Back in the 1980s, the UK government was frustrated with the poor performance of its IT. Plus ca change.
To address this, it developed its own set of rules for managing IT. Those rules espoused the principle that rather than simply operating a bunch of machines, IT departments were there to deliver a service to their colleagues – the service of empowering them to be more productive in their work through information technology.
Those rules, of course, formed the IT Infrastructure Library, or ITIL, arguably the most influential set of documents in IT management. ITIL forms the basis of IT service management, the idea – to put it simply – that IT should be run as though were a standalone business, treating its users as though they were customers.
But ITIL was developed in the era when the IT department was in the driving seat when it came to technology selection, deployment and management.
It would be an exaggeration to say that today’s IT departments have lost all control, but certainly business department and end users have much more autonomy than they did 30 years ago.
It is not uncommon for a business unit to select its own software-as-a-service applications. And it is certainly not unusual for an employee to use their own smartphone or laptop for work.
Can the IT department maintain the service provider ethos, when in many cases it is not providing the service? Is IT service management in general, and ITIL in particular, still relevant?
The answer, it seems, depends on how they are applied.
Unsurprisingly, some of the recommended processes and principles may not be relevant in the era of automated infrastructure provisioning and bring your own device (BYOD).
IT departments that stick to the letter of the ITIL law may struggle to adapt to the new, flexible ways of delivering technology.
But as technology is increasingly delivered from a variety of sources, both internal and external, the principle of working to maintain a useful and coherent service for employees that has never been more relevant.
ITIL and the cloud
ITIL was won many millions of accolytes over the years. But it has also won some enemies.
One of them is Steve Chambers, chief technology officer of Canopy, the cloud computing subsidiary of French IT services company ATOS.
Chambers once worked in the IT department of a bank, so has experienced a mature service management organisation first hand. But it was while working for VMware that his antipathy toward ITIL took root.
“It was my job to encourage customers to use more virtualisation,” he says. “And one the main reasons that couldn’t, even if they wanted to, was an inflexible approach to service management.”
The change management processes that many organisations had introduced, under the influence of ITIL, would often demand that every time a virtual machine moved from one physical server to another. And if that proved impractical, they would favour the process over the innovation, Chamber says.
“They would say, we have to adapt our whole service management model to fit this new technology,” he recalls. “We'd have to spend so much on it that we’d rather just stick with what we've got.”
“It meant they couldn’t embrace the change that virtualisation brought,” he adds. “OK, I was a supplier to trying shift as much product as I could. But if the product provides proven business value, like virtualisation does, then it’s in their interest to be able to adapt.”
Now, Chambers says the same thing is happening with cloud. Prompted by a tick-box approach to ITIL, customers often demand detailed architectural plans of Canopy’s cloud services, he claims.
Of course, businesses should be careful with what is happening with their data, but part of the benefit of cloud is that it removes the burden of complex infrastructure management.
It need not be like this, Chambers adds. “In theory, cloud should be wonderful for sevice managers because, at last, you are literally buying a service. But the challenge for them is that ITIL doesn’t help you with cloud.”
“Choosing the right cloud service provider is a notoriously difficult question, but nowhere in ITIL does it provide any guidance.”
Despite his dim view of ITIL, Chambers is a supporter of service management done right.
“A good service manager will understand the impact of new technology on a service, whether it’s optimising or innovating,” he explains. “And they will use ITIL as a tool – take what you need, but don’t get religious about it.”
“There are some really good people out there who understand what service management is really about: injecting value into the business.”
Stephen Mann, a former Forrester Research analyst who recently joined ITSM software-as-a-service provider ServiceNow, is not quite so hard on ITIL.
“ITIL has helped so many IT departments become more professional, more efficient and more effective,” he says.
However, while most IT departments have adopted the more technology-focused components of ITIL, few have got as far as implementing the capabilities that really transform that IT operating model into true service delivery, he says.
“Most IT departments do incident management and change management pretty well, and they pretend to do problem management,” he explains. “They started to do configuration management and service level management, but gave up because they are too hard.
“They may have bought a service catalogue back in 2009, but service catalogue have mostly failed to live up to expectations.”
Few organisations, however, have adopted ITIL’s recommendations for service level management, supplier management, IT financial management, or business relationship management. “I’d be surprised if more than 10% of organisations have reached that level of maturity.”
It is these capabilities, though, that are emerging as core competencies as supplier relationships, service levels and budgets become the levers through which the IT department manages the service presented to employees. “Those things that are missing are the things that we need for cloud, BYOD, social, maybe even analytics and big data,” Mann says.
So why, if they are so beholden to ITIL, have the majority of IT departments failed to adopt these critical capabilities? The problem, Mann believes, is a question of mindset – IT people think about technology implementation, not human empowerment.
“Let’s take BYOD as an example,” he says. “IT departments are more than happy to discuss issues around security, device management, device selection. They get as far as supporting employee devices.”
“But one thing you'll struggle to get from someone who works in IT to talk about is the fact that it's not about the mobile device or the back-end and cloud infrastructure,” he adds. “What it's really about is allowing employees or customers to access IT or business services while they're on the move.”
“They completely miss that,” he says. “That, unfortunately, is one of the biggest flaws with IT service management training and certification over the last 20 users.”
That misguided mindset, Mann says, is evident in certain service management vendors’ promises to help IT departments “protect themselves” from cloud computing.
“Hold on a minute,” he says. “Your IT organisation should be leveraging cloud in the best interest of the business.”
While Chambers believes the overzealous implementation of ITIL is the problem, Mann says IT departments have cherry picked the easier but less transformational components. “We're not focused on doing the things that make a difference,” he says.
But both agree on the principle: that the IT department’s raison d’etre must be delivering empowering services to the business, not ticking boxes and fussing over technology. And that, after all, is what ITIL was designed for in the first place.