ITIL 101: An Executive Guide to the IT Infrastructure Library

ITIL is a framework of best practices for delivering IT services. What's the big deal about it, and why is it considered so important in corporate computing? We explain the basics before you hunker down with the books.

What is ITIL?

What is ITIL?

The IT Infrastructure Library, or ITIL, is just that: a library of volumes describing a framework of best practices for delivering IT services.

Developed by the British government's Central Computer and Telecommunications Agency (CCTA) during the 1980s, it at first consisted of more than 30 books, developed and released over time, that codified best practices in information technology accumulated from many sources (including vendors' best practices internally, consultancy) around the world. IBM, for example, says that its four-volume series on systems-management concepts, A Management System for Information Systems, known as the Yellow Books, provided vital input into the original ITIL books.

When CCTA, along with several other agencies, was rolled into the Office of Government Commerce (OGC), the OGC adopted the project as part of its mission to work with the U.K. public sector as a catalyst to achieve efficiency, value for money in commercial activities, and improved success in the delivery of programs and projects.

The goal wasn't to create a proprietary product that could be commercialised; rather, it was to gather best practices that could assist with what the government recognised was an increasing dependence within the government on IT combined with a painful lack of standard procedures that were increasing costs and allowing errors to perpetuate. It quickly became apparent that distributing these best practices would profit both public and private-sector organisations.

The books weren't authored by CCTA personnel, nor are they now, although the Crown holds copyright, and owns the names ITIL and Information Technology Infrastructure Library. Instead, experts in each discipline produce the text, which is then rigorously reviewed, first by the ITIL Advisory Group, then by reviewers recruited from the ITIL community in a formal quality-assurance process before publication.

Over the years, ITIL's credibility and utility became recognised, until now its practices have contributed to and are aligned with the ISO/IEC 20000 Service Management standard, the first international standard for IT service management; it is based on British standard BS15000.

Page Break

What's in the ITIL books?

What's in the ITIL books?

The original 30 books were condensed in 2000 (when what's known as ITIL v2 was launched) into a more manageable seven, each wrapped around a facet of IT management. The seven books are:

  • Service Support

  • Service Delivery

  • Planning to Implement Service Management

  • ICT Infrastructure Management

  • Applications Management

  • Security Management

  • The Business Perspective

Within some categories is a series of related sub-topics.

Service Support: The identification and recording of IT configuration items, and processes around handling changes, problems and incidents are described. Sub-topics include:

  • Service Desk: How to establish and run a service desk as the central point of contact for users.
  • Incident Management: After something has gone wrong, how to restore normal operations as quickly as possible.

  • Problem Management: First, you diagnose root causes of incidents reported by the service desk; then, you arrange changes in the IT infrastructure to prevent their recurrence.

  • Change Management: Discusses processes and procedures to ensure prompt, efficient and controlled handling of changes.

  • Release Management: Planning of new releases so both IT and non-IT requirements are considered.

  • Configuration Management: How to identify, control, and maintain records of the configurations of items and services.

Service Delivery: ITIL covers aspects of the actual delivery of the services. Sub-topics include:
  • Availability Management: How do you maintain the availability of services to allow a business to function effectively?

  • Capacity Management: Best practices in predicting future needs.

  • IT Service Continuity Management: After a disaster or other business interruption, how to manage service continuity to agreed-upon levels.

  • Service Level Management: Establishing, monitoring, and reporting IT achievements and establishing ways to eliminate poor service.

  • Financial Management for IT Services: Budgeting, accounting and charging for IT services.

Single topic volumes:

  • ICT Infrastructure Management: Management of infrastructure, from equipment to services.

  • Application Management: The software development lifecycle is covered, emphasising clear requirements, definitions and implementations to meet business users' needs.

  • Planning to Implement Service Management: Where do you start when planning to implement ITIL? This book offers guidance.

  • Security Management: The means by which you can keep your infrastructure secure.

  • The Business Perspective: This volume aims to help business managers understand the issues in service provision. It covers business relationship management, partnerships and outsourcing, continuous improvement, and the exploitation of information, communication and technology (ICT) for business advantage. It consists of three books:

    • — In Times of Radical Change
    • — Surviving IT Infrastructure Transition
    • — Understanding and Improving

    At the end of 2005, the OGC announced plans for a refresh of the ITIL volumes. In its statement, it said, “Our overwhelming driver for this refresh is to keep the guidance up-to-date such that ITIL continues to be 'fit for purpose' as the most widely accepted approach to IT service management in the world.”

    Authoring of the books in ITIL v3 was completed in late 2006, and the review of the content is under way. The new ITIL, with associated certifications, is expected to be released sometime in 2007. It is again being condensed, moving from seven core volumes to five.

    OGC also announced that it will pursue the development of Web-based resources for current and aspiring ITIL users.

    Page Break

    What do I do with ITIL?

    What do I do with ITIL?

    ITIL is a collection of books, but merely going on a reading binge won't improve your IT operations. First, you have to wrap your brain around the concepts and then get staff buy-in. Getting some IT personnel to adopt new procedures can be like herding cats, but there are tools that can help.

    Along with ITIL comes a whole suite of consulting, training and certification services. You won't, however, see the same company delivering the whole thing; certification has been deliberately separated and is in the hands of one of two independent bodies: EXIN and ISEB, depending on your location. The two bodies formed an alliance at the end of 2006 to further IT service management.

    The starting point, typically, is the Foundation Certificate. That initial certification gives the holder an understanding of basic ITIL concepts, provides the necessary vocabulary and introduces core areas.

    This certification, or at least the course of study leading to it, can prepare IT staff and management to use the practices described in ITIL. It provides the basic vocabulary (a “problem” and an “incident” are two different things in ITIL-speak, for example) that lets staff communicate accurately and resolve issues more quickly.

    The common vocabulary alone is often worth the price of admission. Think how often miscommunication delays or torpedoes solutions to problems when two parties — both convinced that they understand the same instructions — head off in opposite directions.

    When, for example, you're merging IT departments and infrastructures after an acquisition or dealing with a foreign outsourcer, getting all staff to comprehend what you want — and to understand each other — is half the battle.

    How can ITIL improve a company's business performance?

    How can ITIL improve my company's business performance?

    A well-run IT organisation that manages risk and keeps the infrastructure humming not only saves money, but it also allows the business people to do their jobs more effectively. For example, brokerage firm Pershing reduced its incident response time by 50 percent in the first year after restructuring its service desk according to ITIL guidelines, allowing users with problems to get back to work much more quickly.

    ITIL provides a systematic and professional approach to the management of IT service provision, and offers the following benefits:

    • reduced IT costs

    • improved IT services through the use of proven best practice processes

    • improved customer satisfaction through a more professional approach to service delivery

    • standards and guidance

    • improved productivity

    • improved use of skills and experience

    • improved delivery of third-party services through the specification of ITIL or BS15000 as the standard for service delivery in services procurements.

    Page Break

    What does ITIL cost?

    What will this cost?

    Getting started involves the purchase of ITIL, in hard or soft copy either from ITIL directly or from many other book resellers. Then there's the cost of the training. The course leading to the initial Foundation Certificate typically runs for two days, and courses leading to higher certifications can be a week or more.

    Add to that the inevitable cost of re-engineering some processes to comply with ITIL guidelines, and adjustment of help desk or other software to capture the information you need for tracking and generating metrics. There is, by the way, no such thing as “ITIL-compliant” software; ITIL is a framework, not a standard. Some help desk and management software has been engineered with ITIL practices in mind, however, and so will lend themselves better to teams working within the framework.

    How long will an ITIL project take?

    How long will an ITIL project take?

    ITIL is not a “project”; it's an ongoing journey to improve IT service management. Best practices have to be baked into everything, and they have to evolve as the enterprise evolves. With IT staff buy-in, changes can begin once staff are trained, and some results should be apparent within weeks or months. Process changes do take time, however, as entrenched bad practices are rooted out and modified (and, potentially, staff changes occur), but many companies have reported substantial savings after their first year.

    What savings can I expect?

    What savings can I expect?

    Corporations and public sector organisations that have successfully implemented ITIL best practices report huge savings.

    For example, in its Benefits of ITIL paper (PDF), Pink Elephant reports that Procter and Gamble saved about $US500 million over four years by reducing help desk calls and improving operating procedures. Nationwide Insurance achieved a 40 percent reduction in system outages and estimates a $US4.3 million ROI over three years, and Capital One reduced its “business critical” incidents by 92 percent over two years. For example, after three years of ITIL implementation, forest products company MeadWestvaco claimed to have eliminated more than $US100,000 annually in IT maintenance contracts and recognised a 10 percent gain in operational stability thanks to ITIL.

    Without buy-in and cooperation from IT staff, however, any implementation is bound to fail. Bringing best practices into an organisation is as much a PR job as it is a technical exercise.

    Page Break

    What changed in ITIL V3?

    What changed in ITIL V3?

    ITIL V3, released on May 30, 2007, has cut the number of books and modified the focus of ITIL. It is now viewed as a service lifecycle. The core content is collapsed into five volumes:

    • Service Strategy — focusing on providing guidance on how to leverage service management capabilities that effectively deliver value to customers.

    • Service Design — translates plans and objectives into action items.

    • Service Transition — looks at how the design delivers the intended strategy, and whether it can be effectively executed. Change management is an important component.

    • Service Operation — this is the day-to-day service management guidance.

    • Continual Service Improvement — performance measurement and improvement through the life of the service.

    An initial volume, The Official Introduction to IT Service Management, sets the stage. Each may be purchased in hard copy, in PDF soft copy, or in an online subscription for individual or concurrent users. According to the official Web site, the changes to ITIL may be summarised thusly:
    • Where V2 talked about business and IT alignment, V3 emphasises business and IT integration.

    • Where V2 talked about value chain management, V3 emphasises value network integration.

    • Where V2 talked about linear service catalogues, V3 emphasises dynamic service portfolios.

    • Where V2 talked about collection of integrated processes, V3 emphasises holistic service management lifecycle.

    ITIL V3 also provides much more “how-to” guidance to assist in actually using the best practices. Each core book includes information on tools, recommending which processes it makes sense to automate, and suggesting criteria to use when selecting a tool. As promised by OGC, no prior certifications are voided by the advent of V3, but new V2 certification is being phased out over the next year, and update courses will be made available for those certified under V2 who wish to learn about the differences in V3.