Follow us

What’s Wrong with IT Service Management Maturity Assessments?

By | March 22, 2016 in ITIL

ITSM maturity assessment

As an IT service management (ITSM) consultant, customers sometimes start by asking me to carry out a maturity assessment. They usually tell me that they want to know how they compare to other similar organizations, and how they rate against an industry approved scale.

There’s nothing wrong with that, is there?

When I was less experienced I assumed that my customers understood what they were asking for, and knew why they wanted it, and my job was simply to carry out the assessment that had been requested. I even developed tools to help me deliver consistent maturity assessments based on the ITIL service management process maturity framework, which can be found in Appendix H of ITIL Service Design, 2011 edition. But I know better now. I have learned to ask more searching questions, so that I understand what my customers’ real goals are, and then provide a properly focused assessment that will help to solve their problems.

Assessments Can Be Valuable

So, what’s wrong with maturity assessments? And is there something more valuable that you can and should do instead? To answer these questions we need to start by thinking about why an assessment might be needed in the first place. What is it for, and what value does it create?

Many customers ask for assessments because they are planning improvements. It’s just good sense. If you’re planning to make improvements, then you need to understand what you are currently doing, for a number of reasons:

  • To identify, and help prioritize, the things that need to be fixed
  • To create a baseline so you can monitor progress over time
  • To define success criteria so you can measure and report the impact of your improvements

An assessment carried out at the beginning of your improvement journey can help with all three of these.

But does it need to be a maturity assessment, per se? In case you are unfamiliar, a maturity assessment provides a score based on comparing what you do with a pre-defined set of management best practices. It typically provides a score on a scale from 1 (least mature) to 5 (most mature). The best known maturity assessment model is CMMI (Capability Maturity Model Integration).

So suppose I tell you that your current maturity level is 2. That’s pretty limited even in terms of providing a baseline, and it definitely doesn’t help identify and prioritize the things you need to fix. Even in terms of success criteria, it’s not very useful. Would increasing your maturity to level 3 be a good thing? Why? What value would that deliver to your customers?

Here are some of the things that can be a much more useful focus for assessment than maturity:

  • Customer satisfaction: How happy are your customers with the services you deliver? What are the trends?  What are the issues that they feel most strongly about? What do they currently like about your services? If you’re intending to make improvements, then you’d better make sure your changes have a positive impact on how your customers feel – and you’d better make sure you preserve the things that customers like.
  • Service outcomes: How well do your IT services help your customers achieve their business goals? It’s not enough to focus on your service output (what the service delivers).  You need to focus your efforts on thinking about how your customers use the service and how this creates value for them (what the customers achieve). Improvements that result in better service outcomes are the ones that really make a difference.
  • SLA Achievements: Most IT organizations have service level agreements (SLAs) that document the things they have agreed with their customers. It’s important to measure how well you are delivering these and to monitor trends over time. Such measurements can be a good indicator of how effective your improvements are – but remember that customer satisfaction and service outcomes are what really matter. It is almost always a bad idea to prioritize SLA achievements over these.
  • IT staff competence: Everybody says that good IT services depend on people, process, products, and partners – but we sometimes neglect the people element. Do your employees have the knowledge and ability to carry out their roles and deliver agreed services? What plans are in place to ensure that you have the skills and competence you’re going to need in the future? This isn’t just about technical skills, but about all the different capabilities you need in your staff.

Once you have reviewed these aspects of your organization, you may want to consider reviewing the effectiveness and efficiency of your ITSM processes. A process assessment can help to identify things that need to be improved – and even more importantly, it can help to identify things that are good so you can encourage people to do more of them. But don’t get too focused on internal goals and metrics; it’s how well you’re meeting your customers’ needs that counts. If your improvement activities stay focused on that, then you can be sure you’ll never lose sight of what’s important.

If you still want to carry out a maturity assessment then you should read this blog by SysAid CEO Sarah Lahav, for another viewpoint.

Image credit

Stuart Rance

About Stuart Rance

Stuart is an ITSM and security consultant, working with clients all round the world. He is one of the authors of ITIL 4, as well as an author of ITIL Practitioner, ITIL Service Transition, and Resilia: Cyber Resilience Best Practice. He is also a trainer, teaching standard and custom courses in ITSM and information security management, and an examiner helping to create ITIL and other exams. Now that his children have all left home, he has plenty of time on his hands for contributing to our blog - lucky us!