In the run up this year’s itSMF Australia LEADIT14 conference I chatted with Suresh GP about his session entitled “Governance – custodian to changing business trends and IT landscape”.
Q. ITSM Review: Hi Suresh, can you give a quick intro to your session at LEADIT?
Suresh GP: Today we are in an era of rapid technological changes, complex operating environments and demanding consumerization of IT. Enterprises are forced to change gears to make the paradigm shift imminently not only to be competitive but also to secure their place in business. While organizations are spending time, effort and resources to scale up to new frontiers, there is no blue print to guarantee success in their endeavors. Over and above, changing regulatory and legal compliance requirements make it a difficult proposition to sail through seamlessly.
Hence it is the need of the hour for enterprises to fall back to a robust Governance and control structure to handhold and guide them during this unpredictable journey.
Companies with effective IT Governance have profits that are 20 % higher than other companies pursuing similar strategies – Weill P& Ross
Q. Where should organizations start on their governance journey?
The fundamental problem of IT is the lack of clarity around IT Management and IT Governance, which is the first thing you need to understand before starting your journey with Governance.
IT governance is primarily concerned with two things: IT’s delivery of value to the business and mitigation of IT risks. On the other hand, Management plans, builds, runs and monitors activities in alignment with the direction set by the governance to achieve the enterprise objectives. Governance involves executive committees and boards that are independent of organizations whereas the Management involves senior management staff within the same organization.
simple words, Governance is doing the right things while Management is about doing things right.
Q. So what is Corporate Governance?
Corporate Governance is based on rules laid out by Organization for Economic Cooperation and Development [OECD]. They can be classified as follows
a) Ensure Strategic guidance of the company
b) Timely and accurate disclosure of Financial situation
c) Annual audit by independent, competent and qualified auditors
During my session at LEADIT we look at Corporate Governance requirement and lessons learned using scenarios around Lehman Brothers, Common Wealth Games at London 2012 and the Uttarkhand Disaster of 2013.
Q. What impact does Governance have on the Consumerization of IT?
At the end of 2013, there were more mobile devices than people on earth. IT Service Desk is grappled with a tough task of managing end user devices beyond the standard set. Shadow IT has become order of the day and is expected to grow in next three years. Heartbleed, cyber threats and much more surprises come every day to add fuel to fire. So what could come to the rescue of the Service Desk?
BYOD policies, processes – Refer to Karen Ferris earlier post
Becoming aware of different Tools pros and cons and support
Governance that could filter quality of inflow for Service Requests and Incidents
Finally we talk about key success principles that can be leveraged to make Governance a trusted custodian to changing business and IT Landscapes.
So this is just a teaser of how Governance can become your trusted custodian to changing business and IT Landscape. If you want to hear how about how Governance plays a pivotal role for Cloud, Mobility, BYOD, Big Data and Social Media, come and listen to my presentation at LEADIT14. In addition, I also moderate a Panel discussion about Challenges and Pitfalls of Mobility and BYOD. You can find out everything you need to know about the conference here.
In addition to explaining his role as Head of ITSM, Kaimar talks about:
ITIL culture differences
Changing perceptions of ITIL
Training provider challenges
Biggest challenges to success for AXELOS
Plans for the next 6-12 months
In the second part of this video, Kelvyn explains:
What AXELOS will be selling
The ITIL and Prince2 value proposition
AXELOS partner programme
Please note that owing to this interview being filmed live at the Pink Elephant event, there are some minor volume issues and background noises throughout this video.
AXELOS is a new joint venture company, created by the Cabinet Office on behalf of Her Majesty’s Government (HMG) in the United Kingdom and Capita plc to run the Best Management Practice portfolio, including the ITIL® and PRINCE2® professional standards. Its goal: to nurture best practice communities, both in the UK and on a truly worldwide scale, establishing an innovative and high quality, continuous learning and development destination that is co-designed by and co-created for those who use it. Visit www.axelos.com for for more information.
About Pink Elephant
A global company with a proud and pioneering 30 year history – the world’s #1 supplier of IT Service Management and ITIL® education, conferences and consulting.Visit www.pinkelephant.com for more information about the company, services and products.
This video was filmed at the 2014 Pink Elephant Conference. The 19th Annual Pink Elephant International IT Service Management Conference and Exhibition will take place at the Bellagio Hotel in Las Vegas, February 15-18 2015. Registration is now open.
Since 2012 British Universities have been able to charge £9,000 (about $15,000) per year for tuition fees. I wrote last year, following the itSMF regional at the University of Exeter, that this charging policy shifts the relationship between undergraduates and institutions and further elevates students to ‘customers’ with buying power. Students have new expectations and demand higher standards of their Universities, including IT services.
This is sentiment echoed by Gordon Roberts, Customer Services and Communications Manager at the University of Reading, who I met with Joel Bomgar, CEO of the $50m enterprise remote support company that bears his name. Joel was in the UK to visit the EMEA office and talk with clients including the University of Reading (UoR) who have recently joined the ranks of around 8,000 other Bomgar customers.
Gordon stated his team were under increasing pressure to increase service levels: both to satisfy their staff and students but also manage external reputation. Bad vibes about support spread like wild fire amongst prospective IT savvy students.
The UoR team admit that they stumbled across Bomgar whilst on the search for a new service desk (Recently replacing BMC with TopDesk), Gordon said “All the ITSM vendors we spoke to during our ITSM tool selection process said they integrated with Bomgar, but we’d never heard of it. However after researching further we immediately saw the value and have been using it since May”.
IT services at UoR act as a central point of contact for all IT requests and incidents, even for those faculties that may have their own IT support resources. Gordon stated that the lines between first and second line support had begun to blur as the first line support team were encouraged to learn more. “There has been an effort to move away from log and flog and increase the skill levels of frontline staff”
Bomgar facilitates collaboration between support teams by:
Allowing 1st and 2nd line to collaborate in real time on issues and learn from each other during calls rather than passing batons between teams with no real increase in knowledge
Recording calls and clipping the video to a knowledge base article for future reference
Doing all this whilst meeting their security and regulatory requirements. An audit trail of Bomgar activity records all interactivity.
I was surprised to hear that anyone in IT support can use Bomgar; it is not restricted to a few specialists. In fact Bomgar is also used for hands-on 1-2-1 training sessions outside of IT support, for example when training staff on tips and tricks with Microsoft Office, CMS systems or Blackboard.
Once upon a time we pushed plugs in a telephone exchange and called the operator to make a phone call – now we click on somebody’s face in Skype and talk to them immediately on the other side of the planet via a free video link. Bomgar paints a vision of a similar immediacy. Service request portals have provided scope for great steps in automation; remote support of this type allows the human touch to return and vastly accelerate support by allowing collaboration in real time.
ServiceNow recently held a three-city European forum. The event was a compact version of the larger ‘Knowledge’ event held in the US and a chance for customers to share experiences and hear from ServiceNow bigwigs.
“At CERN, the European Organization for Nuclear Research, physicists and engineers are probing the fundamental structure of the universe. They use the world’s largest and most complex scientific instruments to study the basic constituents of matter – the fundamental particles. The particles are made to collide together at close to the speed of light. The process gives the physicists clues about how the particles interact, and provides insights into the fundamental laws of nature.” About CERN
Reinoud’s session was entitled ‘ITSM also works outside its comfort zone’ and explored how CERN implemented IT Service Management best practice across IT and many other business functions. Reinoud kindly answered some follow up questions via email below.
Service Management beyond IT
Reinoud is Service Manager for a group called ‘General Services’ at CERN.
General Services serves IT services but also a myriad of other business services at CERN such as Civil Engineering, Facility Management, Medical and Fire Protection.
A user at CERN can log a password reset or seek help with a faulty laptop – but they can also rent a car, alert facilities to a blocked drain, book a hotel room, have an old filing cabinet towed away or log an expense claim – all from the same Service Management destination; the CERN Service Portal. In total CERN supports 282 active services across 494 operational functions.
Service Management Singularity
The goal at CERN, as Reinoud eloquently described is to:
1. Make life simple for users and supporters by providing:
ONE point of contact (One #, One URL, ONE place)
ONE behaviour; Unified processes for all services
ONE tool shared by all service providers (sharing information and knowledge)
ONE service description in a business service catalogue
2. Improve efficiency and effectiveness
Alignment with good practice (ITILV3 and ISO20K)
High level of automation
Framework for continuous improvement
And do this for ALL SERVICES (not just IT).
Interview with Reinoud
Q. What drove the initiative for one Service Portal across all these disciplines? Could you describe what existed before?
Before there were many numbers to call or people to know to get your needs fulfilled or to report a problem. There was an IT helpdesk, and a facilities management number to call, but their respective scopes were not 100% clear and there was a lot not covered by either of these numbers.
The most common way to find the right help was a Google search on the cern.ch domain that would return a lot of obsolete or wrong information (Every service published it’s own pages which were not removed after reorganizations or updated after changes).
Many people published their own service catalogues with numbers to call. So there was a lot of confusion and chaos, although there might have been some islands of excellence hidden here and there.
IT used a ticketing system with which they had difficulty upgrading; this system was also partly used outside IT for example Application Support. Even within IT some groups had their own systems. Outside IT there was no real ticketing system in place.
Some requests that have to follow strict authorization rules were and are supported in a custom workflow system developed at CERN where people fill out request forms by themselves (e.g. for taking leave, or for ordering equipment).
The initiative was driven by:
The realization that CERN needed to become more customer/user focused, also as we moved from a project phase (building LHC) to an operational phase (running LHC).
The need to support an exploding user population with less or at best constant resource levels.
Q. Did you face any political resistance when IT joined General Services (I’m thinking that certain departments might not want to relinquish control)?
It happened the other way around, as the ‘chaos’ was probably bigger outside the IT area. The initiative started in general services during first half of 2009. In 2010 IT joined forces to propose a potentially CERN wide (for infrastructure services) solution. HR and Finance were to join later.
Obviously we encountered a lot of resistance, scepticism and ‘other attitudes’. Many predicted this project would fail, so they adopted a very passive attitude, but after one year of ‘production’ these people also realized the benefits invested effort to make things work. It’s not something you can do overnight.
Q. From your presentation it was very clear that you have taken best practices from ITSM (ITIL and ISO20000) and applied them to other business disciplines. Can you cite any examples of where IT can learn from these other disciplines? Do such best practices exist in other areas?
There are no examples where the standard needs to be ‘extended’ for IT based on our experience for non IT. There are ‘small implementation detail examples’ where IT could ‘profit’ from the ‘culture’ in other areas. For example business services that are person facing will like to hide the fact that there is an automated process and tickets behind requests and incidents as much as possible; so they wish to make the system ‘more human’ with special notifications, or service dependent ‘signatures’.
We have been looking at other standards but really found no alternative … including external consultants. There may be standards for libraries for instance; but we can’t support a standard per service (with over 280 services), and in the end these alternative standards for very specific domains contain the same ‘common sense’ that can be found in ITIL and ISO20k.
Q. Can you elaborate on the section of your presentation regarding ‘Cultural Change’? In particular I recall how you used a combination of Knowledge Management (this is how things work around here) and Service Catalogue (and this is how things get done). What led to this approach?
The culture change has to do with technicians that are focused on solving technical problems (say fix a water tap) but really don’t caring about the ‘caller’ at all. They will close a ticket not when the work is done, but when they want to bill their work; this can be much later. As a result the caller gets out-dated feedback and thinks the system does not work.
It gets worse if they need a spare part; they will not inform the caller or update a ticket; they will maybe note in a piece of paper they have to get a spare part and the user thinks nothing is happening. It’s this customer/user awareness and what it means in the day-to-day life of workmen that are ‘supporters’ for the infrastructure services that is the problem. The sharing of knowledge between supporters and with users (FAQ’s) is something that came ‘automatically’. We had many local FAQ’s and wiki’s but now we provide a global infrastructure.
Service Catalogue is what is available to the users, not how things get done. The focus is on the what (scope, when available quality) then obviously there is a link to support teams. So it orchestrates how things get done as an additional benefit.
Candidates for job opportunities from around the world
Q. What does ‘Coaching’ look like for non-IT supporters? I remember you mentioned taking supporters through the equivalent of ITIL foundation for business services, but not using ITIL foundation – can you elaborate on this point?
We organized awareness training for non-IT people, a sort of shortened ITIL foundation course not referring to IT situations. E.g. configuration management for a medical service is understanding who your ‘patients’ are, what their ‘status’ is in terms of health parameters etc. If a medical service has not a good register of this they are bad in configuration management.
Explaining the ITIL concepts, naming conventions, processes and ideas but staying away from IT examples… this is not always easy in areas as release and deployment management for a cleaning service or a materials management service…so you must be ‘creative’ and maybe skip some very specific areas in certain cases. Most areas however are relevant to most services (if you take a step back and ‘reinterpret’ the concepts).
This is not enough, you also need to explain again and again what the underlying ideas of the processes are, and how they should use the system (e.g. impact and urgency priority; not closing a ticket that is wrongly assigned, but assign it to the right function, or return to service desk, etc..). This is more laborious for non-IT people than for IT ‘supporters’.
Q. Why ServiceNow?
We looked at the market second half of 2010 once we knew what we wanted to deploy (Single point of contact, unified processes and single web based tool shared by all with in the heart this business service catalogue driving the automation and a service portal); we started with a long list of around 40 tools, quickly shortened down to 6 which we evaluated in more detail based on a long questionnaire; ended up with two for which we did a POC at CERN and some reference visits.
We took into account lots of criteria covering: functionality, configurability/flexibility, architecture, interface, future evolution, etc. The fact that ServiceNow was a SaaS solution played a role (this was an ‘experiment’ for CERN’s IT department and they were ready to test it; it certainly helped dramatically reduce the time between the choice and being operational).
Obviously total cost of ownership also played a key role. Anyway things may have evolved in the last 3 years, so although we don’t regret this choice a second, the outcome could be different today. I have no idea of what is going on in this area on the market today (I am no IT guy anymore and have other things on my mind lately).
Q. Finally, your advice to organizations looking to embark on a similar journey?
Top Three Takeaways from Reinoud’s presentation:
1. ITSM is RELEVANT beyond IT and it WORKS
2. Essential for success are:
A comprehensive Business Service Catalogue
To know what you are supposed to be doing
To understand how these services are provided (by whom)
To drive automation and smooth assignment & escalation
A Service Portal to hide the complexity of all of this
At first glance, the new prISM credential scheme seems to be a qualification too far, as I consider improving my ITSM skills by going for the first of my ITIL Intermediate levels.
The take up so far seems to belong to an select group, much like those who piloted the new ITIL Master scheme, and perhaps it is too early for that all important critical mass to make it the “must-have” credential to have.
What is prISM and why is it different?
The aim of prISM is to provide recognition and a skills development structure in the ITSM industry.
It has defined a measurable framework which takes into account an individual’s qualifications, experience and contributions back to the ITSM industry.
So, if you have the ITIL foundation certificate, and a few years in front line roles under your belt, you can get up and running in prISM as an Associate, and use their structured approach to plan your next steps up the ITSM ladder.
But, you pay for the privilege, so why is this worth investing time in?
“The real reason for prSIM is that the IT industry is starting to mature and become a bit more of a profession rather than a job.”
Just take a look sometime, in various ITIL and ITSM related Linked In groups, and you will see pleas from people who seem out of their depth.
Think of it in this way. How many times do organisations send people onto an ITIL Foundation course, and then expect them to be able to implement major ITSM projects?
“Nothing ever works like that with a skill. You have to practice it and apply it. You have to learn from the mistakes from yourself and others. You have to learn from your successes as well and you refine it over time, and you get better at it by repetition.”
Part of the issue is the lack of a requirement to refresh ITIL qualifications, once gained.
In prISM, each year you submit a Continual Professional Development forms to demonstrate growth and development in order to re-earn your credential.
prISM Credential Levels
Student in Service Management (SSM) – students with an interest in ITSM
Associate (ASM) – entry level professionals
Professional (PSM) – experienced Service Management professionals
Distinguished Professional (DPSM) – senior, well experienced Service Management professionals and leaders
Fellow (FSM) – reserved for those senior professionals who have been recognised for making a significant contribution to the profession and its body of knowledge
I see the benefit of tiering the levels like this, and even though my “rock face” experience gives me a broader perspective than if I had only the ITIL Foundation course, this is where the CPD aspect comes in.
The whole point of the profession maturing means that I need to really focus on further certification, but given the cost of courses, I really need to think carefully as to what to pursue.
I have worked in the area of ITIL/ITSM for 8 years now – I know my stuff. Do I really need to pay for more certification AND a credential to prove it?
Matthew believes that prISM should be a nice to have, rather than a mandatory requirement:
“From an employer’s point-of-view it tells me that they’ve been through the experience and qualifications that they say they’ve got, they’re committed to CPD, they give something back, they take their profession seriously.”
In my opinion, this is hard to prove in the immediate short term, without understanding from recruiters if they put any store in the acronyms above.
The Application Process
Step One: Education and Experience
The spreadsheet gives you a broad brush stab at the permutations of education and experience.
I tested a couple of elements and opted years of experience, as my degree was a LONG time ago! Recommended Level: PSM
Step Two: Required Professional Certifications
Here’s where it started to get confusing.
With an ITIL V3 Foundation Certificate (useful) and a TOGAF Enterprise Architecture L1 and L2 certificate (not at all useful, apparently), recommended level: ASM!
Step three: Extra Points
I played about with this out of interest, in terms of ITSM implementation experience, and also in terms of ITSM Review writing – which confused matters even more, because now the summary shows me that I meet DPSM criteria as well!
With the combination of the experience and qualification I could apply now for Associate Membership but with at least one ITIL Intermediate course, I go up to Professional credentials.
Irritatingly, the comment boxes for the Certification sections stays visible after you have marked an entry, which then obscures the entries below.
2) Application Form & CV
You also have to fill in the application form and sign the statement to adhere to the profession’s code of ethics, and you will need to cross-reference the handbook as you go for Professional credentials which sounds like a bit of hassle.
There is a bit of repetition here, having to put in the details of your referee, as well as including your reference (with those same details) as part of the package.
You also have to write your own personal statement, demonstrating your interest in the ITSM profession.
If you are serious about going through this process, I think it is worth updating your CV during this process. It won’t hurt you to pay some attention to your Linked In profile either.
After all, if recruiters are using Linked In more and more, the best way to promote the importance and credibility of this credential is to have it on your online profile.
3) Reference Statement & Evidence
You will have to get someone to write a supporting statement for you, and also find your supporting evidence to match your calculator entries.
You need to keep PDFs at 1MB per document, and the whole application cannot be more than 25MB. Irritatingly my scanned ITIL certificate and itSMF UK invoice are just over 1MB, but everything else is smaller.
The pricing is misleading. The handbook states itSMF membership is preferable (and gives a discount) but not mandatory. The application form infers the opposite – so those need to be in sync.
The handbook encourages you to pay before gathering your references – I would actually get everything together first, then proceed to pay for your appropriate membership, as you then need the proof of payment to zip together to submit.
Matthew very kindly agreed to be my reference, and we decided to let me go through the process (and provide feedback!). so I have sent him a form to fill in and return to me.
I’ll put my (eventual) credential on my LinkedIn Profile, and push out an updated CV to see if there is any immediate change in the type of roles I typically see.
Will it be the prISM credential, or the ITIL Intermediate certification that provides the trigger (if at all!).
Who is ITIL Girl? She is a self-styled, ITIL Foundation-certified vigilante!
She has built up quite a following via Twitter and her ITIL/ITSM related musings can be found via her blog.
In our best Daily Planet™ guise we managed to pin her cape down and keep her still long enough to ask her a few questions, before releasing her back to the ITSM Metropolis to solve IT issues.
ITSM Review Q: What can you share about your particular role?
Not a whole lot! I can say that I do second-line support and application development for a particular team in my organisation. I am also the only person that can be bothered to write change requests, so I do most of that and the out-of-hours work too. I am very much at the bottom of the food chain but I do have a junior member of staff to train too!
Q: In your opinion, why is it so difficult for some to get to any kind of level of ITIL ‘enlightenment’?
Apathy, objection to taking the exams, lack of requirement to really show any kind of knowledge of ITSM afterwards. I find that once most people are able to put ITIL certification on their CV, they stop caring. I can see it working, and I think most people are aware of the processes, but they carry them out because they’re there and are followed by service design rather than actually thinking about what they’re doing with ITIL.
Q: If you had to use just three (publishable) words to describe your ITIL experiences – what would they be?
Q: If you had to use ITIL principles to rescue a kitten from a tree, or maybe the planet Earth from General Zod™, how would you go about it?
Judging from my department’s approach to ITIL, we wouldn’t get anything approved in time to save anything! On the other hand, anything goes when it comes to incident resolution, so I’d go ahead and do my thing, and handle the MI report later.
Q: If ITSM and ITIL is frequently aimed at management, what methods have you found to try and aim the finer points at Operations staff and analysts?
I pick out the processes that most apply to my everyday role, to be honest, and make sure I’m the most clued up on those parts – incidents, problems, knowledge, change, release.
Q: Have you ever given in to the urge to send someone a “Let Me Google That For You” link to ITIL?
Most of the time I sigh and roll my eyes. If someone genuinely hasn’t had to study for the exams – because they’re new to IT or have come from a place that doesn’t use ITIL – then I can forgive them. If they passed the exam by cramming, I expect them to know better, then yes!
Q: Would the ITIL official Swirl make a good logo for your super-hero cape? If not, what would you choose?
My favourite logo is the ITIL foundation pin, as evidenced by my Twitter avatar. The swirl is cool, but I think the foundation pin defines me as someone who has only minimal formal training in ITIL but still gives a damn and some competence!
Q: When I was on my ITIL course, the “bold” idea of super-skilling a Service Desk was discussed – nods of understanding from one half of the room, recoils of horror from the other. What are your thoughts?
I love the idea of giving the Service Desk all the power they can be given – if they have time to maintain high levels of customer service at the same time. Capacity is always a problem where I work, but giving the Service Desk the ability to help and resolve more and more things is a wonderful, empowering idea. Let’s face it, it’s not the easiest job, and the more job satisfaction they have, the better they’ll feel and the better they’ll work.
Q: One of my quests is to fund as much free, and more importantly useful ITIL material out on the web – should this stuff be public domain or hidden away like people protecting their homework answers?
I’ve been working with a partner organisation to share knowledge and processes, and have recently found equally willing people on LinkedIn that will help with incidents and problems. Look at it this way: we’re all in the same boat here. Every IT organisation has techies, analysts, managers – much the same roles. Unless the information is sensitive to your organisation, why not share it and give people the incentive to share with you?
Q: I once met someone who laughed in the face of my shiny new ITIL Foundation Certificate and raised me certificates and badges of Expert on their way to ITIL Jedi Master. What ambitions does the ITILgirl have to tackle the rest of the modules with whatever version of the week we are at in ITIL?
I’ll take it as it comes; I can’t fund my qualifications on my own, and my organisation is trying to exercise frugality, just like the rest of the UK. I would love some more badges to pin to my jacket, but I still think experience trumps every piece of paper you could show to someone. As long as I keep learning from my colleagues and peers, I’m happy. Lack of a certificate doesn’t mean I’m not competent at something!
Q: Obviously your ITIL Super-Powers are legendary – what is your favourite superhero skill?
Intimidating project managers with my piercing you haven’t raised a request for my time or that clearly hasn’t been through change management glare. Hell hath no fury like an ITILgirl scorned!
I recently reviewed an ITIL Overview, where the overriding message in the training was to always look for opportunities to use ITIL in your own environment. ITILgirl is living proof that uber-education is not necessary to want to make a difference.
I found Simon Morris via his remarkably useful ITIL in 140 app. Simon recently joined ServiceNow from a FTSE100 Advertising, Marketing and Communications group. He was Head of Operations and Engineering and part of a team that lead the Shared Services IT organisation through its transition to IT Service Management process implementation. Here, Simon kindly shares his experiences of ITSM at the rock face.
ITSM Review: You state that prior to your ITSM transformation project you were ‘spending the entire time doing break-fix work and working yourselves into the ground with an ever-increasing cycle of work’. Looking back, can you remember any specific examples of what you were doing, that ITSM resolved?
Thinking back I can now see that implementing ITSM gave us the outcomes that we expected from the investment we made in time and money, as well as outcomes that we had no idea would be achieved. Because ITIL is such a wide-ranging framework I think it’s very difficult for organisations to truly appreciate how much is involved at the outset of the project.
We certainly had no idea how much effort would be spent overall on IT Service Management, but we able to identify results early on which encouraged us to keep going. By the time I left the organisation we had multiple people dedicated to the practice, and of course ITSM processes affect all engineering staff on a day-to-day basis.
As soon we finished our ITILv3 training we took the approach of selecting processes that we were already following, and adding layers of maturity to bring them into line with best practice.
I guess at the time we didn’t know it, but we started with Continual Service Improvement – looking at existing processes and identifying improvements. One example that I can recall is Configuration Management – with a very complex Infrastructure we previously had issues in identifying the impact of maintenance work or unplanned outages. The Infrastructure had a high rate of change and it felt impossible to keep a grip on how systems interacted, and depended on each other.
Using Change Management we were able to regulate the rate of change, and keep on top of our Configuration data. Identifying the potential impact of an outage on a system was a process that went from hours down to minutes.
Q. What was the tipping point? How did the ITSM movement gather momentum from something far down the to do list to a strategic initiative?
If I’m completely honest we had to “sneak it in”! We were under huge pressure to improve the level of professionalism, and to increase the credibility of IT, but constructing the business case for a full ITSM transition was very hard. Especially when you factor in the cost of training, certification, toolsets and the amount of time spent on process improvement. As I said, at the point I left the company we had full time headcount dedicated to ITSM, and getting approval for those additional people at the outset would have been impossible.
We were lucky to have some autonomy over the training budget and found a good partner to get a dozen or so engineers qualified to ITILv3 Foundation level. At that point we had enough momentum, and our influence at departmental head level to make the changes we needed to.
One of the outcomes of our “skunkworks” ITIL transition that we didn’t anticipate at the time was a much better financial appreciation of our IT Services. Before the project we were charging our internal business units on a bespoke rate card that didn’t accurately reflect the costs involved in providing the service. Within a year of the training we had built rate cards that both reflected the true cost of the IT Service, but also included long term planning for capacity.
This really commoditised IT Services such as Storage and Backup and we were able to apportion costs accurately to the business units that consumed the services.
Measuring the cost benefit of ITSM is something that I think the industry needs to do better in order to convince leaders that it’s a sensible business decision – I’m absolutely convinced that the improvements we made to our IT recharge model offset a sizeable portion of our initial costs. Plus we introduced benefits that were much harder to measure in a financial sense such as service uptime, reduced incident resolution times and increased credibility.
Q. How did you measure you were on the right track? What specifically were you measuring? How did you quantify success to the boss?
Referring back to my point that we started by reviewing existing processes that were immature, and then adding layers to them. We didn’t start out with process metrics, but we added that quite early on.
If I had the opportunity to start this process again I’d definitely start with the question of measurements and metrics. Before we introduced ITSM I don’t think we definitively knew where our problems were, although of course we had a good idea about Incident resolution times and customer satisfaction.
Although it’s tempting to jump straight into process improvement I’d encourage organisations at the start of their ITSM journey to spend time building a baseline of where they are today.
Surveys from your customers and users help to gauge the level of satisfaction before you start to make improvements (Of course, this is a hard measurement to take especially if you’ve never asked your users for honest feedback before, I’ve seen some pretty brutal survey responses in my time J)
Some processes are easier to monitor than others – Incident Management comes to mind, as one that is fairly easy to gather metrics on, Event Management is another.
I would also say that having survived the ITIL Foundation course it’s important to go back into the ITIL literature to research how to measure your processes – it’s a subject that ITIL has some good guidance on with Critical Success Factors (CSFs) and Key Performance Indicators (KPIs).
Q. What would you advise to other companies that are currently stuck in the wrong place, ignoring the dog? (See Simon’s analogy here). Is there anything that you learnt on your journey that you would do differently next time?
Wow, this is a big question.
My first thought is that IT organisations should remember that our purpose is to deliver an outcome to the business, and your ITSM deployment should reflect this. In the same way that running IT projects with no clear business benefit, or alignment to an overall strategy is a bad idea – we shouldn’t be implementing ITIL just for the sake of doing it.
For every process that you design or improve, the first question should be “What is the business outcome”, closely followed by “How am I going to prove that I delivered this outcome”. An example for Incident Management would be an outcome of “restoring access to IT services within an agreed timeframe”, so the obvious answer to the second question is “to measure the time to resolution.”
By analysing each process in this way you can get a clearer idea of what types of measurement you should take to:
Ensure that the process delivers value and
Demonstrate that value.
I actually think that you should start designing the process back-to-front. Identify the outcome, then the method of measurement and then work out what the process should be.
Every time I see an Incident Management form with hundreds of different choices for the category (Hardware, Software, Keyboard, Server etc.) I always wonder if the reporting requirements were ever considered. Or did we just add fields for the sake of it.
Next I would encourage organisations to consider their process maturity and ITSM toolset maturity as 2 different factors. There is a huge amount of choice in the ITSM suite market at the moment (of course I work for a vendor now, so I’m entitled to have a bias!), but organisations should remember that all of vendors offer a toolset and nothing more.
The tool has to support the process that you design, and it’s far too easy to take a great toolset and implement a lousy process. A year into your transition to ITSM you won’t be able to prove the worth of the time and money spent, and you have the risk of the process being devalued or abandoned.
Having a good process will drive the choice of tool, and design decisions on how that tool is configured. Having the right toolset is huge factor in the chances of a successful transition to ITSM. I’ve lived through experiences with legacy, unwieldy ITSM vendors and it makes the task so much harder.
Participation at every level
One of the best choices we made when we transitioned to ITSM was that we trained a cross-section of engineers across the company. Of the initial group of people to go through ITILv3 Foundation training we had engineers from the Service desk, PC and Mac support, Infrastructure, Service Delivery Managers, Asset management staff and departmental heads.
The result was that we had a core of people who were motivated enough to promote the changes we were making all across the IT department at different levels of seniority. Introducing change, and especially changes that measure the performance of teams and individuals will always induce fear and doubt in some people.
Had we limited the ITIL training to just the management team I don’t think we would have had the same successes. My only regret is that our highest level of IT management managed to swerve the training – I’ll send my old boss the link to this interview to remind him of this!
Find the right pace
A transition to ITSM processes is a marathon, not a sprint so it’s important to find the right tempo for your organisation. Rather than throwing an unsustainable amount of resource at process improvement for a short amount of time I’d advise organisations to recognise that they’ll need to reserve effort on a permanent basis to monitor, measure and improve their services.
ITIL burnout is a very real risk.
My last piece of advice is not to feel that you should implement every process on day one. I can’t think of one approach that would be more prone to failure. I’ve read criticism from ITSM pundits that it’s very rare to find a full ITILv3 implementation in the field. I think that says more about the breadth and depth of the ITIL framework than the failings of companies that implement it.
There’s an adage from the Free Software community – “release early, release often” that is great for ITSM process improvements.
By the time that I left my previous organisation we had iterated through 3 versions of Change Management, each time adding more maturity to the process and making incremental improvements.
IT Service Management is a cultural change, and it’s worth taking the time to alter peoples working habits gradually over time, rather than exposing them to a huge amount of process change quickly.
Q. Lastly, what do you do at ServiceNow?
I work as a developer in the Application Development Team in Richmond, London. We’re responsible for the ITSM and Business process applications that run on our Cloud platform. On a day-to-day basis this means reviewing our core applications (Incident, Problem, Change, CMDB) and looking for improvements based on customer requirements and best practice.
Obviously the recent ITIL 2011 release is interesting as we work our way through the literature and compare it against our toolset. Recently I’ve also been involved in researching how best to integrate Defect Management into our SCRUM product.
The sign that ServiceNow is growing at an amazing rate (we’re currently the second fastest growing tech company in the US) shows that ITSM is being taken seriously by organisations, and they are investing money to get the returns that a successful transition can offer. These should be encouraging signs to organisations that are starting their journey with ITIL.