ITIL isn't just for large organizations anymore. Smaller companies can implement the IT Infrastructure Library set of best practices and processes and get value from their information systems. IT leaders share their adoption experiences.
By Malcolm Wheatley
May 30, 2008 — CIO —
"We needed to get to a point where we could do more planned work, which meant fighting fewer fires," he says. "And to me, that meant getting a better handle on the changes that were taking place."
Armstrong had read that 80 percent of system failures are due to change, and 80 percent of the "time-to-fix" lay in establishing just what changes had taken place. Corpus Christi, he suspected, was no different. Enter ITIL, which Armstrong knew addressed not only change management but a host of other factors that affected service management and the productivity of the city's IT staff.
Originally developed in the U.K. in the mid-1980s, the Information Technology Infrastructure Library, or ITIL, is a set of best practice concepts and techniques for addressing the effective management of IT infrastructure, service delivery and support. Endorsed by the U.K. government for public sector IT projects, ITIL soon gained traction within the corporate sector. Published by the Office of Government Commerce, ITIL initial best practice guidelines have been widely adopted around the world, although exact numbers are unclear. (All one has to do is purchase a set of ITIL books, and adopt whatever ITIL practices one wishes.)
But along the way, ITIL has undeniably picked up a reputation for being more appropriate for big business rather than small- and medium-sized IT shops. And this, in turn, has hindered its adoption by smaller IT organizations such as Corpus Christi's. Armstrong saw past that big-business stereotype and envisaged ITIL easing the lot of the city's five telephone technicians, nine field technicians, 30 analysts and 1,600 end-users.
"ITIL hasn't really talked to smaller businesses," says Barclay Rae, former professional services director of Europe's Help Desk Institute (now known as the Service Desk Institute). "The language to date has been very much framed in the context of large organizations with mainframes and internal customers."
But although ITIL's big business credentials can't be denied, there's growing evidence that it can indeed benefit the smaller IT shop, too. In fact, the smaller IT shop can turn its size into an ITIL asset, says Rae. "Smaller companies can implement ITIL—and implement it quickly," he says. "There are fewer people to disagree about it, and it's easier to get the key people around the same table. I've implemented ITIL in an IT department of just six people: They initially complained that they didn't have the time—but by picking just the key ITIL processes, it didn't take up much time at all."
The Need for Accountability
ITIL's processes don't manage themselves, however. "As with all good process development, it's vital to have a process 'owner' and someone who is responsible for ensuring that each process is working well," warns Rae.
Take consulting engineers Cundall, Johnston & Partners of Newcastle, U.K. Cundall has an IT department of 10 people supporting 500 employees across 13 main offices spread over six countries, including Dubai, China, Spain and Romania. It adopted a service management solution from ICCM, precisely because of the ITIL-compliant nature of the U.K. vendor's offering, explains Cundall's IT director Mike Hanna.
Hanna says he was specifically recruited to move the firm away from the "break-fix" approach to technology in which it was mired. ITIL's core processes such as incident management, change management and problem management offered a way to get a handle on what was really going on. At Cundall, Hanna charged staff members with ownership of those processes. The incident management process at Cundall is the responsibility of service support manager George Smith. Change management, which began in May, is the responsibility of a new hire, Rita Testa, recruited for her ITIL experience.
But implementing ITIL need not mean expanding the workforce, notes Rae. Whether a CIO chooses to allocate people to ITIL processes or not is a matter of individual choice.
"One of the most common misunderstandings about ITIL in smaller businesses is that ITIL somehow 'demands' a large organization: People think that as there are a number of 'management' processes involved, there must be a similar number of management roles—but this just isn't the case," he says. "Many good implementations have simply given out key responsibilities to individuals as part of their existing roles."
One Size Doesn't Fit All
Where to start with ITIL and where to stop are also matters of choice. For the City of Corpus Christi, for instance, the change management process has been the starting point.In CIO Armstrong's eyes, that is where the greater reward lay. "The incident management piece of the puzzle is important," he acknowledges, "but that comes next."
"The incremental approach [to ITIL] is very common, and is one that we see generally giving the best results with smaller organizations," says Graham Ridgway, CEO of Touchpaper, the U.K. supplier of the service management solution adopted by the city. "More usually, organizations start with incident management rather than change management, but it's very much a question of individual preferences."
So is where to stop. At Cundall, fully certified ITIL compliance "is not a short-term goal," stresses IT director Hanna. "The aim is to move closer to full compliance, and then take a view as to whether we want to go the extra mile. From where we are today, 70 percent to 80 percent compliance should make life so much easier." Accreditation, in other words, is a nice-to-have, not a must-have.