1
2
3
4
5
6
7
1972: IBM starts research on quality service delivery called Information
Systems Management Architecture (ISMA).
1980: IBM publishes Volume I of the IBM Management series titled "A
management System for the Information Business", first public edition of
ISMA.
1986: CCTA authorizes a program to develop a common set of operational
guidance with the objective of increasing efficiencies in Government IT.
1988: "Government Infrastructure Management Method (GITMM)", is
formalized and issued as 'guidelines' for Government IT operations in the UK
focused on Service Level Management. Same year, the development team
was expanded and work continued on Cost, Capacity, and Availability.
1989: GITMM title is inadequate. It is not a method, (last M), and it should
lose its G letter in order to be marketable out of government. Renamed to
ITIL.
1989: First 'ITIL' book published, Service Level Management, then Help
8
Desk (incorporating the concepts of Incident Management), Contingency
Planning, and Change Management. Books had 50-70 pages.
1990: Problem Management, Configuration Management and Cost
Management for IT Services published.
1991: Published - Software Control & Distribution, on 89 pages.
1992: Availability Management, 69 pages.
1996: (July) First ITIL Service Manager class delivered in US by US company,
ITSMI, 16 attended, 10 candidates, nine passes, one distinction, first US
company authorized as an ITIL accredited course provider - ITSMI.
1997: Customer focused update to the Service Level Management book, 106
pages.
1997: ITIMF legally becomes what we know today as the IT Service
Management Forum (itSMF UK).
2000: Service Support V2 published, 306 pages.
2001: Service Delivery V2 published, 376 pages.
2001: CCTA became a part of the Office of Government Commerce (OGC)
2002: Application Management, 158 pages, Planning to Implement IT
Service Management, 208 pages and ICT Infrastructure Management, 283
pages, published.
2003: Software Asset Management, 146 pages, published.
2004: Business Perspective: The IS View on Delivering Services to the
Business, published, 180 pages.
2006: (June) ITIL Glossary V2 published
2006: (June) APM Group Limited announced as preferred bidder of ITIL
accreditation & certification program, over the itSMF International (expectant
winner)
2007: (May) ITIL V3 five core books published.
2011: (July) ITIL 2011 update published.
Let's analyse this timeline a bit:
ITIL V1 was rather similar to IBM's ISMA, especially in support/delivery
8
domain. Core ITIL V2 books did not differ much from ITIL V1. Only a few
processes were altered slightly, but the focus and perspective was pretty
much unchanged. And this process lasted for some 20 years.
ITIL V3 approximately doubled the scope, almost tripled the number of
processes and functions and introduced a few new dimensions and
perspectives. We have the first set of core books now, but a lot of time will be
needed to develop all the complementary books, to groom and mature the
training materials and to polish best implementation practices.
ITIL 2011 books grew 57% in weight and 46% in number of pages due to
rewrite and redesign (larger font).
It all started under Margaret Thatcher, the prime minister of United Kingdom during
the eighties. The cost of IT in the government agencies was not in control with
disparate processes ruling the roost.
Central Computer and Telecoms Agency (CCTA) was commissioned to bring down
the cost and streamline processes across agencies. It took CCTA 4 years and 8 billion
pounds to come up with a set of best practices, it was called Government
Information Technology Infrastructure Management Method (GITIMM), conceptually
similar to ITIL®. Consultants who were taken on board this project visited a number
of private institutions (including IBM) to understand their processes, and how they
performed their IT related activities. The processes and activities were passed
through a sieve, and the best sets of processes were retained to give birth to ITIL®.
GITIMM, throughout the eighties and early nineties evolved to become ITIL® v1
which consisted of over 30 books.
In 2000, the United Kingdom's Office of Government Commerce (OGC) took over
CCTA, and a year later ITIL® v2 was released. V2 sub divided ITIL® as service support
and service delivery. Maintenance of services came under service support while
putting up a new service or modifying it came under service delivery. This version
consisted of 8 volumes.
The subsequent version - ITIL® v3 was published in May 2007, and it provides a
holistic view of services. It covers the entire lifecycle of a service – from the nascent
stages of strategies through design, transition to live environment and support when
services are active.
A major difference between v3 and its predecessors is the inclusion of a continuous
improvement phase in the former. This phases stresses on the need for continuous
improvement throughout the lifecycle of a service – which makes ITIL® much
stronger than what it was envisioned to be.
ITIL® v3 further reduced the number of books to 5, called as the core volumes.
Sometime last year, there were talks of ITIL® v4, but it turned out to be hoax in the
end.
8
Apart from the ISO/IEC 20000 standard, ITIL is also complementary to many other
standards, frameworks and approaches. No one of these items will provide
everything that an enterprise will wish to use in developing and managing their
business. The secret is to draw on them for their insight and guidance as
appropriate. Among the many such complementary approaches are:
Balanced scorecard: A management tool developed by Dr Robert Kaplan and Dr
David Norton. A balanced scorecard enables a strategy to be broken down into key
performance indicators (KPIs). Performance against the KPIs is used to demonstrate
how well the strategy is being achieved. A balanced scorecard has four major areas,
each of which are considered at different levels of detail throughout the
organisation.
COBIT: Control OBjectives for Information and related Technology provides guidance
and best practice for the management of IT processes. COBIT is published by the IT
Governance Institute.
CMMI-SVC: Capability Maturity Model Integration is a process improvement
approach that gives organisations the essential elements for effective process
improvement. CMMI-SVC is a variant aimed at service establishment, management
and delivery.
EFQM: The European Foundation for Quality Management is a framework for
organisational management systems.
eSCM–SP: eSourcing Capability Model for Service Providers is a framework to help IT
service providers develop their IT service management capabilities from a service
sourcing perspective.
ISO 9000: A generic quality management standard, with which ISO/IEC 20000 is
aligned.
ISO/IEC 19770: Software Asset Management standard, which is aligned with ISO/IEC
20000.
ISO/IEC 27001: ISO Specification for Information Security Management. The
corresponding code of practice is ISO/IEC 17799.
Lean: a production practice centred around creating more value with less work.
PRINCE2: The standard UK government methodology for project management.
SOX: the Sarbanes–Oxley framework for corporate governance.
Six Sigma: a business management strategy, initially implemented by Motorola,
which today enjoys widespread application in many sectors of industry.
8
9
10
1
0
11
12
13
14
15
The term ‘best practice’ generally refers to the ‘best possible way of doing
something’. As a concept, it was first raised as long ago as 1919, but it was
popularised in the 1980s through Tom Peters’ books on business management.The
idea behind best practice is that one creates a specification for what is accepted by a
wide community as being the best approach for any given situation. Then, one can
compare actual job performance against these best practices and determine
whether the job performance was lacking in quality somehow. Alternatively, the
specification for best practices may need updating to include lessons learned from
the job performance being graded.Enterprises should not be trying to ‘implement’
any specific best practice, but adapting and adopting it to suit their specific
requirements. In doing this, they may also draw upon other sources of good practice,
such as public standards and frameworks, or the proprietary knowledge of
individuals and other enterprises.
16
Apart from the ISO/IEC 20000 standard, ITIL is also complementary to many other
standards, frameworks and approaches. No one of these items will provide
everything that an enterprise will wish to use in developing and managing their
business. The secret is to draw on them for their insight and guidance as
appropriate. Among the many such complementary approaches are:
Balanced scorecard: A management tool developed by Dr Robert Kaplan and Dr
David Norton. A balanced scorecard enables a strategy to be broken down into key
performance indicators (KPIs). Performance against the KPIs is used to demonstrate
how well the strategy is being achieved. A balanced scorecard has four major areas,
each of which are considered at different levels of detail throughout the
organisation.
COBIT: Control OBjectives for Information and related Technology provides guidance
and best practice for the management of IT processes. COBIT is published by the IT
Governance Institute.
CMMI-SVC: Capability Maturity Model Integration is a process improvement
approach that gives organisations the essential elements for effective process
improvement. CMMI-SVC is a variant aimed at service establishment, management
and delivery.
EFQM: The European Foundation for Quality Management is a framework for
17
organisational management systems.
eSCM–SP: eSourcing Capability Model for Service Providers is a framework to help IT
service providers develop their IT service management capabilities from a service
sourcing perspective.
ISO 9000: A generic quality management standard, with which ISO/IEC 20000 is
aligned.
ISO/IEC 19770: Software Asset Management standard, which is aligned with ISO/IEC
20000.
ISO/IEC 27001: ISO Specification for Information Security Management. The
corresponding code of practice is ISO/IEC 17799.
Lean: a production practice centred around creating more value with less work.
PRINCE2: The standard UK government methodology for project management.
SOX: the Sarbanes–Oxley framework for corporate governance.
Six Sigma: a business management strategy, initially implemented by Motorola,
which today enjoys widespread application in many sectors of industry.
17
18
In many ways COBIT provides the “what” and ITIL shows the “how.”
When companies start with ITIL, they can then move to effectively integrating IT into
their core business processes. IT provides a support role to the organization similar
to HR or Purchasing, but a major difference is that IT is often constantly present
throughout the corporate operational cycle – whereas the other two only play a
specific role in given circumstances, or when needs arise. Therefore, it is relevant to
include IT in the entire operational cycle in a manner such that it can effectively
support it and add value to the business.
ITIL provides detailed advice on how to carry out several COBIT processes. Change
Management is an example where ITIL clearly defines a structure and a process to
accomplish it properly.
COBIT’s Principle 1 (Meeting Stakeholder Needs) includes the goals cascade
mechanism that enhances ITIL effectiveness (when both are present) by supporting
Service Management in: prioritizing Service Management improvement
opportunities; identifying its key activities; and acting as a means of justification for
improvement proposals by linking those to concrete organizational objectives.
COSO - The Committee of Sponsoring Organizations of the Treadway Commission
(COSO) is a joint initiative of the five private sector organizations listed on the left
19
and is dedicated to providing thought leadership through the development of
frameworks and guidance on enterprise risk management, internal control and fraud
deterrence. It guide executive management and governance entities on relevant
aspects of organizational governance, business ethics, internal control, enterprise
risk management, fraud, and financial reporting. COSO has established a common
internal control model against which companies and organizations may assess their
control systems. COSO is supported by five supporting organizations, including the
Institute of Management Accountants (IMA), the American Accounting Association
(AAA), the American Institute of Certified Public Accountants (AICPA), the Institute
of Internal Auditors (IIA), and Financial Executives International (FEI).
ISO/IEC 27002 is an information security standard published by the International
Organization for Standardization (ISO) and by the International Electrotechnical
Commission (IEC), titled Information technology – Security techniques – Code of
practice for information security controls.
ISO 9000 – quality management systems
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36