Why you can’t ignore ITSM

The value of implementing an IT service management (ITSM) program is clear. Leveraging good processes in the enterprise IT environment to manage and measure incidents, problems, changes, service levels and risks is an almost ubiquitous objective of internal and external organisations providing IT to the business.

In the war between control and chaos in IT, the battle for acceptance of dedicated ITSM teams using international standards, best practice frameworks and specialist toolsets has largely been won.

Most medium to large IT organisations have ITSM programs that either fully or partially embrace frameworks such as ITIL (ITSM), PRINCE2 (project management) and/or CoBIT (IT governance).

When implemented well, processes built in alignment with these guidance manuals are proven to work. They save money, create efficiencies and introduce structure. They also help define roles and responsibilities, facilitate metrics for benchmarking and continual improvement and introduce higher levels of accountability to IT investment.

However, critics of the sometimes rigid structure that is encompassed by standards and frameworks argue that pedantic adherence to this sometimes highly academic, scientific and technology-assisted pursuit of IT performance improvement can be counter-productive.

It can distract from the core reason that IT departments exist in the first place and that is to deliver value to the business. To put it another way, IT operations – and therefore, ITSM – should be all about helping the broader business achieve its key priorities whether that be growth, profitability or great customer service.

Meeting business objectives

CIOs want to be able to sit at the board room table and tell a story of creating business value or supporting business objectives through the effective management of IT investment.

In a long IT career, Kerry Crompton has earned a reputation for guiding business IT projects and rescuing failed ones. From April 2006 to June 2007 he was the CIO for Medibank Private and he has subsequently worked as a business and IT consultant for several high profile organisations.

Over the years, Crompton has become a firm believer in the role of regimented ITSM so long as it is underscored with adherence to, and alignment with, fundamental business objectives. He thinks ITSM can be a difficult concept for many CIOs to understand but, at the same time, one they cannot afford to ignore.

“CIOs don’t often have a service delivery background so there’s a new correlation between IT service delivery and business outcomes that they need to understand,” Crompton said. “My view is that CIOs need to understand the relevance of service management as a component of IT. Fundamentally, it stops things breaking and makes them work more effectively.

“Only then can they relate that back into their business processes and see that it, in turn, clearly generates consistency of customer service and gives the opportunity to sell products and generate revenue.

“Generally, people in the CIO role acknowledge ITSM as a key component of operations which they know they have to do but they don’t necessarily connect with it intrinsically and therefore it is often a secondary consideration. That is understandable.

“There’s a law of magnitude, but the issue is that if you don’t address some of the key service management components at a lower cost, the negative price impact can be even greater.”

More than flowcharts

Mike Schembri, CIO of print solutions provider, Upstream agreed that the most important component of any ITSM program is mapping it to business objectives.

“I still think of IT service management as the journey and not the destination,” Schembri said. “Too many ITSM teams get bogged down by the roadmap or the GPS co-ordinates instead of focussing on what it’s going to deliver to the business.

“So, unless you can define what service management is going to do for the business, it just becomes a whole heap of flowcharts on the wall that nobody really understands.

In most cases – and certainly in the case of Upstream – it is the IT systems that are actually generating revenue so you can actually quite quickly draw a pretty close line on it by saying IT service management done well means we won’t go down as often and therefore we will continue to earn revenue.

“That is what the CIO and other senior executives want and need to hear.”

All models are wrong

Brian Clark, CIO of Melbourne-based university, RMIT, is happy to be quoted as saying that he “doesn’t give a stuff” about frameworks such as ITIL. He does, however, quantify that by saying when he started at RMIT, the organisation was plagued by regular and ongoing SAP outages that were happening as a result of badly managed internal processes.

“One of my favourite quotes is from mathematician George Box who said; ‘All models are wrong but some are useful’”, Clark said. “When it comes to ITSM models, I think people get too caught up in the idea of process, frameworks and ideology.

“Standards and best practice frameworks are useful but it is my view that our job as IT professionals is to deliver outcomes and outputs not just processes. When I moved to RMIT in 2011, I could see they had engaged in relatively ineffective implementations of multiple frameworks, including ITIL.

“At the end of my first week, SAP went down because our network professionals had made a change to our network in the middle of the day on a Friday afternoon. It had been down for 30 minutes when I was informed and when I asked; ‘what is our normal process?’ I was told that one of our senior managers of IT who looks after that portfolio would send an email out to the users.

“However, he had gone home for the week and there was no secondary plan. Over the next four weeks, this same system that was critical to the organisation’s productivity went down five times, all of them from failed system changes.”

Business benefits first

Clark went on to explain that when he subsequently looked at the investment plan for 2011, there was one project on the list, called Implement ITIL with an estimated cost of about $700,000.

“I literally said; ‘I don’t give a damn about implementing ITIL, but we do have to fix our change management process’”, Clark said. “We had to stop shooting ourselves in the foot on such a regular basis.

“From my perspective as a CIO, I wasn’t prepared to put it ahead of other investments that were going to improve the student experience, administration and productivity. None of my executive peers was particularly excited about ‘implementing ITIL’ and spending close to a million dollars to do it.

“In the end, our decision was to improve service delivery. We wanted to stop production outage. Everyone around the table that I was trying to get money from was happy to fund improved availability. Implementing some of the ITIL processes was how we would achieve that but it was the outcomes we were focused on.”

Upstream’s Schembri believes that one of the most important relationships that a CIO can develop is with the CFO. At the end of the day, the CFO is the executive who measures the success or otherwise of capital investment and the one who is most sensitive to bottom line business benefits.

“At Upstream, we’re incredibly focused on customer satisfaction and margin,” Schembri said. “IT should be focused on contributing to achieving those goals. From an IT perspective, you’re not going to help increase margin and increase customer satisfaction unless you’re getting better at managing systems, applications and processes.

“The CFO buys into the conversation about improvement in cost of transactions.”

Complementing boardroom objectives

Crompton agreed the level of conversation for gaining ITSM project funding needs to complement boardroom objectives such as growth, profitability, customer satisfaction and governance.

“You need to be able to demonstrate that what you’re doing around ITSM is going to deliver those boardroom priorities,” he said. “Governance is a key component, it has far more prevalence and visibility now than it did in the past, but it’s not clearly understood.

“One of the key things that are missing in the governance models is active management of risk. People often put risk as an adjunct activity when it should actually be a formative activity as it defines your forward plan and it takes a different set of thinking.

“Managing risk is one thing, but really analysing what your risks could be so you do have a full spectrum of things that could go wrong, at a business level, and how you resolve them is a key component for helping you to put a service management model in place.”

Page Break

Early success, vital ammunition

RMIT’s Clark said that his experience showed getting over that first hurdle and receiving funding approval for a service management project created new headaches in the short term but vital ammunition for the future.

“In the case of RMIT, previously there was no communication to the business about the systems problems we were experiencing on a regular basis,” Clark said.

“So, initially, feedback suggested that we were having a lot more problems than in the past which forced me to reassure the senior executive that we’re not having a lot more problems, it was just that we’re telling you about them now.

“On the upside, from our established benchmark we were then able to demonstrate the improvements we were making. Those operational performance metrics are now allowing us to have the type of conversations we should be having about systems availability, which has a direct business-impact.

“Indeed, increasingly that conversation is coming back to me from the senior executives at the University. They now understand the opportunity for IT service management to support and drive core business objectives.”

Clark believes that the foundation of an IT leader’s role is to manage existing systems and applications really well before you can look at investing.

“We’ve done a lot of work around IT strategy and our strategic plan etc., but running the existing systems and infrastructure has to have our highest priority,” he said.

“For the first six months I was in the role we focused almost exclusively on operational stability and that is now embedded in the culture of the organisation.

“If something’s broken, fixing it is my highest priority regardless of how important Project Managers think what they are working on is.

“Accurately communicating the services we provide and the service levels that can be expected is also a priority for the CIO as that is how we can then match our performance to organisational objectives.

“So while I think maturity models and frameworks are just models and that all models are wrong, some aspects of them are useful. I think our team has responded in a very pragmatic way to the parts of ITIL we do use and I think we’re going to have a much better IT operation as a result.”

Tradesman-like IT services

Upstream’s Schembri said that an effective ITSM program provides the foundation for engaging in higher level discussions with the business.

“Delivering tradesman-like IT management services is the table stakes for those other higher level discussions,” Schembri said. “If you’re trying to have a discussion about something esoteric and the mail server is up and down all of the time, you’ve just lost all credibility.

“So one of the things I think good service management delivers is that surety around your basic services. It helps you manage expectations and deliver to those expectations which is foundational to your credibility with the business to have any sort of value-add discussion thereafter.

“You have to find and define acceptable SLAs. If you haven’t defined your SLA then it is whatever your customer thinks it is and that is not necessarily achievable with the resources and tools available. The business just expects five nines availability on email.

“In some cases that may be necessary but it also may not be. You have to have that conversation with the business first and be able to demonstrate the cost versus the benefit of different service levels. Identifying appropriate SLAs changes your cost profile and allows you to measure to it.”

Avoid the fundamentalism

There was full consensus from Clark, Schembri and Crompton that the most effective approach to ITSM is not to be obsessed by the frameworks that provide guidance. Rather it is to find the components that will assist IT organisations to meet the needs of the businesses they serve.

“We paid a lot of attention to implementing an effective change management process and took guidance from ITIL in doing so,” Clark said. “We now also have proper incident management in place so people know their roles and what’s expected of them.

“From these exercises we restore faster than we did in the past and we are a more effective IT organisation for doing it but it doesn’t mean the rest of the framework is our highest priority.”

Schembri said that blindly applying ITIL or any other “model” is clearly counterproductive. “It’s the equivalent of religious fundamentalism,” he said. “You can come up with all sorts of strange tangents that just don’t make sense in the big picture. Successful projects are the ones that have a more pragmatic approach that looks at both the business need and the process before finding a happy medium.”

Meanwhile, Crompton summed up by saying that; “You have to identify what is important to the business so you are choosing process implementations that are actually going to give you the best business benefit. “You can’t boil the ocean, but you can actually slowly boil a pot at a time. Find out which parts of a framework will actually address your business needs. The good news for CIOs is that people in IT organisations have analytic competency as an innate skill.

“That should be utilised to the maximum to identify where things are wrong. It’s those conversations with the people in your organisation that will identify where things are wrong and what should be addressed. So the CIO should listen to them.

“We have two ears and one mouth so spend as much time listening as you do speaking.”

Gerard Norsa is publications editor at itSMF Australia. He can be reached at gerard.norsa@itsmf.org.au.

Copyright © 2013 IDG Communications, Inc.

Security vs. innovation: IT's trickiest balancing act