According to a letter written from the OGC to the itSMF discussing collaboration on ITIL development:“Ownership in this context means OGC is the ultimate authority on the content of core
Trang 1ITIL Version 3.0 –
What It Means to You
Expert Reference Series of White Papers
Trang 2A major overhaul of the IT Infrastructure Library® (ITIL®) is coming Spring 2007, and it will have a dramatic impact on the entire IT industry ITIL v3 presents an entirely new “hub-and-spoke” design with a descriptive core framework as the hub and prescriptive solutions as spokes Perhaps most useful are new implementation templates based on industry, firm size, business model, and regulatory environment that provide an impressive array of targeted solutions An enhanced descriptive core, new and more prescriptive additions, improved guid-ance on business alignment, and recent international standards approvals move ITIL from a “nice to have” to
a “must have” for any IT professional or organization If you have been putting off ITIL, now is the time to begin If you are already implementing ITIL, you should consider these new capabilities In either case, you need to understand the impact that ITIL v3 will have on the entire IT industry
ITIL version 3
The current IT Infrastructure Library (ITIL), version 2, was released in 2000 ITIL v3’s books will start shipping in the Spring of 2007, and there are some major changes ahead for the ITIL and those who use it
The goal of the new ITIL is to provide a simple-to-understand, business-aligned implementation that you can customize to your specific operational situation and IT environment New topics include: understanding busi-ness catalysts and how they produce IT strategies; how you should respond to specific busibusi-ness drivers like compliance and regulation; and how to interoperate with other standards
ITIL v3 uses a hub-and-spoke model with fundamental core concepts as the hub and specific market and industry guidance in complementary components as the spokes Because ITIL involves best practices, it can never be fully prescriptive and must always remain descriptive However, the changes do make ITIL v3 more detailed and industry directed and, thus, more prescriptive than the current ITIL
ITIL v3 will also provide significant new resources to help you “do-it-yourself” These resources include case studies, templates, and examples For instance, you can find out of how to build a service catalog or how to perform self-assessments
Reasons for ITIL v3
The UK’s Office of Government Commerce (OGC) continues to own the core guidance and the ITIL brand, but they have passed responsibility for stewardship to itSMF International (international ITIL user group)
Hank Marquis, Chief Technology Officer, itSM Solutions,
ITIL Service Manager certified
ITIL Version 3.0 – What It Means to You
Trang 3According to a letter written from the OGC to the itSMF discussing collaboration on ITIL development:
“Ownership in this context means OGC is the ultimate authority on the content of core guidance in ITIL and provides visible endorsement through use of OGC-owned brands and trademarks.”
“Stewardship means the assurance that the guidance is truly best practice through the engagement of experts
in development and promulgation.”
ItSMF stewardship is important and makes ITIL v3 truly representative of the industry and driven by input from the worldwide ITIL community The ITIL v3 refresh committee solicited and reviewed 530 written responses and over 6,000 comments—representing 80% of the countries with an itSMF chapter
As taken from the ITIL refresh publication, the top changes requested are:
1 Provide consistent structure and navigation throughout the entire library
2 Preserve the fundamental core concepts of the existing Service Support and Service Delivery books while expanding and improving upon these fundamental concepts
3 Include best practices that extend deeper into service management concepts and reflect ITIL’s relevance
to business in a more tangible way, and show how ITIL can be built into business processes and cycles
4 Provide guidance on the softer issues of organizational structures, cultural issues, and an understanding
of the interfaces to other best practices that help support effective ITIL practices in the workplace
5 Provide a knowledge management strategy to support the service management needs of business and
IT environments today and tomorrow A relatively stable core could form the base framework, and would be complemented by focused and topical material in the form of case studies, templates, subject-matter-expert white papers, implementation packages, and business cases, keeping ITIL practices current over time by sharing the wealth of community experience
6 Demonstrate and articulate value, benefits, and Return on Investment (ROI) to establish the value proposition for ITIL
7 Reflect the reality of today’s business, operational, procurement, and technical environments including the use of ITIL in multi-sourced IT environments
Other goals include: improving the usefulness and applicability of ITIL by addressing the changing needs of users as the technology base and business requirements evolve; making ITIL easier to apply; and improving ITIL’s applicability to small organizations
The purpose of the ITIL (including this refresh) as defined by the OGC is “to ensure, on behalf of all interested parties, that ITIL provides a single, coherent description of IT service management core activities and products, based on best practice, supported by high-quality qualifications and services that are consistent with the core principles of ITIL.”
Copyright ©2006 Global Knowledge Training LLC All rights reserved Page 3
Trang 4ITIL v3 Structure
Physically, ITIL will have three components: Core, Complementary, and Web The biggest changes come from its focus on achieving and sustaining Business/IT Alignment (BITA), showing value, and delivering return on investment
• The “Core” component has five books covering the lifecycle of IT services from business need to service optimization and subsumes virtually the entirety of the current Service Support and Service Delivery content
• The “Complementary” component includes specific content targeting particular situations, industries, and environments
• The “Web” component provides a dynamic resource for commonly needed and topical materials, such as process maps, definitions, templates, business cases, and case studies
The Core Component
The new Core is a set of five books instead of the current two: Service Delivery and Service Support The new core follows a lifecycle model from design to retirement This will include the key concepts and generic best practices that do not change frequently
According to Sharon Taylor, ITIL Chief Architect (ITIL version 3), the working titles are:
• Service Strategies—hub of the core; understanding and translating business into IT strategy;
recog-nizing and responding to business catalysts; selecting the best practices based on industry, regulatory environment, firm size, etc
• Service Design—IT service and architecture design models to consider, including outsourcing,
in-sourcing, co-in-sourcing, etc
• Service Introduction—how to create a transition strategy from service design and put it into the live
environment Topics include change and release management, service models, and checklists for taking designs into production (analogous to a software development lifecycle but for IT services)
• Service Operation—how to manage services in the live or production environment; day-to-day
man-agement issues; how to react to failures; how to develop and monitor metrics of quality; and how to manage the reactive elements and processes
• Service Improvement—how to improve service once deployed.
The Complementary Components
The next new section of ITIL v3 features the Complementary components, this addresses application of the generic core guidance in particular market, technological, or regulatory contexts The Complementary compo-nent will change as required, perhaps annually or quarterly A recent example is the newly revised "ITIL In Small IT Units”, which continues into ITIL v3
Other key additions relate to implementation guidelines by firm size or industry The Complementary
Trang 5compo-the Control Objectives for Information Technology (COBIT), methodology like Six Sigma, particular technology, business model, or even business driver like Sarbanes-Oxley
The guidance in the Complementary component helps you customize ITIL to suit your specific requirements It also provides guidance on interacting with various other best practices and standards A recent example of this was the white paper produced by the IT Governance Institute (ITGI) and OGC ITGI and OGC released a joint paper to explain how COBIT and ITIL should be used together to provide a hierarchy of guidance They also said the ITGI and OGC plan to continue aligning terminology and content of their practices with other prac-tices to facilitate easier integration
Going forward with ITIL v3, we can expect further integration and guidance with COBIT and other standards and best practices This guidance on integration with other standards makes choosing and implementing ITIL easier and the results more successful
The Web or Internet Components
The web component is a dynamic on-line resource that can change as often as required—just like a company web site
Content in this component provides web-based support for existing and aspiring ITIL users Examples of mate-rials include a glossary, process maps, and ITIL definitions It will also include discussion papers, role defini-tions, and case studies Finally, it will include examples of ITIL forms and agendas for meetings as specified by ITIL, such as the Change Advisory Board
Certifications
There are two broad groupings of certifications underpinned by the ITIL:
1 Professional certification for individuals
2 Organizational certification via ISO-20000 certification and audit standards
Personal Certifications
The APM Group Limited (APMG) administers the professional certification program APMG members include the OGC, the Information Systems Examination Board (ISEB), and the Examination Institute for Information Science (EXIN)
Currently there are three levels of professional certification:
1 Foundation—an entry-level qualification focused on instilling an understanding of ITIL terminology
and processes
2 Practitioner—a mid-level qualification focused on teaching how to operate specific ITIL processes
3 Manager—a comprehensive qualification focused on ensuring competence in the management,
organization, and optimization of all 10 ITIL processes and the Service Desk function
Copyright ©2006 Global Knowledge Training LLC All rights reserved Page 5
Trang 6The existing ITIL certifications (Foundation, Practitioner, and Service Manager) will remain valid, relevant, and valuable In fact, from a content perspective, the Foundation certification will remain virtually identical
While the content, concepts, and workflow remain the same, the certification programs must eventually change The expansion of the ITIL core from two books to five will require a change in training programs to accommodate the layout of the material
Lex Hendriks, Portfolio manager at EXIN international provides this statement on the EXIN website:
"The ITIL refresh will not dramatically change the contents of ITIL, and therefore the changes
in the certification structure are limited The refresh should lead to a comprehensive set of
books, suitable for not only the European market, but also for the many parts in the world
where ITIL has been embraced In the new books you will, of course, find the core concepts
and best practices These tend to be proven practices in the sense that these do not change
enormously over a period of time."
It is very reassuring that existing ITIL qualifications will not be invalidated because core ITIL principles are not changing In fact, the latest practitioner programs, for example "ITIL Practitioner in Release and Control" and
"ITIL Practitioner in Support and Restore," already follow the new terminology, philosophy, and organizational structure of ITIL v3
However, as is often the case when a certification changes, it will take a while for the certification bodies to catch up The plan is for new certifications to arrive 6 – 12 months after the delivery of ITIL v3 From a practi-cal perspective, this means within the next 12 – 18 months
This does not mean that you should put your ITIL plans and training on hold, however You should consider implementing your ITIL plans and taking your ITIL training now for the following reasons
• The OGC and ITSMF have declared that current ITIL v2 certifications will remain valid, useful, and rele-vant, so there is no reason to wait for v3
• While the core ITIL principles are not changing, the tests will change This will require significant
changes to existing training programs and re-training of instructors Current trainers and training pro-grams are very effective so taking advantage of current expertise could be a benefit to students
• The latest ITIL Practitioner certification programs, already available, reflect the changes in ITIL v3 Taking ITIL Practitioner in Release and Control (IPRC) or ITIL Practitioner in Support and Restore (IPSR) now pre-pares you for the change in focus coming with ITIL v3
• The existing ITIL underpins the ISO 20000 and 20001 standards for organizational certification, and the new ITIL will provide the same support
There is no reason to wait for ITIL v3 certification exams The new material will be virtually the same at the Foundation level, and the newly updated and currently available Practitioner cluster programs already reflect ITIL v3 to a large degree As is often the case when major changes occur to a certification, getting your certifi-cation “before the test changes” is probably a very good idea for the reasons previously listed Current
Trang 7train-Organizational Certification
Neither the current ITIL v2 nor the new ITIL v3 is a standard, and neither has auditing criteria Some chose COBIT for audits, but COBIT is not a standard either The British Standards Institute (BSI) created British
Standard BS 15000 as an audit standard, but it was not an international standard However, BS 15000 deliv-ered specifications for managing IT, implementing the ITIL, and establishing audit criteria and corporate-level certification
Although used in the UK, BS 15000 adoption was slow elsewhere in the world Then BSI submitted BS 15000
to the International Standards Organization (ISO), and ISO released it as ISO 20000 in December 2005 For the first time, IT had an international standard for auditing and certifying IT
ISO 20000 is an industry standard like ISO 9000/9001, And like ISO 9000/9001, ISO 20000 offers
organization-al certification As a standard, ISO 20000 shows IT professionorganization-als how to manage and improve IT while estab-lishing audit criteria It also provides auditors with a documented standard to use for measuring IT compliance The ITIL offers certifications for individuals; ISO 20000 is an organizational certification with international recognition This removes one of the toughest problems faced in IT today—management commitment Every senior manager in an ISO 9000-certified company knows the benefits that came from gaining that status With ISO 20000, it will now be much easier to gain “mind share” among senior management,
ISO 20000 is really two specifications, ISO/IEC 20000-1:2005 and ISO/IEC 20000-2:2005, referred to as ISO 20000-1 and 20000-2:
• ISO 20000-1 is the specification for Service Management It defines the processes and provides assess-ment criteria and recommendations for those responsible for IT Service Manageassess-ment Organizational certification uses this section
• ISO 20000-2 documents a code of practice that explains how to manage IT with regard to ISO 20000-1 audits
Both ISO 20000-1 and ISO 20000-2 derive directly from the ITIL best practice ISO 20000 groups the ITIL processes we all know into five core bundles:
• Service Delivery Processes—Service Level Management, Availability Management, Capacity
Management, Continuity Management, and Budgeting and Accounting for IT Services (Financial
Management) along with Information Security Management and Service reporting
• Relationship Processes—Business Relationship Management and Supplier Management
• Resolution Processes—Incident Management and Problem Management
• Control Processes—Configuration Management and Change Management
• Release Process—Release Management
ITIL underpins ISO 20000, so you may already understand a lot of this standard Nevertheless, ISO 20000 also includes more than Service Delivery and Service Support It includes sections on managing suppliers and your
Copyright ©2006 Global Knowledge Training LLC All rights reserved Page 7
Trang 8business as well as Security Management Grouping Security Management (previously its own ITIL book) with Service Delivery is an interesting spin It appears to foretell the changes planned for ITIL v3
As the industry progresses, the new ISO 20000 terminology is already becoming apparent The most recent ITIL Certification, the itSMF-approved Practitioner cluster certification "ITIL Practitioner in Release and Control", cov-ers Change Management, Release Management, and Configuration Management—and now you know why
Summary of ITIL v3
New certification programs based on clusters of processes; an alignment with ITGI on the COBIT best practice;
a new international standard based on the ITIL; a major re-write of the ITIL—what does it all mean? It means that a boom in ITIL adoption and a significant requirement for ITIL certification is on the horizon
Already Here
The newest certification programs from EXIN and ISEB appear to reflect the changes in ITIL v3, as does the new ISO-20000 certification and audit scheme While the official books go to print in September 2006, ele-ments of the new ITIL seem to be already here Stateele-ments from EXIN and the OGC allude to the fact that the most recent updates to certification programs are reflective of ITIL v3
More Prescriptive
The new hub-and-spoke architecture of the ITIL, along with the new certification programs based on related process clusters, foretells the movement toward a more prescriptive ITIL This version of ITIL will be easy to cus-tomize and offers specific guidance based on the implementer’s unique requirements The stated objectives of the new ITIL are clearly much more prescriptive—resolving one of the most common complaints implementers have had about the ITIL
Supports Standards and Other Best Practices
The specific support for other best practices and standards, like COBIT, makes ITIL implementation more inte-grated and focused than ever before This official guidance on interoperability takes the guesswork out of implementing ITIL within specific industry or regulatory environments Continued support for related best prac-tices will ensure the establishment of defacto IT management structures based on industry, firm size, and regu-latory environment
International Standard
The new ISO-20000/20000-1 provides, for the first time ever, a worldwide industry standard for auditing and certifying IT organizations Already, several governments have stated that ISO 20000 is to be a requirement for outsourced IT services As the industry recognizes the value of ISO 20000, more and more companies will require their partners and vendors to reach ISO 20000 certification—just as they did for ISO 9000/9001 ISO
20000 organizational certification virtually requires ITIL certification for individuals
Conclusion
As the IT industry standardizes its operations to solve business problems in the most efficient, effective, eco-nomical, and equitable way, ITIL v3 becomes a critical tool In combination with the new ISO-20000 certifica-tion and audit standards, ITIL v3 will fully blossom into the new norm
Trang 9If your organization is already ISO 9000/9001-certified, you will have a much easier time gaining and main-taining management commitment for your ITIL implementation! In addition, if you are already implementing
or adopting ITIL, there is now an international audit and certification available for organizations
The new version of the ITIL includes an impressive array of prescriptive solutions for achieving and sustaining BITA, showing value and delivering return on investment If you have been putting off ITIL, now is the time to begin implementing it If you are implementing ITIL, you need to understand these changes and take advan-tage of them The more prescriptive new additions and alignment with business drivers that ITIL v3 contains can help you accelerate acceptance in your organization
Learn More
Learn more about how you can improve productivity, enhance efficiency, and sharpen your competitive edge Check out the following Global Knowledge courses:
ITIL Foundations Certification Boot Camp
ITIL Practitioner Certification Boot Camp
ITIL Service Manager Certification Boot Camp
Our courses and enhanced, hands-on labs offer practical skills and tips that you can immediately put to use Our expert instructors draw upon their experiences to help you understand key concepts and how to apply them to your specific work situation Choose from our more than 700 courses, delivered through Classrooms, e-Learning, and On-site sessions, to meet your IT and management training needs
About the Author
Hank Marquis is Chief Technology Officer at itSM Solutions LLC, a
Global Knowledge Partner Previously CTO at Opticom, a
venture-funded producer of IT Service Management software, Hank is an
ITSM entrepreneur, practitioner, and manager with over 25 years
of practical hands-on experience gained at the U.S Government,
MCI, US Sprint, Timeplex, Compuware, and other organizations
He was an early ITIL proponent, adopter, and frequent contributor
to the ITIL community He writes the popular weekly DITY™ (Do
IT Yourself™) column, lectures on ITIL, and teaches IT executives
how to implement ITIL He has written dozens of articles; several
books; and Cisco, CompTIA, ISEB, and EXIN certification programs
He holds the highest ITIL credential—ITIL Service Manager
(Masters) certification, with distinction in Service Delivery
Copyright ©2006 Global Knowledge Training LLC All rights reserved Page 9