. With respect to ITIL, the following primary governance areas are recommended as a starting point: IT portfolio development and management IT service management architecture and design Asset and configuration management Change management and release management Request management Service desk

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 7

GOVERNANCE COMMITTEE A well organized and managed governance committee provides great value in not only "controlling" the deployment and management of a business capability, but also in providing the key sponsorship needed for any program to be successful. Thus the makeup of the governance committee is critical - with the key being to have the proper number and mix of stakeholders involved.

FIGURE 6 - SAMPLE GOVERNANCE COMMITTEE MODEL

Figure 6 depicts a sample governance committee model for an ITIL framework. The model represents seven stakeholders (five required, two optional) that must be actively engaged in the oversight and support of an ITIL deployment. Supporting the governance committee is a program office which should leverage the methodologies, tools and best practices of your enterprise. However, since continuous improvement is a underpinning aspect of ITIL, it is suggested that the function of quality management be included in the program office oversight, adding it as a stakeholder as the framework is institutionalized within the enterprise and the Continuous Service Improvement phase is addressed as a separate initiative. Each of the stakeholders has a key role within the governance committee: IT Operations - must be the senior director or executive responsible for the day-to-day IT service management. The executive is at the center of the improvement initiative and is ultimately responsible for the results from the deployment of the framework. IT may or may not "own" the budget for the rollout program or initiative. Executive Committee - a single representative from enterprise executive team who will provide sponsorship and represent the voice of enterprise. Business Units - a single representative (recommended) who represents the business strategy for the enterprise. Depending on the size and complexity of the enterprise there may need to be multiple representatives, but it is highly suggested to keep the number as small as possible. Finance - oversees the budgeting and accounting with respect to the program and provides oversight for the financial impact of the rollout and ongoing operations. Chief Information Officer (CIO) - represents the business systems view of the enterprise service delivery model and supply chain. It is recommended that the CIO also represent both the physical and information security aspects of the enterprise service delivery model. Supplier(s) - this optional representative provides oversight for externally supplied IT services. If the enterprise has engaged in an outsourced service delivery model then this position should be considered to be required instead of optional. Customer(s) - this optional representative provides direct feedback on the performance and requirements for IT service management capabilities. It is recommended that customer representatives be included after the initial rollout of one or more key functions or processes has been completed. The key to a successful governance committee is to keep it "optimized" in the number of participants. Fewer is better for the initial rollout and as the framework is institutionalized with the organization the makeup and number of participants of the governance committee can be adjusted. robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 8

FOCUS AREA 4 - TRAINING Like other frameworks and quality and control models, ITIL offers a accreditation program - the details of which can be found at the ITIL website. The accreditation is recognized by the United Kingdom's Office of Government Commerce (OGC), and is administered by their official accreditation agency, APM Group, Limited. In a nutshell, ITIL certification, like similar certifications is a long, arduous task. Appendix C outlines the various certification levels that may be obtained. Tracing the various options can also be a daunting task and it not necessary for the establishment of ITIL as a framework. So the ultimate question is should you require certification within your organization and to what level? Certification for the Foundation, Lifecycle and Capability modules simply validates awareness and knowledge of the material. Only when you enter the Managing Across the Lifecycle, Expert and Master levels of certification does the validation of application of the principles of ITIL occur. Obtaining certification at these levels is measured in years and is limited to a handful of practitioners who specialize in the field of IT service management. Ultimately the value of certification comes down to the individual and how they use the knowledge and experience. However, it is recommended that the managers who will be responsible for the major phases of the ITIL IT service management phases complete the ITIL V3 Foundation certification. This will help to ensure the common understanding and communications capabilities are in place. Appendix D illustrates the most commonly used high level roles defined by ITIL (there are over 90 roles in total). For each of these high level roles a recommended training program is outlined, focusing on the timing of the training during the first year of the ITIL rollout initiative. For certain roles it is imperative that the ITIL V3 Foundation training occur before the official launch of the initiative, as it provides the foundation for understanding and communication. For other roles, the Foundation training may occur shortly after the program launch. For specific assignments under a high level role definition, a particular path may be followed. For example, a SLA Manager would want to pursue Service Strategy and Service Design lifecycle modules in conjunction with the Service Offering and Agreements capability module. A Release Deployment Manager would want to pursue the Service Transition and Service Operation lifecycle modules in conjunction with the Release, Control and Validation capability module. And an Operations manager would want to pursue the Service Operations lifecycle and the Operational Support and Analysis capability module. Obviously each of these roles would want to complete the entire lifecycle and capability curriculum, but to ensure short term success it is suggested that these types of groupings be utilized to provide maximum awareness and knowledge for the particular role. ITIL training is available from a variety of classroom and self-study sources. For ITIL V3 Foundation it is recommended that a classroom, certification, train-the-trainer, self-study path be utilized. That is, a selected number of individuals should participate in a structured classroom environment, followed by completion of the V3 Foundation certification (which is administered by a controlled group of providers outlined on the ITIL website). These individuals can then act as coaches and mentors for others who can use a variety of self-study courseware and materials to complete the preparation work for V3 Foundation certification. Beyond the V3 Foundation training and certification level, it is recommended that structured classroom delivery be utilized as the primary means of training for lifecycle and capability modules. These modules address specific elements of the service management framework and utilize hands-on case studies for knowledge transfer, which are generally not effectively delivered through self-study methods.

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 9

FOCUS AREA 5 - TOOLS AND RESOURCES Like the foundation and walls of a house, ITIL provides the framework to which other elements (methods, processes, tool, best practices, etc.) are attached and built upon to create a structure - in this case, the functions and capabilities that provide improvement in an enterprise's IT service management capabilities. Similar to a house or building, there are many elements that make up the final structure of IT service management - too many to address in a single white paper. However, there are two that should be addressed before taking the initial steps to implement an ITIL framework - the configuration management database (CMDB) and toolkits.

CMDB ITIL describes the CMDB and its importance as follows: “Configuration Management provides the foundation for successful IT Service Management and underpins every other process. The fundamental deliverable is the Configuration Management Database (CMDB), comprising one or more integrated databases detailing all of the organisation’s IT infrastructure components and other important associated assets. It is these assets that deliver IT services and they are known as Configuration Items (CIs). What set a CMDB apart from an ordinary asset register are the relationships, or links, that define how each CI is interconnected and interdependent with its neighbours.”1 However, the IT Process Institute report described in Focus Area 3, cites the following: "Only 19% of survey respondents have a CMDB. And only 47.4% of top-performers have CMDB enabled change linkage practices. However, the change linkage practices are a statistically significant predictor of top levels of performance in release rollback rate, configuration drift, and SLA fix rate."2 There are significant debates concerning the need and value for a fully integrated CMDB. On one side of the argument there are those that say it is an impossible task to fully implement a CMDB as described by ITIL. The other side of the argument states that the only way to effectively manage an environment that is constantly changing is to have a reliable source of truth that represents the assets and provides line of sight between them (relationships). This white paper takes the latter position - a CMDB is an essential element of managing a service delivery environment - especially when service level agreements are utilized. This white paper does not recommend a particular CDMB architecture (fully integrated versus federated) nor does it recommend any vendor products. However, there are several key aspects/recommendations that should be considered before launching an ITIL initiative: Do not launch an ITIL initiative without a source of truth that describes the elements that are essential for the lifecycle phase(s) being deployed. ITIL describes many different elements that make up a CMDB - IT assets (computers, data storage, networks, software, etc.), processes, people, tools, product collateral, documentation, to name just a few. Do not initially "over populate" the CMDB - start only with the elements required for the initial rollout. However, do not create an architecture/schema that prevents future expansion. Utilize existing CMDBs whenever possible. If you have a vendor supplied CMDB that represents some or all the aspects of your enterprise business model, then use it (extend it) to accommodate the elements needed for your ITIL implementation. Do not create another instance of a CMDB just for ITIL - this will only increase the cost and complexity of your enterprise business operations. 1 2

An Introductory Overview of ITIL, itSMF, 2004 Change, Configuration, and Release Performance Study, IT Process Institute & Computer Associates, 2008

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL® IN YOUR ENTERPRISE

Page 10

Use a vendor supplied (including open source) CMDB rather than a "home grown" database. Commercial CMDBs usually provide a wide range of features and adhere to published or de facto standards, ensuring forward compatibility. Utilize a CMDB that provides open, documented interfaces for data insertion and extraction. A key aspect of the CMDB within ITIL is the ability to create reports that represent the current and planned state of the IT service management environment. Utilize a CMDB that provides scripting capabilities that allows for the enforcement of policies regarding utilization of resources, change monitoring, and versioning, etc. Incorporate, where appropriate, tools (e.g., LAYERZngn CPlane, Tideway, Blazent, EMC SMARTS, et al) that automate the discovery and correlation of business assets to improve the quality and integrity of the CMDB data elements. Implement strict controls for the access, management and maintenance of the CMDB contents. Execute regular integrity checks (incomplete data, missing relationships, duplicates, etc.) to ensure the integrity of the CMDB contents. By following these simple guidelines you will create a source of truth for your IT service management environment that will provide a clear and accurate picture of the essential elements of your service delivery functions and processes, and can be expanded along with the scope of your service improvements initiatives.

TOOLKITS Constructing a solid house or building requires good materials and the right tools to assemble the structure. No matter how good the materials may be, if the proper tools are not available then the quality of the outcome may, and more likely will, be less than desired. The same holds true for ITIL implementations. You may have lots of energy, enthusiasm and support, but if you don't equip the team with the essential tools required to successfully complete the job then the initiative will quickly lose momentum - and more than likely result in failure. The essential toolkit elements for ITIL, outlined in Appendix E, comprise a series of lifecycle publications, reference documents, guides, assessments and models that provide the foundation and common language that will help ensure a consistent approach to the deployment of the ITIL processes, functions and best practices. These toolkit also contains a series of templates that can be tailored to fit the specific strategy and needs of your enterprise. Obtaining ITIL toolkits is relatively simple (and inexpensive when compared to the overall rollout) and should be done well in advance of the program launch. Most of the commercially available toolkits contain the same basic information and can be purchased from providers such as: The ITIL Toolkit - www.itil-toolkit.com The Art of Service - www.theartofservice.com ITIL Central - itsm.fwtk.org In addition to commercial resources there are also several good open community organizations that provide useful ITIL toolkit resources and advice: The ITIL Community Forum - www.itilcommunity.com The ITSM Community - www.itsmcommunity.org Best Practice Management - www.best-management-practice.com

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 11

SUMMARY More than ever, IT service management is under the microscope of corporate scrutiny. As new technologies pave the way for even more self-service capabilities, the potential for uncontrolled infrastructure growth and unmanaged services is escalating. If left unchecked, these problems can result in unnecessary expenses, poor service and loss of confidence in the IT organization. Implementing policies, processes and best practices within your IT service delivery environment gives you the ability to improve your services while responding to new business and technology requirements. But implementing these changes to your existing operational model must be done with careful planning and wellmanaged execution. ITIL provides a foundation for service improvement, but in and of itself does not change the way your organization performs. Methods, processes, tools and best practices must be deployed on top of the ITIL framework to create an environment that supports continuous service improvement. Proper planning for rolling out ITIL within your organization is the critical first step and requires that you address some considerations before you launch your initiative. ITIL is big, complex and the effort to deploy it should in no way be minimized. But it a successful implementation can be accomplished if you remember some of these key points: Know your organization's capabilities - everybody has to pull in the same direction Identify the critical areas for improvement - start small and build on successes Build a strong governance team to help guide and support your initiative Use a source of truth - knowledge is power Equip the team - they are your key to success Good luck!

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 12

APPENDIX A - ORGANIZATIONAL PREPAREDNESS SELF-ASSESSMENT The following self-assessment matrix can be used to determine your readiness to engage in an ITIL framework deployment initiative. The ten organizational dynamics described here relate to key mindsets, orientations and service delivery practices that are essential for the successful deployment of ITIL within any IT service delivery organization. Instructions: Using the key on the following page, place an "X" in the "Degree to Which the Dynamic is Present in the Organization" column that best describes your organization (or enterprise) for each dynamic. When selecting your answer, think in terms of where your organization is today or where it will be when you plan to initiate an ITIL rollout. Organizational Dynamics Dynamic

Degree to Which the Dynamic is Present in the Organization Description

1 Change Orientation

2 Process Culture

3 Business Focused

4 Matrixed Management

5 Transparency

6 Continuous Improvement

7 Product Discipline

8 SLA-based Service Delivery

9 Self-Service Orientation

10 Outsourcing/Partnering Mindset

Not at Accepted All

Initiated

Institutionalized Embraced

The organization is open to new methods of service delivery and is prepared to modify its behavior in order to improve operational effectiveness and efficiency The organization understands the value of structure, discipline and control and recognizes the benefits they bring to service delivery The organization understands that business (not technology) is the key driver for product, service, function and process design and development and the success of the business is the ultimate measure of success for the IT service delivery organization The organization is open to working in a cross-functional, cross-organizational environment where direct control and management may reside in another organizational structure The organization recognizes the value of visibility into the performance of its methods, processes, tools and people The organization recognizes the value of investing resources in defining, measuring, reporting and developing improvement plans for service delivery processes and functions The organization utilizes defined products and services and works within the boundaries defined by the product or service description The organization is focused on customer satisfaction and understands the value of delivering services according to documented service levels The organization is open to the practice of allowing users to provision and to some degree manage their own IT services The organization recognizes the value of using partners and external suppliers when appropriate and creates a win-win relationship

FIGURE 7 - ORGANIZATIONAL PREPAREDNESS SELF-ASSESSMENT MATRIX

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 13

Key: Not At All - the organization has displayed no initiative to pursue behavioral change Accepted - the organization recognizes the need for change, but has not taken any specific actions to modify its behavior Initiated - the organization has implemented programs and initiatives to change its behavior, but it is too early to determine if it has improved effectiveness and efficiency Institutionalized - the organization has implemented programs, policies, best practices and measurement systems and rewards behavior based on results Embraced - the organization recognizes the benefits of changed behavior, consistently rewards organization effectiveness and efficiency, and places continuous improvement high in its business priorities

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 14

APPENDIX B - COMPARISON OF KEY FRAMEWORKS AND MODELS Name

Type

Information Technology Infrastructure Library (ITIL)

Framework

enhanced Telecom Operations Map (eTOM)

Framework

Application Service Library

Framework

Microsoft Operations Framework (MOF)

Framework

COBIT Control Objectives for Information and Related Technology (COBIT)

Quality and Control Model

Capability Maturity Model (CMM)

Quality and Control Model

Six Sigma

Quality and Control Model

Total Quality Management (TQM)

Quality and Control Model

Committee of Sponsoring Organizations (COSO)

Quality and Control Model

Description A customizable framework of best practices that promote quality computing services in the IT sector. Built on a process-model view of controlling and managing operations, ITIL addresses the structure and skill requirements for an IT organization by presenting a comprehensive set of management procedures A guidebook, the most widely used and accepted standard for business processes in the telecommunications industry. The eTOM model describes the full scope of business processes required by a service provider and defines key elements and how they interact. A public domain standard, which describes a standard for processes within Application Management (the discipline of producing and maintaining information systems and applications). The term "library" is used because the ASL standard is based on the descriptions of best practices from the industry. A series of guides aimed at helping information technology (IT) professionals establish and implement reliable, cost-effective services. A framework for information security that provides managers, auditors and IT users with a set of generally accepted IT control objectives to assist them in developing appropriate IT governance and control in a company. A method for evaluating and measuring the maturity of the software development process of organizations on a scale of 1 to 5. A revised version, the Capability Maturity Model Integration (CMMI), provides guidance for improving an organizationâ&#x20AC;&#x2122;s processes and a way to manage the development, acquisition and maintenance of products or services. A data-driven quality-management program to control variation and thereby achieve extremely high levels of quality. "Six sigma" refers to six standard deviations in statistical measurement, which in the methodology corresponds to a maximum of 3.4 failures per million units. A business management strategy aimed at embedding awareness of quality in all organizational processes. TQM has been widely used in manufacturing, education, hospitals, call centers, government, and service industries, as well as NASA space and science programs. Provides guidance on critical aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting

FIGURE 8 - COMPARISON OF KEY FRAMEWORKS AND PROGRAMS (SOURCE WIKIPEDIA)

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITILÂŽ IN YOUR ENTERPRISE

Page 15

APPENDIX C - ITIL CERTIFICATION MODEL

FIGURE 9 - ITIL CERTIFICATION MODEL

Key

Source: ITIL

速

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 16

APPENDIX D - RECOMMENDED TRAINING Core ITIL V3 Foundation Governance Committee Members IT Operations Manager Executive Committee CIO Finance Business Unit(s) Supplier(s) Customer(s) Practitioners

(1)

Analyst - Lead Analyst Architect - Lead Architect Consultant Coordinator Designer - Lead Designer Developer Engineer Liaison Librarian Manager Operator - Lead Operator Owner

Lifecycle Modules Capability Modules SD ST SO CSI OSA PPO RCV SOA

• • • • • • •

• • • • • • • • • • • • • •

• • • • •

• • • • • • • • •

• • • • • • • • • • • • • • • •

FIGURE 10 - RECOMMENDED TRAINING

• • • • • • • • • • • • • • • •

Key

• • • •

Not required/optional 3 months prior to ITIL rollout initiation Within first 3 months of ITIL rollout Within first 6 months of ITIL rollout Within first 12 months of ITIL rollout

Note (1): The ITIL job classifications vary by toolkit and implementation. robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL® IN YOUR ENTERPRISE

Page 17

APPENDIX E - ESSENTIAL ITIL TOOLKIT ELEMENTS Toolkit Element ITIL Lifecycle Publication Suite Beginners Guide Factsheets

Reference Sheets Terms and Definitions ITIL V3 Process Model Management PowerPoint Presentations Readiness/Preparedness Assessment Process Compliance Assessment Questionnaires Job Descriptions Project Roles & Responsibilities Framework Descriptions and Comparisons ITIL V3 Bridging Kit

Description/Purpose The definitive ITIL reference source published by the UK Office of Government Commerce. Overview of the management model, the history, implementation, the processes and different disciplines. Describe the goal and basic activities of each of the processes and act as a reference guide for everyday use. Include explanations of why, goals/objectives, activities, results, costs, and benefits. Provide a more detailed description of the methods and frameworks in common use across the IT Service Management sector. Outlines with number of related approaches, providing both understanding and a quick reference point. Provide detailed descriptions of the elements that comprise the ITIL framework. Provides a one page overview of the ITIL frameworks and the relationships and flows between the phases. Provide insight into the discipline of service management in general and the ITIL framework. Explain the concepts to executives and management and covers everything from the ITIL framework to certification to benefits and risks. Examines a range of organizational, operational, financial, process and infrastructure aspects, helping to identify areas that are in particular need of attention. Assist in determining what areas are working well and which areas are in need of attention with respect to best practice. Provide a detailed description of the responsibilities and skills required for each of the roles defined in ITIL. Provide a detailed description of each of the project roles and the associated job descriptions. Outline the key aspects of the most common business frameworks and quality and control models to support the rationalization of overlaps and conflicts. (Optional) Outlines the relationships between the 12 main concepts in ITIL V2 and the new concepts in ITIL V3. FIGURE 11 - ESSENTIAL ITIL TOOLKIT ELEMENTS

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITIL速 IN YOUR ENTERPRISE

Page 18

ABOUT ROBERTKEAHEY.COM Successfully identifying, analyzing and creating compelling value propositions for emerging technologies that drive both top and bottom line value for global enterprises of all sizes is Robert Keaheyâ&#x20AC;&#x2122;s expertise. Mr. Keahey, who holds an Information Technology Infrastructure Library (ITIL) V3 Foundation certification, brings to his clients a successful track record of innovation, strategic technology and business planning and development, superior service delivery and operational know-how complimented by a variety of information technology industry experiences. He has a network into high level executives in the information technology industry and has partnered with key players such as Microsoft, Sun, Cisco, EMC and Oracle to develop industry leading capabilities. He also has relationships with numerous venture capital firms and has assisted in the evaluation, development and acceleration of the business plans of several of their portfolio companies. Contact Robert Keahey via his website at www.robertkeahey.com

The information herein is provided "as is" without warranty of any kind, express or implied. robertkeahey.com shall not be responsible for any damages arising out of the use of, or otherwise related to, this information. Nothing contained herein is intended to, nor shall have the effect of, creating warranties or representations from robertkeahey.com. All brand and product names are trademarks or registered trademarks of their respective holders. Reference to a company or a product name does not imply approval or recommendation of that company or product to the exclusion of others.

robertkeahey.com

KEY CONSIDERATIONS FOR IMPLEMENTING ITILÂŽ IN YOUR ENTERPRISE

Page 19