What Is ITSM?
Getting to grips with IT service management (ITSM) can be tricky, not just in terms of changing people’s mindsets and ways of working, but also in getting to grips with what ITSM is really all about. There’s a lot of information out there, plus there are many terms and acronyms that might not be as immediately understandable as they could be.
The cynical amongst you might also argue that what ITSM is and isn’t will depend on who is trying to use it, ranging from: a set of processes – such as incident management and problem management (definitions to follow below) – through to a fundamentally different way of delivering IT, based on services and serving the customers of those services.
ITSM has a number of definitions, available from a variety of sources. Let’s start with the ITIL (the ITSM best practice framework formerly known as the IT Infrastructure Library – more on this later) definition:
“The implementation and management of quality IT services that meet the needs of the business. IT service management is performed by IT service providers through an appropriate mix of people, process and information technology. See also service management.”
Source: ITIL 2011 Glossary
ITIL also defines service management as:
“A set of specialized organizational capabilities for providing value to customers in the form of services.”
A more customer-focused definition of ITSM was previously listed on Wikipedia, but is now no longer available:
“A discipline for managing information technology (IT) systems, philosophically centered on the customer's perspective of IT's contribution to the business. ITSM stands in deliberate contrast to technology-centered approaches to IT management and business interaction.”
Original source: Wikipedia
A completely different definition – and this time of “service management applied to IT” – is from The Universal Service Management Body of Knowledge (USMBOK) – a series of publications and references for professionals working in service provider organizations that supplements existing resources, such as ITIL, on both strategic and operational levels:
“Also termed service management thinking, service management is a systematic method for managing the offering, contracting and provisioning of services to customers, at a known quality, cost and designed experience. Service management ensures the desired results and customer satisfaction levels are achieved cost effectively, and is a means by which the customer experience and interaction with products, services, and the service provider organization is designed and managed. Service management is also a transformation method for any organization that wishes to operate as a service provider organization.”
So, in layman’s terms, ITSM is about:
- Meeting business needs
All this goes way beyond the traditional view of managing IT based on siloed technology domains such as network, storage, and compute; ITSM is about optimizing service delivery and the consumption of those IT services.
The Generic IT and Business Benefits from ITSM
Different information sources will list different benefits available with ITSM. Some will relate to the IT organization, some to the parent business, and some to both. A few examples are:
IT Organization Benefits from ITSM
- A better understanding of business requirements
- Repeatable and scalable best practice-based processes
- Defined roles and responsibilities, plus accountability
- Increased IT productivity through optimal processes and enabling technology
- Increased customer perceptions of IT and IT service delivery
- Better expectation management for business stakeholders and employees
- Increased control
- The ability to measure and improve IT performance
- The shortening of the incident lifecycle and potentially the prevention of incidents before they occur (where “incidents” are IT issues)
- The proactive identification of problems (repeat IT issues)
Business-Level Benefits from ITSM
- Better IT ability to react to the business’ need for rapid change
- Increased business productivity due to better IT service availability and performance
- Reduction in the business impact of incidents, including the negative financial implications of critical IT issues
- Increased IT cost efficiency
IT and Business-Level Benefits from ITSM
- Increased business alignment
- Increased IT service availability
- Increased visibility and understanding IT services
- The ability to better support compliance and regulatory requirements
Don’t Assume that ITSM Will Be New to Your Organization
Before we dive deeper into what ITSM is, it’s worth noting that you are probably already doing some ITSM activities – it’s just that you don’t necessarily call it ITSM. For example, any or all of the following are ITSM activities:
- Responding to, and fixing, infrastructure, application, or end-user IT issues – it’s incident management
- Providing new software or hardware, or access to network resources – it’s request fulfillment
- Providing “how to”-type assistance to end users – it’s also request fulfillment
- Managing changes to infrastructure and applications in a controlled way – it’s change management
- Monitoring network, hardware, and application availability – it’s event management
- Planning for future changes based on new technologies or changes in demand – it’s capacity management or even demand management
Many of your existing IT activities will map across to ITSM.
However, the difference between your current IT activities and formalized ITSM might be that:
- Activities are inconsistently undertaken – often only when time allows
- Processes aren’t formalized and interconnected where appropriate
- Processes haven’t accommodated industry best practice where available
- Activities might be manually intensive, without the aid of fit-for-purpose ITSM technology
So the adoption of ITSM might not always provide you with new activities, but it should always give you good, or best practice, advice on how to optimize your ITSM activities.
The Origins of ITSM
Many will point to the introduction of ITIL in 1989, with a set of best practice books, as the starting point for ITSM. However, there was much that preceded ITIL that could be considered ITSM – from both inside and outside the IT community.
So ITSM and service management is older than ITIL, although the term “IT service management” was not commonly used pre-ITIL. Much of the early IT-based ITSM thinking (albeit often referred to as IT operations or similar), and support, came from technology vendors/suppliers through the need to help their customers to use their technology. For example, in early large-scale mainframe environments it would be common to find configuration management, change management, problem management, capacity planning, availability management, and disaster recovery used to optimize operations.
Outside of IT, the concept of service management was, and still is, relevant to all service providers. The 1984 book “Service Management: Strategy and Leadership in the Service Business” by Richard Normann, often referred to as one of the foundations of service-based thinking and service management excellence, is another source of service management, and thus ITSM, advice.
So while ITSM owes a huge debt to ITIL, its origins can be found in both traditional IT operations’ best practices and the wider service provider community.
ITIL – the ITSM Best Practice Framework
ITIL is an ITSM best practice framework, formerly known as the “IT Infrastructure Library.” It is now considered to be the most popular source for ITSM information and advice.
ITIL is officially described as:
“… the most widely accepted approach to IT service management in the world. ITIL can help individuals and organizations use IT to realize business change, transformation, and growth.”
ITIL was built on the concepts of:
- Not providing IT per se; instead provide IT-based services that support and enable business processes
- Customers/end users consume IT as a service rather than as IT components or IT team outputs
- IT needs to be managed as a service
ITIL 2011 contains 26 ITSM processes, however, as with ITIL v3 and v2 before it, ITIL 2011 is designed to be used based on what is needed – an “adopt and adapt” approach rather than blindly trying to introduce all of its 26 ITSM processes.
ITIL also advocates that these IT services are aligned to the needs of the business and support its core processes. ITIL also helps IT service providers to understand demand, manage expectations, and ensure that service-delivery is fit-for-purpose. ITIL’s best practices are currently divided up between, and detailed within, five core books:
- Service Strategy – “A stage in the lifecycle of a service. Service strategy defines the perspective, position, plans and patterns that a service provider needs to execute to meet an organization’s business outcomes. Service strategy includes the following processes: strategy management for IT services, service portfolio management, financial management for IT services, demand management, and business relationship management.”
- Service Design – “A stage in the lifecycle of a service. Service design includes the design of the services, governing practices, processes and policies required to realize the service provider’s strategy and to facilitate the introduction of services into supported environments. Service design includes the following processes: design coordination, service catalogue management, service level management, availability management, capacity management, IT service continuity management, information security management, and supplier management.”
- Service Transition – “A stage in the lifecycle of a service. Service transition ensures that new, modified or retired services meet the expectations of the business as documented in the service strategy and service design stages of the lifecycle. Service transition includes the following processes: transition planning and support, change management, service asset and configuration management, release and deployment management, service validation and testing, change evaluation, and knowledge management.”
- Service Operation – “A stage in the lifecycle of a service. Service operation coordinates and carries out the activities and processes required to deliver and manage services at agreed levels to business users and customers. Service operation also manages the technology that is used to deliver and support services. Service operation includes the following processes: event management, incident management, request fulfillment, problem management, and access management.”
- Continual Service Improvement – defined by ITIL as “A stage in the lifecycle of a service. Continual service improvement ensures that services are aligned with changing business needs by identifying and implementing improvements to IT services that support business processes.”
All of these definitions are from the ITIL 2011 Glossary of Terms – a useful ITSM and ITIL resource, which is available in a number of different languages.
These five ITIL books map the entire IT service lifecycle, from the identification of customer needs and the drivers for IT requirements, through to the design and implementation of the necessary IT service or services, to the monitoring and improvement of the IT services.
In many ways, ITIL can ultimately be considered “documented common sense” for ITSM, and the effective management of IT, IT services, and IT service delivery.
The Origins of ITIL
ITIL was introduced on the back of the UK government’s disillusionment with the way that governmental IT was delivered in the latter half of the 1980s. The Central Computer and Telecommunications Agency (CCTA), now called the Office of Government Commerce (OGC), was tasked with developing a framework for the efficient, and financially-responsible, use of IT resources.
ITIL was originally just a set of books. But it didn’t take long for an ITIL ecosystem that involved consultancy, software, training, examinations, and membership-based ITSM organizations to appear. With such a vibrant ecosystem, ITIL was quickly adopted (and not just in the public sector) in Europe in the 1990s and spread worldwide in the 2000s.
It’s also worth noting that multiple versions of ITIL have developed over time:
- 2001 saw ITIL v2 emerge and the popularity of ITIL exams surge
- 2007 delivered the much larger ITIL v3
- 2011 brought ITIL 2011, a “refresh” of ITIL v3
Amazingly, over 2 million people worldwide now have ITIL qualifications.
Differentiating Between ITSM and ITIL
It’s not unusual for people new to ITSM and ITIL to confuse the two words, especially when those who are not new (to ITSM and ITIL) might use the two acronyms interchangeably.
An easy way to differentiate between the two is to think about horses versus animals per se, i.e. a horse is an animal, but not all animals are horses.
So ITIL is a view on how to do ITSM, but not all ITSM is ITIL.
For example, an organization might be happily using ITSM to its advantage, but without the use of ITIL, for instance where:
- No formal framework or methodology is used
- BiSL – the Business Information Services Library, a framework used for information management – is used
- COBIT – ISACA’s (an independent, nonprofit, global association engaged in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems) framework for the governance and management of enterprise IT – is used
- ISO/IEC 20000 – a service management system standard from the International Organization for Standardization (ISO) – is used
- MOF – the Microsoft Operations Framework – is used
- Six Sigma – a quality methodology, with tools and techniques for process improvement – is used
- TOGAF – an enterprise architecture methodology and framework – is used
- USMBOK – a series of publications and references for professionals working in service provider organizations – is used
Alternatively, organizations might use a variety of these frameworks, methodologies, and standards for best results. To help support this, AXELOS – the joint venture company responsible for ITIL – offers a number of white papers that describe how ITIL can be used in conjunction with other IT and ITSM frameworks, methodologies, and standards:
- ISO/IEC 20000: ITIL V3 and ISO/IEC 20000
- MOF: Cross-Reference ITIL V3 and MOF 4.0
- Six Sigma: Integrating Six Sigma and ITIL for continual service improvement
- TOGAF: TOGAF 9 and ITIL V3 Two Frameworks Whitepaper
ISACA has published a COBIT 5 process level mapping to ITIL in its “COBIT 5: Enabling Processes” publication. You can also find out more about COBIT by reading Joe the IT Guy’s An Introduction to COBIT blog.
The ITSM Processes Detailed in ITIL
ITIL 2011 offers up 26 ITSM processes and a number of functions such as service desk, with the 26 processes split across the five ITIL areas (and books):
- Strategy management for IT services
- Service portfolio management
- Demand management
- Financial management for IT services
- Business relationship management
- Design coordination
- Service level management
- Service catalog management
- Availability management
- Capacity management
- Supplier management
- IT service continuity management
- Information security management
- Transition planning and support
- Change evaluation
- Change management
- Release and deployment management
- Service validation and testing
- Service asset and configuration management
- Knowledge management
- Event management
- Incident management
- Request fulfillment
- Problem management, including root cause analysis
- Access management
Continual service improvement:
- Continual service improvement (CSI) – 7-step improvement process. You can find out more about CSI by reading The Help You Need to Adopt Continual Service Improvement.
While there are 26 discrete ITIL processes, the reality is that some ITSM and ITIL processes are adopted more than others.
As with most statistics, the numbers vary by who you ask, but in most cases, ITSM/ITIL process adoption levels tend to be in the region of:
- Incident management – circa 95%
- Change management – circa 75%
- Problem management – circa 60%
- With the other ITIL-espoused ITSM processes having adoption levels ranging from 10-50%
The Most Popular ITSM and ITIL Processes Defined
Note: In this section, all definitions are from the ITIL 2011 Glossary of Terms.
The service desk is an ITSM function that employs two ITSM processes – incident management and request fulfillment.
“The single point of contact between the service provider and the users. A typical service desk manages incidents and service requests, and also handles communication with the users.”
The service desk should help to shorten the incident lifecycle, i.e. to resolve incidents more swiftly, to maximize business productivity. It should also make better use of the potentially limited IT support and resolution group resource; with appropriate metrics and fit-for-purpose service desk or ITSM technology used to support and optimize both incident management and service request fulfillment. Ultimately improving customer service and business colleague’s perceptions of IT – the service desk, or IT help desk, is “the business’s window into IT” and a big contributor to how the internal IT organization is viewed by business peers.
“The process responsible for managing the lifecycle of all incidents. Incident management ensures that normal service operation is restored as quickly as possible and the business impact is minimized.”
An incident is defined as: “An unplanned interruption to an IT service or reduction in the quality of an IT service. Failure of a configuration item that has not yet affected service is also an incident – for example, failure of one disk from a mirror set.”
You can find out more about incident management by reading ITSM Basics: A Simple Introduction to Incident Management and 12 Tips For Getting Started With Incident Management.
“The process responsible for managing the lifecycle of all service requests.”
A service request is defined as: “A formal request from a user for something to be provided – for example, a request for information or advice; to reset a password; or to install a workstation for a new user.”
You can find out more about request fulfillment by reading 5 Service Request Catalog And Self-Service Tips.
“The process responsible for controlling the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services.”
A change is defined as: “The addition, modification or removal of anything that could have an effect on IT services. The scope should include changes to all architectures, processes, tools, metrics and documentation, as well as changes to IT services and other configuration items.”
The potential benefits of change management include:
- Real financial benefits – by reducing the number of incidents and problems caused by failed changes, and the associated adverse business impact
- Better management of changes – with improved insight and visibility, control, and potentially speed of change
- Better cross-team collaboration – resulting in improved change risk and impact assessment, and better change prioritization and scheduling
You can find out more about change management by reading What Is Change Management For? and ITSM Wars, Episode VII: The Standard Change Awakens.
“The process responsible for managing the lifecycle of all problems. Problem management proactively prevents incidents from happening and minimizes the impact of incidents that cannot be prevented.”
A problem is defined as: “A cause of one or more incidents.”
Problem management identifies permanent solutions and reduces the number of, and resolution time for, repeat incidents.
The potential benefits of problem management include:
- Less downtime and disruption to business-critical IT services and business operations, and a reduction in the opportunity cost of such disruptions
- A reduction in the cost of, and the effort invested in, fire-fighting or resolving repeat incidents
- Better use of scarce IT people resource, with reduced expenditure on workarounds or fixes that don’t work
You can find out more about problem management by reading Problem Management: No Problemo and Defining Metrics for Problem Management.
Service Catalog Management
“The process responsible for providing and maintaining the service catalog and for ensuring that it is available to those who are authorized to access it.”
A service catalog has traditionally been defined as: “A database or structured document with information about all live IT services, including those available for deployment. The service catalogue is part of the service portfolio and contains information about two types of IT service: customer-facing services that are visible to the business; and supporting services required by the service provider to deliver customer-facing services.” More recently though, the term has also been used to describe the capability to provide an employee portal and/or self-service capabilities to end users. This is sometimes also referred to as a service request catalog.
The potential benefits of service catalog management include:
- An improved customer self-service capability for request fulfillment
- More efficient workflow for, and management of, request fulfillment
- The ability to link to automation capabilities for both increased speed of provisioning and the associated cost savings
- Lightening the service desk’s service request-based workload, allowing greater focus on business-impacting incidents over potentially routine service requests
You can find out more about service catalog management by reading 5 Tips for Creating a Successful Service Catalogue and Self-Service: The Benefits and 5 Tips for Success.
Service Asset and Configuration Management
“The process responsible for ensuring that the assets required to deliver services are properly controlled, and that accurate and reliable information about those assets is available when and where it is needed. This information includes details of how the assets have been configured and the relationships between assets.”
The potential benefits from service asset and configuration management relate to how the collected and managed data is ultimately used, rather than from how much data has been collected, for example: to support the incident, change, problem, or capacity management processes. Thus, before starting on any configuration and/or asset management initiative, an IT organization must ensure that it fully understands why it needs to adopt configuration management, implement a configuration management database (CMDB) or configuration management system (CMS), and the data it needs to collect and manage.
You can find out more about configuration management by reading What’s the Point of Configuration Management? and Clearing Up the Myths of CMDB.
“The process responsible for sharing perspectives, ideas, experience and information, and for ensuring that these are available in the right place and at the right time. The knowledge management process enables informed decisions, and improves efficiency by reducing the need to rediscover knowledge.”
As with service asset and configuration management, the potential benefits of knowledge management are realized from the more effective and efficient operation of other ITSM processes – such as incident, change, problem, or capacity management – rather than by directly using the knowledge management process itself. After all, it’s knowledge use (or exploitation) rather than knowledge management that ultimately makes a difference to IT and business operations.
You can find out more about knowledge management by reading Knowledge Management Is Not Just About Document Repositories.
Service Level Management
“The process responsible for negotiating achievable service level agreements and ensuring that these are met. It is responsible for ensuring that all IT service management processes, operational level agreements and underpinning contracts are appropriate for the agreed service level targets. Service level management monitors and reports on service levels, holds regular service reviews with customers, and identifies required improvements.”
A service level is defined as: “An agreement between an IT service provider and a customer. A service level agreement describes the IT service, documents service level targets, and specifies the responsibilities of the IT service provider and the customer. A single agreement may cover multiple IT services or multiple customers.”
Beyond the obvious benefits of setting and managing customer expectations through SLAs, and identifying service improvements, service level management can also help to ensure that IT services actually meet customer needs and to better define the respective responsibilities of both service consumers and providers.
You can find out more about service level management by reading How Can You Create an SLA that Helps to Delight Your Customers?
Financial Management For IT Services
“The function and processes responsible for managing an IT service provider’s budgeting, accounting and charging requirements. Financial management for IT services secures an appropriate level of funding to design, develop and deliver services that meet the strategy of the organization in a cost-effective manner.”
Financial management for IT services is not just about cost cutting. While IT organizations and their parent businesses might initially benefit from reducing costs, the real value is in becoming more cost efficient, then cost optimized, and then finally being able to demonstrate business value – although these states aren’t mutually exclusive nor a necessarily a linear progression.
Differentiating Between IT Help Desk and Service Desk
Similar to the potential confusion between ITSM and ITIL, there are two other ITSM terms that can mean different things to different people – “IT help desk” and “service desk.”
The internal IT help desk – “the people you contact for IT support or information” – was born in the late 1980s/early 1990s to fix employee IT issues as they began to have more and more access to IT in the workplace. Interestingly, ITIL offers no definition for IT help desk, and it is not even mentioned in the five main ITIL books. On the flip side, most employees still think that they are calling the IT help desk when they have an IT issue no matter what the corporate IT organization call its IT support facility. The term “service desk” is probably totally alien to employees.
The service desk is an evolution of the IT help desk, based on ITIL and the management of IT as a service, where:
“A typical service desk manages incidents and service requests, and also handles communication with the users.”
Accordingly, a service desk does more than an IT help desk – in that it also deals with service requests – but it is often also differentiated by the adoption of an ITIL mindset and how the received end-user requests are handled, e.g. with service level targets and/or a more customer-centric approach.
The use of “service desk,” by corporate IT organizations, over “help desk” has continued to grow – probably as ITIL adoption has also risen – such that the 2012 HDI Practices and Salary Report (only available to HDI members) reported that service desk (at 32.3%) is now more frequently used than help desk (26.6%) or any other names for an IT support capability.
If you would like to read more on this, Joe the IT Guy has written more on the distinction between the two terms in his Are You An IT Help Desk Or An IT Service Desk? blog.
The Difference Between ITSM and Gartner’s ITSSM Terminology
You might also come across another related term: IT service support management (ITSSM). This has been created by IT research and advisory firm Gartner to define tools that support the most commonly adopted ITSM, and ITIL, processes:
“IT service support management (ITSSM) tools enable IT operations organizations, specifically infrastructure and operations (I&O) managers, to better support the production environment. ITSSM tools automate the tasks and workflows associated with the management and delivery of quality IT services to the business.”
Source: Gartner Magic Quadrant for IT Service Support Management Tools (25 August 2014)
ITSSM tools provide support for:
- Incident management
- Problem management
- Change management
- Service asset and configuration management
- Release and deployment management
- Service catalog management (from the 2015 Magic Quadrant onwards)
- Knowledge management
Along with many of the other ITSM solutions requirements such as:
- Reporting and dashboards
- Best practices
- Integrations with other IT products.
Basically, ITSSM sits between service desk and the ITIL-defined ITSM process set.
Creating the Business Case for ITSM and ITIL Adoption
If you are looking to formally adopt ITSM, you might need to create a business case for the investment in new people, processes, and technology. But, importantly, this shouldn’t actually be a business case to adopt ITSM, or ITIL, but rather one to support a business strategy or strategies such as:
- Improved IT-business alignment with the associated benefits
- Greater IT responsiveness and customer service
- Increased business competitive advantage through IT enablement
- Improved flexibility or agility/speed of delivery for new/changed business and IT services
The business case should also show how ITSM and ITIL can help to:
- Improve quality through: fewer incidents and increased availability, increased business productivity, and improved customer experience and access
- Reduce the cost of IT provision through: reduced IT wastage and improved efficiency
- Deliver new or additional services through the reinvestment of IT savings
- Reduce risk and improve governance, to demonstrate compliance with internal controls and external regulations
Further Reading – Recommended ITSM Blogs
- Core ITSM – by James Finister
- ITSM Transition – by Greg Sanker
- Joe the IT Guy – by Joe the IT Guy
- Optimal Service Management – by Stuart Rance
- SysAid Blogs
- The IT Skeptic – by Rob England