I was recently reminded of something that Malcolm Fry – a well-known expert in the IT service management (ITSM) community – said at the Service Desk and IT Support (SITS) event in the UK many moons ago:
“When are we going to stop lying? No one is going to do all of ITIL”.
I've known Malcolm for a long time now, and we agree on so many things, and this is definitely one of them.
This article looks at how the ISO/IEC 20000 international standard for ITSM can help organizations to make the most of ITIL best practice or any other approach.
Why do we make it so hard to consume ITSM best practice?
Despite Malcolm’s comment – which was probably heard by far too few people – many IT organizations get pushed to “implement” ITIL, and don't know how to do it.
Leaving to one side for a moment the argument that you can't “implement” ITIL because it’s only guidance on good practice, many faced with the challenge start by looking at the core ITIL 2011 books (all 5 of them). And anyone faced with this extensive body of knowledge would be forgiven for being overwhelmed by the sheer size and volume of content.
In the past, I've told people to get a life and not bother reading the ITIL books (slightly tongue-in-cheek but with a serious message). I'd like to take this a bit further and provide some practical advice for those being challenged to “implement” ITIL.
Start with the ISO/IEC 20000 standard
Start by ignoring ITIL for a moment and look at the ISO/IEC 20000 standard – it’s a much easier read. Part 1 only has 26 pages of content and this is the only bit you need at this stage. Plus, you don't even need to read it – you can find a qualified ISO/IEC 20000 consultant to talk you through it and articulate the value and benefits in an hour. We usually do this for our customers free of charge.
I usually describe ISO/IEC 20000 as being the minimum level at which you can demonstrate you’re competent at ITSM. It’s not designed to be the absolute pinnacle of best practice, it’s supposed to be what you need to be able to demonstrate that you adequately support your organization.
If you don’t measure up against the requirements of the standard, then you need to improve – and to do it quickly.
Consider taking a business service management approach
Business service management (BSM) is about understanding how the corporate technology function supports their business colleagues and customers. ISO/IEC 20000 requires you to demonstrate how well you do this, and therefore can be seen as a necessary step in BSM.
However, it’s not just a “tick in the box” exercise – you get real value from using ISO/IEC 20000 as it includes the most necessary parts of an effective ITSM capability. Many might find ITIL 2011 too difficult (which is something I’m hopeful the upcoming ITIL update will address) and most organizations will never need to do all of ITIL (which is why ITIL has always been sold as “adopt and adapt”).
Remember that ITIL is suggested good practice, it’s not designed to be implemented, it’s there as guidance. So, use the bits that help you and ignore the bits that don’t.
Using ISO/IEC 20000 and ITIL
ISO/IEC 20000 might be much more useful to you in initially developing your ITSM capability and delivering improved and tangible value to your organization and customers.
The standard is framework agnostic, so you could use it even if you don’t use ITIL at all. The language and structure is based on ITIL, but applies equally well to VeriSM, COBIT, IT4IT, or other approaches, individually or in combination as part of an Integrated Management System (what VeriSM would refer to as the “Management Mesh”). In effect it specifies the minimum amount of ITSM capability you need to be a competent service provider (internal or external).
So, in my opinion, it’s an excellent place to start, and could just give you exactly what you need to meet business, customer, and IT needs/demands and help realize significant benefits in terms of efficiency and effectiveness across your organization (through the use of ITSM best practice).
In fact, if you are – like many IT organizations – looking to undertake an ITSM capability/maturity assessment prior to your planned ITSM improvement activities, it’s worth getting an assessment of where you are against the standard.
This can act as a baseline for your continual service improvement (CSI), and it typically only takes a couple of days to perform. This will tell you exactly where you are in your ITSM/BSM maturity, and identify many opportunities for benefits and value (efficiency and service quality improvements, cost reduction, etc.). So, why wouldn't you do it?