"ITIL has helped us explain the importance of IT within the overall business and it makes us a better partner in the overall business," noted Cathy Kirch, process consultant and ITIL guru at Northbrook, Ill.-based Allstate. "We're not just the geeks anymore."
The British-born ITIL is a set of systems management components detailing best practices for infrastructure, development and operations. The much-touted V3, released nearly a year ago, includes a change management section that focuses on standardizing change across both business and IT functions.
The guts for change management are there in Version 2, noted Larry Killingsworth, managing director at Pultorak & Associates Ltd., an IT consulting firm in Allentown, Pa. The same request, analysis, approval, build, deploy and feedback stages exist in V3, he added.
But the innards of V2 did not detail how a planned application change would affect both business and other IT processes, said Rob Stroud, vice president and the IT Service Management and IT governance evangelist at CA Inc. So there was room for improvement. Stroud worked on the ITIL V3 project as part of the ITIL Advisory Group and as a mentor and reviewer for some of the newly published ITIL V3 volumes.
ITIL at Allstate
Allstate's insurance business is served by a centralized IT office in Northbrook that employs 6,000 IT professionals across all functions, including application development. Among the IT community at large, nearly 800 are certified at the ITIL practitioner level. One CIO -- Cathy Brune -- oversees all of IT.
Kirch has led the ITIL charge at the company since 2004. In 2006, Kirch was awarded the Practitioner of the Year Award for ITIL, given by Pink Elephant, a consultancy firm based in Burlington, Ontario. This year, Allstate won the Project of the Year Award for its commitment and dedication to ITIL. Since 2004 the company has implemented components for Incident Management, Problem Management, Service Level Management, Configuration Management, Service Catalog Management and Request Fulfillment.
When you talk to Kirch you can tell she lives and breathes ITIL, but her overall message is clear: Each IT department must adhere to a standard set of processes to make changes in both business processes and IT transparent.
In general, V3 takes a more "holistic" approach. Kirch explained that ITIL V2 lacked the change management process specifics needed across all IT departments. Instead, it relegated change management to the service management department, which just wasn't enough, according to Kirch. "Service management people are used to negotiating contracts with vendors," she noted. They don't have the knowledge to delegate change management dictates across IT departments. Kirch saw the gap a year ago and Allstate wrote its own change management catalog in line with ITIL V3 for the company.
Using this catalog, the former geeks in IT have made changes seamless across the board at Allstate. Under V3, IT created a central database with these change processes for every department. A minor configuration change in the claims processing software doesn't trigger calls to IT because all IT personnel use the standard processes outlined in the database.
One focus of the company's 2007 project was to bridge change management processes among the application development groups and the rest of IT, explained Kirch.
For example, data center personnel can now plan for application changes and ensure that staffing is appropriate and possible effects on availability are anticipated. "On a given weekend we may have changes occurring around the database space, operating system and the transaction management systems," Kirch explained. "Knowing exactly which change is occurring on which system and at what time is critical to an advanced support environment."
Rounding up the culprits
Configuration change glitches are a big headache for IT departments, and any help at eliminating them would be welcome at most companies, noted Jasmine Noel, an analyst at Ptak, Noel & Associates LLC in New York. "Quick-and-dirty configuration changes" often cause performance and availability problems that make users pull their hair out, Noel added in an email exchange.
But these days, the "culprit" is more likely to be wearing a $1,000 suit, and not the guy down in the data center. More changes that affect IT processes are being made by people on the business side than ever before, Stroud said.
At a bank, a business analyst may adjust a table with interest rates and put the decimal in the wrong place. Before change management, "you might end up with some very happy customers seeking loans for as long as two hours," Stroud said. With current change management systems, that mistake would be discovered in two seconds. An approval and verification process would be triggered and the mistake would be caught, he added.
Automation is the real goal, Stroud said. "The real winner for the CIO is automation. When he can make a commitment to management levels that the work is being done consistently with the proper validations, then he is providing quality and peace of mind."
Let us know what you think about the story; email: Sarah E. Varney, Technology Editor