For the first time since creating the Information Technology Infrastructure Library more than 20 years ago, the U.K.'s Office of Government Commerce (OGC) has officially endorsed a compliance framework to audit vendor products, documentation and processes against the published best practices of ITIL (versions 2 and 3). The compliance scheme will be managed by the OGC's official accreditor, APM Group Ltd. The move seeks to create a formal, recognized ITIL tools standard to make technology investments easier, though other organizations already offer similar services.
The new audit service is a joint venture between Aspect Group Inc. and Service Management Consultancy Ltd. (SMCG). SMGC will perform the audit service in accordance with the compliance standard. The OGC has approved the use of an ITIL trademark, under license to the joint venture for award to compliant vendor products.
As the cost of technology investments continues to rise, an integrated approach eliminating application redundancies and offering more than just a point solution, as well as a set of compliance standards to measure ITSM products against, is increasingly becoming fundamental for IT buyers.
While some organizations, such as Pink Elephant and Gartner Inc., have offered informal ITSM verification services for years, the OGC endorsement program gives vendors of IT Service Management products an official standard to meet.
Though midmarket businesses may not have many resources to deploy ITIL, those that seek third-party tools may be able to compare offerings more easily if they have all been vetted against the same IT tools standard.
"Some tools claim to be supposedly aligned to ITIL. Having a standard to audit against and providing consumers with a place to check for this information will make purchase decisions easier," said Sharon Taylor, the chief architect of ITIL v3. Several vendors have already applied for the OGC endorsement, she said.
Getting the most out of ITIL-compliant solutions
From one customer's perspective, purchasing ITIL tools that have been verified or certified by a third party is a no-brainer. Larry Granger, former CIO and current senior executive for business development at TechTeam Global Inc., said it's mandatory. In 2005, after one year of research, Granger and his team chose CA Inc.'s IT Service Management and CA Infrastructure Management products, identifying the architecture as "the best overall" to meet the needs of the Southfield, Mich.-based IT management organization, which serves medium-sized and large companies.
"Any tool we would add would have to meet certain standards. We wouldn't purchase an ITSM solution that was not verified or certified unless it was for a particular niche," he said.
According to Granger, having a list of ITSM products that have already been checked and re-checked as following ITIL best practices makes choosing the proper solution that much easier. Granger said he also finds value in adhering to approved ITSM solutions when dealing with business partners around the globe -- when everyone adheres to the same quality standards, there is less of a debate when choosing tool sets and providers.
"The rest of the world is so much further ahead of us when it comes to ITSM and ITIL. It's an unstoppable and inevitable trend. When we all speak the same language in a homogeneous environment, it makes the business end run that much smoother," Granger said.
ITSM: No silver bullet?
The process for seeking ITIL compatibility verification from a third party like Pink Elephant takes six to eight weeks and involves answering questions around each process and how the tool supports and extends these processes around ITIL. It typically costs approximately $12,000.
Any tool we would add would have to meet certain standards. We wouldn't purchase an ITSM solution that was not verified or certified unless it was for a particular niche.
Larry Granger, senior executive for business development, TechTeam Global Inc.
The official OGC auditing program looks at two areas of compliance -- functionality and product documentation -- when auditing, and it also looks for accurately represented processes and functions. The IT tools standard certifications are awarded in three tiers:
- If the functionality and documentation pass required criteria, the tools receives a bronze.
- If, on top of that, upon initial inspection at least three companies have implemented that particular version, a silver level of compliancy is awarded.
- Finally, gold-level compliancy is given when three or more companies have implemented the tool and those customers have provided evidence in support of it.
At Pink Elephant, a Burlington, Ontario-based ITSM consulting firm that offers an ITIL compatibilty service called PinkVerify, ITIL-certified consultants developed the criteria used to evaluate products. These include a binary check of capabilities, a checklist of what the tool should support and process criteria statements (mandate set, integration set and the "nice to haves" optional set) followed by a usability demonstration, said Troy DuMoulin, director of product strategy at Pink Elephant.
"Service management needs integrated tools, not just tools to meet a need," DuMoulin said. "ITSM is not just thinking about a point solution. ITSM is about the service and the inner workings supporting these important processes."
Though not aligned to a formal standard, the service provides a Pink Elephant stamp of approval. "Pink Elephant is a trusted site. If we've taken a look at it and done the homework, it provides a starting place for consumers, and vendors are very supportive of this," DuMoulin said.
But ITIL-compliant tools aren't a cure-all
Business buyers need to understand exactly what a verification encompasses. Ryan Ballmer, principal consultant at Cadence ITSM LLC, has seen some interest in the marketplace regarding tool sets verified as based on ITIL best practices, but he said he's also seen instances where buyers believed that implementing a verified tool set meant they were also implementing best practices.
"I see companies attempting to avoid the process planning, implementation and management discussions and focus on the tool set as their silver bullet. This is a big mistake. … Once the tool set is implemented, their success will still be tied to their ability to manage and improve the processes these tools help automate," Ballmer said.
He also suggested taking the verification for what it is -- a way to measure and evaluate vendor claims of being based on ITIL best practices, helping to keep claims in check -- and using it as a point of reference only.
"[PinkVerify] is a revenue-generating program for Pink Elephant and helps reinforce their brand as 'the IT service management experts,' so some level of skepticism is probably appropriate here," Ballmer said.
Let us know what you think about the story; email firstname.lastname@example.org.