Home > General Security > Adopting the ITIL Part 2

Adopting the ITIL Part 2

‍‍August 27th, 2009 - ז אלול תשסט Leave a comment Go to comments
This entry is part of a wonderful series, [slider title="ITIL"]Entries in this series:
  1. Introduction to ITIL Part 1: What is ITIL? By David Moskowitz
  2. ITIL Series Part II: Benefits of the ITIL
  3. Adopting the ITIL Part 1
  4. Adopting the ITIL Part 2
  5. Article 5 in the ITIL Series: Certification
  6. Article 6 in the ITIL Series: ITIL Q & A
  7. The Value in ITIL Certification | ITIL Part VII
[/slider]

 

In this, his fourth article in the series, my friend, David Moskowitz, continues an elaborates his discussion of ITIL.  Enjoy. 

 

Article 4 in the ITIL Series: Adopting the ITIL Part 2

By David Moskowitz

This is the second part of Adopting the ITIL (Part 1 of Adopting the ITIL can be found here). It continues an approach to the ITIL adoption that suggests using aspects of Continual Service Improvement (CSI) and Service Transition (ST), two of the five core ITIL books.   Organizational change is a foundation for adopting the ITIL. Don’t take our word for it, consider this from the CSI volume: 

Improving service management is to embark upon an organizational change programme. Many organizational change programmes fail to achieve the desired results. Successful ITSM requires understanding the way in which work is done and putting in place a programme of change within the IT organization. This type of change is, by its very nature, prone to difficulties. It involves people and the way they work. People generally do not like to change; the benefits must be explained to everyone to gain their support and to ensure that they break out of old working practices."

 
Also worth consideration is this from the Service Transition book:
  • Organizational and stakeholder change – Reflecting the holistic nature of change that Service Transition must be based on, organizations do not transform their IT service by only changing the IT services. Modern innovations mean that the organization itself will also inevitably change to make use of the new and changed services available.
  • Communications – One of the major traditional weaknesses in Service Transition has been the inability to deliver sufficient prompt understanding of the implications, benefits and usage of IT services.

While expressed in the context of change and Service Transition, that’s exactly what an ITIL adoption effort is. One of the topics discussed in the Service Transition volume is changes to organizational culture. One of the steps to adopt the ITIL is to form a (Service Transition) Team:

"The Service Transition team will soon become familiar with the need to change attitudes and the operation of converting culture…. It is important the Service Transition team members are capable of understanding the impact of their work on others, and therefore tailoring their own approach to the stakeholder audience. Ultimately, the Service Transition team’s goal is to build enthusiasm and commitment to the change, while ensuring that all stakeholders are clear about how the changes will impact themselves, and what will be expected of them in the coming months."

This provides a basis for not only how to improve services and process, but also how to introduce and adopt the ITIL. It starts with management commitment that includes funding and moves quickly toward understanding of the process to adopt the ITIL. As suggested in the quotations above, people are uncomfortable with change. Some people will attempt to torpedo the effort if they don’t thoroughly understand the benefit and the goal as it relates to them, personally. This makes communication and stakeholder involvement critical aspects of successfully adopting the ITIL. 

 

ITIL Indicators, Contra-Indicators & Questions

Indicators that Adopting the ITIL will Provide Benefits

Are there specific indicators that your organization should consider adopting the ITIL?  We mentioned some of them at the end of the second article in this series and repeat them here with some additions. Note this is not intended to be a complete list.
  • Firefighting (usually based on changes that cause disruption to the production environment or don’t work as planned). The typical result, instead of working on new services or new productivity, the staff spends more time on the correcting issues associated with one or more changes.
  • Users unhappy with support (or lack thereof) from IT. 
  • User unhappy with deliverables…  exellent quality code that doesn’t do the right things
  • Performance and/or availability of services don’t meet user expectations (or needs)
  • Services cannot scale to meet growing demand
  • Everything sort of works, but users are not happy with or don’t trust that IT understands or can really meet business needs
    • Corollary: Business side believes IT doesn’t listen or doesn’t get it.

Contra-indicators

Similarly, there are contra-indicators or anti-patterns that suggest now isn’t the right time. They include but are not limited to:
  • Heroes required for survival and the culture cannot (will not) adapt no matter what is tried.
  • No management commitment or support.
  • Management belief or expectations that this is a short term fix, not an ongoing process
  • Thinking, in the organization, that believes it’s about fixing (or adding) IT processes
  • Thinking it’s an IT-only effort
  • Let’s Do it, or Implement it
  • Lack of understanding that the ITIL represents a closed-loop system to achieve IT Service Management (ITSM)
  • Organizational inability to manage or deal with complexity
  • No vision (nor desire to create one) regarding what the organization will be like as progress is made toward ITSM
  • The organization does not tolerate, accept, or support open communication
  • Failure to accept that adopting the ITIL to achieve ITSM requires a holistic approach that requires IT and the business to work hand-in-hand.
    • The corollary to this is an IT organization that won’t accept that ultimate goal: create value for the business. 
  • Stakeholders resistant to change regardless of whether or not they understand the benefits. This usually has some basis in fear.
    • Corollary fearful organizations, organizations where people are afraid to say anything or afraid of repercussions have other issues to address before considering adopting any best practice framework.
 
These aren’t the only indicators, but I suspect you get the idea. If the business users don’t view IT as an asset to the business (ask them, that’s the only way to know for sure), then adopting the ITIL might be a way to remedy the situation. If any of the contra-indicators are present, the place to start the path toward ITSM is by addressing the associated organizational and people issues.
  

Questions

If your organization is a candidate…
 
The questions we included in first article about adopting the ITIL and the questions that follow are suggested by the ITIL Continual Service Improvement Model (shown in bold below):
  • What is the mission, goal, big picture?
    • What is the ultimate goal as articulated in the business case for the effort
    • Is there management understanding and commitment that this isn’t a quick fix

  • Where are we now?

    • What is an honest baseline assessment of the current state?
    • What does the organization do correctly?
    • What misses the mark? What can be done better? How do we keep some things from happening again?
    • What is the cost of not changing, or not transforming?
    • What process are in place (do you have a current process inventory)? How are these processes documented (are they documented)?
    • What IT services are offered (again, do we have an inventory, is there a service catalog)?
    • How is knowledge shared, or made available throughout the organization?
    • Are we creating sacred cows that can’t be touched (that shouldn’t be off limits)?

  • Where do we want to go?

    • What are the incremental goals to get to the larger mission? What priority should be associated with each?
    • Where do we get a measurable ROI?
    • Have you attempted to balance short-term wins withing the context of a longer term strategic objective?
    • How do we avoid the paralysis of analysis?

    • Did you apply MoSoCoW rules to establish priorities?

      • M is Must have or it doesn’t meet minimum requirements for success
      • S is Should have, it’s important, may be vital, but I can live without it, for now
      • C is Could have, it’s would be nice if you can get to it, but…
      • W is Won’t have in this iteration or this version (With the understanding that Should, Could, & Won’t get promotions / re-evaluated as needed.)

  • How are we going to get there?

    • Who owns this improvement? Who owns accountability for success?
    • Who is responsible to do it, what teams or groups?
    • Who can help with the effort (internal, external or both)? Who has information we can use?
    • How will information be communicated so that everyone who needs to be is in the loop?
    • Who needs to be in the loop (and there has to be a good reason for exclusion)?
    • How will the effort be organized? How will the effort be managed?  It’s not a project; it is about organizational change!
    • Are stakeholders engaged?
    • What type governance will be used? How will governance be handled?
    • Make sure process leaders are properly trained? Do you have a plan to create (or become) a Subject Matter Expert (SME) in the various processes and frameworks (e.g., the ITIL, COBIT, ISO 20000, etc.)?
    • Is the effort broken into manageable, measurable phases? What are the critical success factors (CSF)and key performance indicators (KPI)?

  • Did we get there?

    • What are the measurable targets, expressed in business not technical terms? Are they unambiguous targets? Are they realistic to allow success, or are they set so high to prove failure?
    • Is there clear buy-in and acceptance that the targets are valid?
    • How will the targets be measured in business terms?
    • What specific business-based metrics are used to measure progress? Did we hit (or miss) KPIs (also business-based)?
    • Was the communication effective?
    • What is everyone perception of the process, to date?

  • How do we keep the momentum going?

    • It’s not about processes; it is about life cycle. What’s next? How do we get the next win (what does that mean to your organization)?
    • What types of incremental improvements should make to what we’ve done so far to make it better?
    • What’s the next thing we have to add that’s consistent with the overall vision
    • Does the vision mission need to be modified and…
    • …start from the top… again.
 
Again, this list of questions isn’t intended to be complete, it’s here as a basis for thinking, planning, and execution.

Now what??

There must be a business purpose driving the effort — it’s about the business, not about the technology. The core champions of the effort really need to be subject matter experts (SME) in the impacted business and impacted IT areas. This isn’t a single person, rather the suggestion here is that both business and IT have a stake in the outcome and should be champions of the effort. In addition, this doesn’t mean they all have to be certified in the ITIL, but it would not hurt. We’ll cover certification in the next article. These individuals should have the management authority and visibility combined with a long term view and commitment to the transformation.

I’m not suggesting that moving to an ITSM-centric viewpoint is easy, trivial or a short duration project. Is it something the organization can do on its own? I do know that it’s likely to be easier with help. The key, it’s not about, Doing Implementing. The extracts from the CSI and ST volumes say, in effect, that, "Doing ITIL isn’t about doing ITIL." It is about ITSM as a discipline. I’ve talked about ITSM in every article. The ITIL definition of IT Service Management (from the Service Transition volume) is simple (though not easy):A set of specialized organizational capabilities for providing value to customers in the form of services. Where "capabilities" take the form of the right teams of people and appropriate tools/technology combined with processes to manage IT services over their lifecycles.

See the side bar for some indicators, and contra-indicators, to determine if your organization is a candidate to consider adopting the ITIL as a means to achieve IT Service Management. The same posting also include some sample questions to ask about the effort. 

One of the first steps is to evaluate where the organization currently is either using an internal assessment or a standard assessment (e.g., ISO 20000 or CMMi). it also means that people in the organization will need to understand what the ITIL REALLY is and represents.
 

 

Adoption of the ITIL is About Customer Value

Consider the following Short excerpts from the CSI volume:

"(The CSI) volume provides instrumental guidance in creating and maintaining value for customers through better design, introduction and operation of services."

The stated purpose for the CSI volume is:

"This publication aims to provide practical guidance in evaluating and improving the quality of services, overall maturity of the ITSM service lifecycle and its underlying processes, at three levels within the organization

  • The overall health of ITSM as a discipline
  • The continual alignment of the portfolio of IT services with the current and future business needs
  • The maturity of the enabling IT processes required to support business processes in a continual service lifecycle model."
 
In other words, "improvement" is aimed at creating value for customers either for organizations starting adoption of the ITIL or for those that already have and are still striving to create more value for customers.
 

If you’ve been involved in any re-engineering effort, then the process of adopting the ITIL should seem similar. The first step is to identify the pain points. If your Change Management process is causing the most pain (measured in failed changes, lost work due to firefighting changes, can’t keep up with the volume of changes necessary to stay competitive or meet customer expectations, etc.), then that is probably the place to start. Individual pieces of the adoption effort can (should) be handled as projects. Once each project concludes, use principles from the ITIL V3 Continual Service Improvement (CSI) and Service Transition volumes to refine and refactor what you’ve put in place to make it better. In other words, USE the ITIL to improve your approach to ITSM. Specifically, use principles from the CSI book to figure out where to start (i.e., what to improve, first or next) and the material from the ST book to manage the change — both from the perspective of, …providing value to customers in the form of services.

 

Consolidated Suggestions

Start with an assessment to determine if the organization needs to consider adopting the ITIL as well as determine the organizational readiness for the effort. Typically organizations progress through 5 stages (from CMMi):
  1. Initial: random, chaotic, ad hoc
  2. Repeatable: emergence of repeatable processes and some predictability of outcomes.
  3. Defined: Processes are recorded, defined and validated as a standard process.
  4. Managed: Processes are managed according to the business-based metrics evolved in level 2.
  5. Optimized: Processes happen and work. There’s the addition of planned process optimization/improvement.
 
Management commitment is critical to the long term success of any organizational change, adopting ITIL to achieve ITSM is no different. This also requires a long term vision regarding what the organization must become.
 
Be sure the effort has the proper drivers (business, not technology). Make sure the customer value proposition for the effort is understood, agreed and communicated to all stakeholders. In other words, make sure the proper (business-based) end state has appropriate buy-in. A feedback and open communication mechanism between all stakeholders and participants is required.
 
It’s not about "doing" or "implementing" ITIL, it’s about adopting the ITIL to achieve ITSM.
 
Use the ITIL volumes as one source to help with the adoption process. We’ve talked about the CSI and ST volumes. Every volume contains appropriate guidance to adopt an area of the ITSM Lifecycle. 
 

Coming attractions: next week – Certification (including its role in the ITIL adoption efforts) and then Good, the Bad and… answers to your questions.

 
Comments or suggestions, please contact me
david.moskowitz@gmail.com
  
 
 

Permalink

Categories: General Security Tags: , , ,
CAPTCHA Image
*