IT service management (ITSM) has been embraced as an effective and efficient way to manage enterprise-level IT stacks and the services they provide. Unfortunately, too many companies' ITSM implementations underperform because they're not audited well, if at all. Naturally, companies want to get plenty of bang for their ITSM buck, so they're seeking measurement disciplines and tools.
ITSM methodologies focus on the results produced for customers, a departure from the traditional IT systems-centric management.
"ITSM is really about the shift from managing IT as stacks of individual components to focusing on delivering end-to-end services defined by specific service-level agreements and based on best practice process models such as ITIL", said Mary Turner, vice president/practice manager at Summit Strategies Inc. in Boston.
Effectively using ITSM standards
IT Infrastructure Library (ITIL), a set of best practices for IT management, is known as the de facto standard for IT management. Some organizations use other frameworks, such as Control Objectives for Information and related Technology (CobiT) or the Microsoft Operations Framework.
The most common mistake made in trying to measure ITSM success, said Brian Brouillette, vice president of HP Technology Services, is focusing on IT practices rather than the ITSM goal of improving business operations and customer results.
In general, good customer results are born of IT practices that ensure high system and end-to-end application availability and performance, as well as low total lifecycle cost of IT operations. These IT deliverables improve customer service and satisfaction, reduce business and security risks, cuts operational costs and enable compliance with multiple regulations.
"Our general guideline is 5-10% improvement in operational efficiency in the targeted areas in year one for an expenditure of no more than 25% of the savings," Clayton said. "Year two is same improvement for 20% of savings."
ITSM measurement targets
What areas are typically targeted when measuring ITSM success? Our sources pointed to growth and value, costs, risks and communications. Marina Stedman, marketing director at ITSM solutions vendor Touchpaper Software PLC, describes the attributes of these key performance indicators (KPIs):
- Growth and value: Track revenue growth against IT investment and utilization, and examine the link between IT investment and business strategy.
- Costs: What costs were avoided or reduced? Did you adhere to your budget? How well did you re-use and share services related to infrastructure, architecture such as networks, customer databases, hardware, service desks, servers, middleware and security? Did you adopt and use standard IT principles? Were assets used, tracked and kept well?
- Risks: Determine the results of risks taken or avoided, in terms of IT continuity and availability; access management; security management; integrity and accuracy of information; people risks, staff turnover and retention; and disaster recovery processes.
- Communications: Gauge the value and volume of your communications, looking at customer satisfaction and feedback; customer awareness and knowledge.
In-house ITSM auditing
Identifying KPIs was an important step in developing an in-house ITSM auditing process, said Sherri Young, director of service management at hosting firm Data Return LLC in Irving, Texas. "With those, we have created a management dashboard, a very quick way for an executive and management to look across our business and see the measurements for the key performance indicators across each functional area and service area. From this, they can determine which processes are in a green, yellow or red status area."
Identifying KPIs and acquiring the tools to measure and analyze them requires in-house expertise. Young recommends that ITSM team leaders get ITIL Foundation certifications, regulated by the ITIL Certification Management Board (ICMB).
"A company can't be certified, only individuals," Young said. However, an organization that has implemented ITIL guidance in ITSM may be able to achieve compliance with ISO/IEC 20000, which Clayton describes as a rapidly maturing international standard for ITSM.
Third-party ITSM auditing options
Data Return didn't get its ITSM analysis game together overnight. The company has hired Hewlett-Packard Co., its ITSM solutions vendor, for two audits and learned much from that experience.
"They analyzed our management processes in all the ITIL areas and gave us the score card," Young said. HP ranked Data Return's ITSM on a process maturity chart with a one to five scale "Their assessment gave us specifics about what we needed to correct and told us where we were getting better."
Most ITSM software vendors, such as IBM, HP, BMC Software Inc., Touchpaper, and CA Inc., have created suites of ITSM analytics, dependency mapping and service-level monitoring tools and services, Turner said. Each company has its own approach.
Beware of product bias when dealing with third-party ITSM audits, Clayton said. Vendor tools usually work best with their own products. "Some are more limited than others," he noted.
Future of ITSM audits
A lot of the guesswork in ITSM audits will be gone in a couple of years, our sources say, thanks to the maturation of ISO 20000 and ITSM standards, as well as the development of automated, policy-based IT management automation systems.
In the meantime, Clayton said, work slowly to build in-house ITSM evaluation metrics and improve KPI ratings, and don't let great expectations derail your ITSM programs.
Maxine Kincora is a technology writer in Berkeley, Calif. She can be reached at firstname.lastname@example.org.