ITIL is fashionable in the world, everyone speaks, good or bad as they have gone, of ITIL. In ITIL audit journals, in ITIL security magazines, everywhere ITIL … but, what is ITIL and what is it for? In this article I will try to answer the previous question, in such a way that the readers make a better use of ITIL in their organizations, getting the best out of it and without asking them to do things they do not know or cannot do.
The idea here is to understand “the philosophy” of ITIL and give some ideas of how, when and why to apply it in real life. So, I will use version 2 to develop my ideas, although all the concepts apply in the same way if you are thinking of version 3.
Before entering the subject, it is necessary to talk about two relevant issues and very related to ITIL:
- Administration of IT services.
- Administration by processes.
Because it is necessary? Easy, because some of ITIL’s basic premises rest on those issues and, therefore, understanding ITIL implies, inevitably, understanding them.
What is IT service management? Let’s see: if we recognize the growing dependence in IT areas for the fulfillment of strategic objectives, then this dependency implies a higher quality of IT services. Therefore, quality must align with business objectives and the needs of users, which leads to a paradigm shift: IT areas must change their vision of device managers to IT service administrators.
Traditionally when asking someone from IT “what do you do?”, We are used to hearing answers like “I am a firewall administrator”, “I am a server administrator”, etc., but what is the problem with it? If we think about it, users do not think, as technicians say, in “boxes”. They may not even know, or care, what a firewall, a switch, a router, etc. is or what it is for. What users want is to make use of certain services, the famous IT services, such as email, Internet access, printing service, and so on.
It is precisely this dichotomy between an IT area and its users that can often cause their opinions to be diametrically opposed as to what the former offers: while the technicians focus on “managing boxes”, without realizing that the relationships between them are relevant, the users what they see are services, which are provided through a whole set of different boxes, so that a failure or deficiency in one of them spreads throughout the system. This is how, for example, we get to see IT reports that boast 99.9999% availability in the Internet access firewall, while users complain that the Internet access service is very bad because of slow, intermittent, or for other reasons.
What is the core of the matter? Precisely is that an IT service is delivered to users through a set of boxes (technology), people who handle the boxes (people) and instructions and relationships between them (processes). That is why the IT area must understand that what it manages and gives its users are IT services, not devices. The challenge is to achieve the efficient integration of people, processes and technology for better management of IT services, optimizing the use of resources and constantly improving service levels.
Form 1 – IT Service Administration: integrating people, processes and technology
And what is administration by processes? To facilitate the explanation, a bit of history: Traditionally, organizations have been structured based on functional departments that hinder customer orientation (for example, Finance, Production Management, Sales Direction and Systems Management), with very hierarchical flow charts divided into multiple levels. Normally this type of organizations suffers from two major problems:
- The “official” communication flows vertically and can be very slow. Even sometimes propitiates the well-known game of “decomposed telephone”. For example, two operators from different areas that require an official agreement must “go up” through the organization chart to the common branch, going through all the levels of the same (operator A -> supervisor of A -> coordinator of A -> manager of A -> director of A -> director of B -> manager of B -> coordinator of B -> supervisor of B -> operator B).
- “Power preserves” and “ideological islands” are created that have nothing to do with satisfying the needs of the final client. Some examples: The director of a certain area defends to coat and sword his privileges and, in many occasions, more than collaborator of other directors is an enemy of them, and they of him. Finance people only see the company from their point of view (financial statements, costs, expenses, etc.) and do not consider other variables and other points of view such as customer satisfaction, work environment, and so on.
However, in the daily life of the organization what you have are processes that flow horizontally, crossing hierarchical flow charts.
That is why management emerges by processes, which perceives the organization as an interrelated system of processes that contribute together to increase customer satisfaction. Administration by processes coexists with functional management, assigning “owners” to key processes, making possible an interfunctional management that generates value for the client and, therefore, seeks their satisfaction; determines which processes need to be improved or redesigned, establishes priorities and provides a context to initiate and maintain improvement plans that allow achieving objectives; and makes it possible to understand the way in which business processes are configured, their strengths and their weaknesses.
It also gives the way in which the organization manages and continuously improves the business processes to achieve its objectives and create value for its shareholders, customers and collaborators. In the end, what process management tries to change is: going from a product-oriented organization (in which there are processes not coordinated or managed), by an organization that manages its processes in cycles of continuous improvement through the famous cycle of “Plan do Check Act” or PDCA.
History of ITIL
Well, it seems that it is time to enter into matter. Let’s start like the classics with a definition:
ITIL (IT Infrastructure Library): Framework that describes a set of best practices and recommendations for the administration of IT services, with a focus on process management.
Sounds good, does not it? But what it is for and how it is used, that is another matter, and that is what I will try to explain in this series of articles, but first let’s see a bit of its background: in 1987 the CCTA, a British government agency (now called the OGC) initiated a project called GITIMM (Government IT Infrastructure Management Method), in which they involved several consulting firms to investigate and document the best practices for planning and operating the IT infrastructure. Shortly thereafter, as the project evolved from infrastructure management to IT service management, the name was changed to ITIL.
As a reference framework, ITIL was created as a model for the administration of IT services and includes information on the goals, general activities, inputs and outputs of the processes that can be incorporated into the IT areas.
Since its inception ITIL was made available to the public in the form of a set of books, hence its name, so that organizations around the world could adopt it. The first version consisted of 10 main books that covered two major topics: “Service support” and “Service delivery”, as well as a series of complementary books that covered such dissimilar topics as the administration of continuity or issues related to wiring. Subsequently, in 2001 a major restructuring was made that brought together the 19 main books in only 2, while other topics continued in separate books, thus giving a total of 7 books for the second version of ITIL:
- Service support (1).
- Delivery of the service (2).
- Security administration (3).
- Administration of the ICT infrastructure (4).
- Administration of applications (5).
- The business perspective (6).
- Planning to implement the administration of services (7).
Precisely with version 2, in the mid-90s, ITIL was recognized as a “de facto standard” for the administration of IT services, which, as always, had to keep evolving to consider the new schools of thought and align themselves better to other standards, methodologies and best practices, which led in 2007 to the release of version 3 of ITIL.
ITIL V3 only consists of five books, which are structured around the service life cycle:
- Service strategy.
- Design of services
- Transition of services.
- Operation of services.
- Continuous improvement of services.
This new structure organizes ITIL V2 processes with additional content and processes aimed at better management of the life of IT services. Based on this observation, we can say that the V3 reinforces the focus on IT services, without neglecting the processes, but making clear that although the processes are important are secondary and only exist to plan, deliver and support services.
Although there are different definitions, for practical purposes we can say that “best practices” are a set of practices that someone obtains by analyzing and studying what the best exponents of a particular topic do and do not do. The idea is that at the end of the analysis there will be a set of practices common to all those who are at the forefront, and it is precisely this set that is collected and launched as “the best practices” for a given topic.
Thus, best practices do not have a pure mathematical or analytical foundation, they are simply obtained from the real world and represent what “seems to be the best” so far. As such, best practices can change over time and, which is also very important, be very careful when establishing them so as not to reach erroneous or illogical conclusions that lead to absurd “best practices”.