Because it's impractical -- if not impossible -- to implement the IT Infrastructure Library (ITIL) in a wholesale manner across all IT processes, organizations must decide exactly where they want to begin.
Ideally, this starting point should be determined based on a careful assessment of practices and a convincing analysis of where the greatest business gains can be achieved quickly. A large percentage of IT organizations, however, have historically started with incident management. This decision has often been based on "gut feel" more than anything else. After all, incident management is what allows IT to quickly restore services to the business -- so by using ITIL to improve these processes, business should be able to reduce downtime, improve IT staff productivity and ensure end-user satisfaction.
But do CEOs really measure the value of IT based on how quickly it's able to solve problems? Will IT organizations be able to garner executive-level support for ITIL implementation based on time-to-fix and other incident management performance metrics?
Probably not. In fact, as IT performance is increasingly measured based on alignment with the business and the delivery of quantifiable business value, many IT organizations are focusing their initial ITIL efforts and investments on change management.
There are two fundamental reasons why change management is increasingly the initial focus of ITIL implementations: It can prevent problems before they occur, and it works.
Change is the root cause of many incidents
A significant percentage of the problems that threaten critical IT services have their origins in poorly executed changes. The consequences of these changes are often dire in terms of both service availability and regulatory compliance. So, instead of focusing on incident management -- which deals with the problem after it presents itself -- IT organizations are looking at change management to prevent problems before they occur.
In fact, if you don't improve the way you manage change, your IT department will be predisposed to constant firefighting. If incidents related to changes are not brought under control, IT service provisioning -- and consequently the business itself -- can spiral out of control. IT becomes locked in a deadly embrace where the number of incidents rises and each incident requires a firefight, leading to more and more incidents.
ITIL change management breaks that embrace by balancing flexibility (facilitating change) with stability (preventing changes from creating problems). Corrective measures reduce the number of incidents and IT can then drive innovation and improvements.
ITIL change management really works
Recent advances in technology have made ITIL change management more attractive than ever. For example, the evolution of the configuration management database (CMDB) has led to even more flexibility in the way IT can manage change. As a result, configuration management is maturing beyond basic IT asset inventories to a point where automated identification and definition of configuration items, relationships and dependencies is making change management and impact assessment a reality. These technologies, especially those that enable discovery and IT service mapping, will also be used to assist in the prevention and management of unauthorized changes.
Converting the nonbelievers
How can IT organizations initiate an ITIL change management implementation when factions within the organization don't believe in process-based improvement and are content to focus on the task of managing discrete aspects of technology? How can believers convert the "anti-ITILers" in their midst?
More on ITSM, ITIL
Many start by taking measures to overcome cultural and operational conflict. One effective approach is to supplement formal training with ITIL simulation workshops. These workshops tangibly demonstrate the benefits of process models when dealing with crisis situations, such as the Apollo 13 lunar mission. So, rather than being force-fed ITIL theory without practical experience or examples, participants work together to understand how process models can improve both organizational and individual ability to deal with high-stress situations.
The most successful workshops include a diverse group of senior IT and business managers and cross-functional IT staff. Senior management representation is essential, since senior managers should be the champions of organizational change efforts. Participation from cross-functional IT groups also is important to illustrate the advantages of process-based approaches and to break down parochial thinking and technical silos.
There's actually no correct or incorrect place to start ITIL. Depending on your service delivery model and maturity, certain processes will naturally take precedence. Managing change, however, should be reviewed sooner rather than later since it is pivotal to driving continual service improvement. If left unchecked, it will bite you later -- just ask your compliance auditors.
CIOs should invest in process automation that supports change management compliance initiatives, while not forgetting practical ways of addressing the biggest inhibitor to ITIL itself -- cultural and organizational resistance to change.
Brian Johnson is one of the original authors of the first ITIL books and an ITIL worldwide practice manager at CA Inc. He has also authored more than 15 books on ITIL or related topics and is the founder of the IT Service Management Forum, a professional organization focused on IT service management and ITIL.
Peter Waterhouse, a director of solutions marketing at CA Inc., contributed to this article. Waterhouse focuses on IT Service Management and ITIL, specifically on the technology solutions that help customers accelerate and automate their ITIL implementations.