Developing the Business Case for ITIL

info@evergreensys.com 571.262.0977
July 11, 2006

Table of Contents
I. Executive Summary .......................................................................2 II. Leveraging ITIL for Quality Gains and Cost Reduction...............2 III. Todays Market Value of ITIL .....................................................3 IV. ITIL and Its Business Drivers ......................................................4 V. Developing an ITIL Strategy.........................................................4 VI. Incident and Problem Management............................................6 A. Incident Management ....................................................................6 B. Problem Management ....................................................................7 VII. Change, Release and Configuration Management ....................9 A. Change and Release Management ..................................................9 B. Business Process Re-engineering ....................................................9 C. Change Management Lifecycle Improvements................................ 10 C.1. Change Management Planning................................................... 10 C.2. Change Management Approval................................................... 11 C.3. Change Management Execution ................................................. 12 C.4. Change Management Review..................................................... 13 D. Configuration Management .......................................................... 14 VIII. Service Level and Financial Management............................. 16 A. Service Level Management ........................................................... 16 B. Financial Management ................................................................. 17 IX. Capacity, IT Service Continuity and Availability Management 18 X. Conclusion .................................................................................. 19

Developing the Business Case for ITIL

A Step-by-step Guide to Developing the Business Value for ITIL and IT Process Improvement

I. Executive Summary
This document is designed as a tool to assist in the development or improvement of a business case, specifically focused on uncovering the business value in the implementation of ITIL and other IT process improvements. IT executives struggle to improve service quality, reduce complexity, reduce risk, lower the cost of operations, manage compliance and reduce the burden on an overtaxed IT workforce, many without a cohesive strategy for doing so. ITIL is not a strategy, but it can provide a clear framework for a logical strategy to simplify and streamline the enterprise work of IT. A number of data points taken from current research and enterprise IT process improvement case studies consistently document a 20-40% reduction in the effort required for ongoing IT operations, powered by the implementation of ITIL process improvements. The same research clearly links ITIL with strategic gains in customer service quality, accuracy and efficiency while reducing IT risk and easing compliance management burdens. The development of an ITIL strategy is discussed and an incremental approach, which starts with small steps but shows measurable gains quickly, is recommended.

II. Leveraging ITIL for Quality Gains and Cost Reduction

IT executives today are under increasing pressure to reduce the cost and complexity of IT, while increasing productivity and implementing a growing number of strategic initiatives. ITIL best practices offer the promise to help IT management cope with these increased pressures from the business, but executive management is only willing to invest in initiatives that have clear business value. The Information Technology Infrastructure Library (ITIL) defines best practices for running IT more effectively at the enterprise level, assisting IT management in developing consistent processes and procedures across technical silos. In the U.S. alone, there are more than 200,000 IT staff who have gained ITIL certification, with the number doubling each year.

So it is no surprise that an increasing number of IT executives are looking to ITIL to help relieve overburdened IT staff and increase efficiencies. Nevertheless, executive management is unwilling to fund any initiative in this competitive environment that cannot be reinforced with clear, documented value, a business case and a return on their investment.

III. Todays Market Value of ITIL

ITIL essentially re-engineers the services provided by large IT departments from the perspective of their customers, eliminating unnecessary duplication of effort and presenting a consolidated set of consistent service offerings to end users. Reported gains include: A 30% overall efficiency gain, from research conducted by IDC with 11 different Global 2000 organizations from different sectors and geographies. 1 Specific gains include: o o o o o o o o o o Incident management and help desk support: 40.5% Managing and supporting servers: 30.9% Change management: 28.4% Managing and maintaining network infrastructure: 23.1% Maintaining configuration database: 22.8% Managing applications: 10% Problem management: 9.4% Service level management: 8.5% Average number of network devices controlled per FTE up 57% Average reduction in headcount growth: 12.2%

The IDC study also documented significant gains that include: o o o o o Three-year cost of investment: $2.1 million Annual cost savings and increased revenue: $14.5 million Net present value of three-year savings: $26.7 million Payback period: 11.8 months ROI over three-year life of project: 422%

A $500 million savings from Proctor & Gamble, as well as a 6-8% reduction in operating costs and a 15-20% reduction in technology personnel. 2 A 25-35% reduction in time required to process changes across the infrastructure, a 39% reduction in systems abends and a 75% reduction in ongoing compliance workload from Food Lion, an 1,100-store grocery chain, working with Evergreen Systems. Gartner research also surveyed 350 senior IT executives in 2005 and determined that There was a strong positive correlation between those not using ITIL, and the degree to which respondents felt their infrastructure was under-funded.We believe
1

Determining the Return on Investment from Deploying Integrated IT Service Management, IDC, April 2006. 2 Introduction to ITIL: Early US Adopters Show Business Value, EnterpriseLeadership.org,
Elizabeth Ferrarini

this reflects their focus on creating a service driven organization, the need to be competitive and greater maturity. 3 Clearly, enterprise clients in all commercial sectors are beginning to harvest and document the cost reductions and efficiency gains yielded from ITIL and other IT process improvement projects.

IV. ITIL and Its Business Drivers

In a recent survey conducted by Evergreen Systems on ITIL Maturity Benchmarks, 54% of respondents reported budgeted approval of ITIL projects, and an impressive 77% point to service quality as the top business driver of ITIL efforts. However, 72% reported that the biggest barrier to ITIL adoption is organizational resistance. So what do these findings mean? 4 Service quality is the primary driver behind ITIL initiatives, yet there is still overwhelming organizational resistance to the change required to implement ITIL. To overcome this resistance, powerful justifications must be presented to improve service quality and financially justify ITIL investments. The drivers of those justifications surfaced in the same ITIL Maturity Benchmark study: Of those surveyed, 93% have a mandate to drive down cost (staff) of operations (70-80% of the budget) and increase funding/time for increasing strategic projects (25% of the budget), but dont have a plan to do so. Improving service quality is a CIO-level strategic goal. Compliance needs are being met, but the effort to do so is very high and primarily reactive. IT operations staff is lean and demand is still rising. There is genuine concern around losing top IT staff to burnout.

These results make an important point. If demand and complexity of operations continue to rise in IT, so will the workload. If IT operations is currently lean, then working harder is not the answer, and ultimately, customer service quality will fall and good staff will leave. ITIL process improvements present senior IT management with an opportunity to improve efficiency, reduce IT workload and control costs by 20 to 40%. This document presents a clear strategy and plan for achieving those improvements.

V. Developing an ITIL Strategy

Once a company has determined that an ITIL approach warrants further investigation, it is key to understand the nature of an ITIL transformation, the logical steps for implementing ITIL and the business value that it will drive. The best practices of ITIL can be applied incrementally in a phased approach, but that approach must be guided by an overall strategy and plan that maps to the 11 ITIL disciplines that define the delivery of IT services enterprise-wide.
3 4

The Information Technology Infrastructure Library Improves Infrastructure Investment,

Gartner research, June 9, 2006

North American Information Technology Infrastructure Library (ITIL) Maturity Benchmark Study, Evergreen Systems, April 2006

To be successful, all of IT must adapt to a common, synchronized way of delivering its goods and services to simplify and accelerate the work. This can be challenging, because many IT organizations are currently organized around technology silos and are not well adapted to driving common process across these disciplines. ITIL is an organizational transformation activity, which can take a long time to execute. Success comes from transforming the work of IT from silos of technical activity to operating as one IT enterprise. The key challenge is organizational change, that is, getting people to change the way they work. Development of an ITIL strategy is not unlike the development of any organizational change undertaking in a large organization, and a well-validated approach to this has been documented by John Kotter. 5 Establishing a sense of urgency Creating a coalition Developing a clear vision Sharing the vision Empowering people to clear obstacles Securing short-term wins Consolidating efforts Keeping the effort moving forward Anchoring the change These changes all require executive support, long-term funding and an overall business plan. ITIL programs that do not have a clear strategy at the start are most likely to show little or no business value, as their organizations will resist the necessary changes. Building a high-level strategy and plan can be done in a few weeks at a modest cost with outside consultants (like Evergreen) who specialize in this kind of activity and can then be used to determine if the business case justifies moving forward. Businesses undertaking this activity on their own can use this approach to discovery and leverage ITIL best practices to document business value. Most programs begin by focusing on one or two programs that illustrate clear need and then begin to apply ITIL best practices while also improving a key part of ITs business. This is an excellent way to limit project risk and the duration of the initial phase and maintain a reasonable scope. Success in this first, limited phase then garners support, builds consensus, gets executive buy-in and usually provides a logical set of activities for the next phase. What follows are key questions and areas of focus, by each ITIL area, which can assist in building high-level business justification for improvements in that area. Although this is by no means a one-size-fits-all approach, this general path has started many organizations onto the path of broad-based IT process improvements.

A Force for Change: How Leadership Differs from Management, John Kotter, 1990.

VI. Incident and Problem Management

ITIL improvements in service support, particularly with incident and problem management, tend to be easiest and fastest to achieve in that they focus on the help desk function, which lends itself to the collection of metrics. Improvements in processes and supporting technologies can show significant gains in efficiency, quality of customer service and reductions of call volumes and downtime. A. Incident Management Incident management affords the opportunity for the collection of metrics around functions like detection and recording, classification, diagnosis, resolution and recovery and closure. Gains areas can be uncovered through interviews with help desk staff. A good approach is to review the top five incident types from three perspectives. Criticality of impact to the business Call volumes Highest cost to resolve Analysis of the data gained below outlines areas for gains in: Efficiencies Process simplification and improvement Service quality improvements Matching workforce with demand loads Applying effort commensurate with incident value Restoring service more quickly.
Incident Analysis Table

Review incident workflow for each type of incident to determine if appropriate for the value of the incident type. Interview the help desk staff asking: o o o o o What would they change? What are their frustrations and why? Have there been achievements? What activities are seen as no value added? Are incidences classified logically and simply?

Has anyone in Incident Management been ITIL Foundation trained? o o How have they applied what they have learned? If they could change anything, what would it be?

Review Service Level Agreement commitments. o o o Are they appropriate for the incidences that they cover? Are they met effectively? If not, why not? What change needs to be made? Review incidences processed per help desk workstation in general.

Review staffing levels mapped against incident volumes over time: o Analyze call loads, staff and resolution times to determine under or overstaffing. Can service level commitments be modified to match staffing more effectively? Is the organization overstaffed or understaffed?

How are service level expectations formulated and communicated to the customer base? o How are results communicated?

Review the latest customer service surveys in light of efforts above. o o o o What are the top three to four areas of improvement identified by the customers? What has been done about them? What adjustments can be made to improve customer service quality? What tradeoffs, if any, become apparent?

What remote diagnostic and resolution tools are in use? o o How effective are they? Are they applied consistently? Given a working knowledge of current technologies in this area, what might be applied or used more effectively and what gains would come from this?

How are self service and user self help knowledge tools used? o Might they be improved based on what is learned above?

If used, how have self service and diagnostics aids reduced incident volume? o o o Have they increased first call resolution rates/decreased end-user down time? What do end users think of these? Which, if any, has been most successful and why? What additional applications of these technologies would be valuable?

Are high-volume, recurring incidences being transferred to problem management for root cause analysis? o o Are high-impact incidences being transferred to problem management? How has the problem management process improved the incident management process? If not, why not?

B. Problem Management The goal of Problem Management is to minimize adverse effects of errors in the infrastructure and to prevent the occurrence or minimize the impact of errors, incidences and problems. This is done by either eliminating the root cause or developing a reasonable workaround. Typical activities include identifying, classifying, investigating and eliminating or minimizing the problem by eliminating or

minimizing the root cause. ITIL defines Problem Management as having both reactive and proactive sides, with reactive being driven by Incident Management and proactive being driven by the identification and resolution of problems before incidences occur. Most potential for gain will be uncovered by discussing the Problem Management process with those involved and by analyzing resolution effectiveness for identified problems. Review the top 10 problems analyzed by criticality of impact to the business, volume of incidences and highest cost to resolve.

Problem Analysis Table

What are the top 10 problems resolved through root cause analysis? o o o How were they classified and selected? What was the number and impact of relevant incidences prior to resolving the problems? What was the value of resolving these problemsavailability, service quality, accuracy, work reduction, risk reduction?

What are the top 10 problems pending resolution through root cause analysis? o o o Why are they pending? What are the number and impact of relevant incidences? What is this costing the organization? What was the value of resolving these problemsavailability, service quality, accuracy, work reduction, risk reduction? What will it cost to address the problems?

Review problems at a high level by status, service type, customer impacted, type of problem, etc. Analyze by logical grouping for broader root cause issues such as: o o o o o o A class of software that does not meet our quality standards An overly complex systems approach that is unreliable Poor development discipline in a particular organization Lack of effective training in application functionality undermining the business value Poor technology standardization undermining reliability Poorly developed support processes for a given class of system

Analysis of this data should complete the circle begun with Incident Management, shedding light on the value and opportunity to deliver various levels of service and to: Restore service more quickly Align staff and costs with value, to focus on key service quality improvement areas Reduce operating risk

Improve systems usability Simplify processes Capture efficiency gains Improve end-user service level management (by setting appropriate expectations and delivering to those) Assign business value to projected improvements and compare projected cost of improvements with the business value to determine whether investment in this area is justified.

VII. Change, Release and Configuration Management

Success with ITIL improvements in the areas of change, release and configuration management presents a greater challenge in that these areas ultimately impact all of the IT organization. This significantly raises the degree of organizational change required and touches many silos of existing processes. A. Change and Release Management Since Release Management is at the highest level a type of change, Change and Release Management will be grouped together into one category. The goal of Change Management is to ensure that standard approaches are used for all changes made to the IT infrastructure, yielding efficient and accurate outcomes. Change Management controls changes to all Configuration Items (CIs) and follows a lifecycle approachPlan, Approve, Execute, Review. At a higher level, change is the workflow engine of IT. It links customer requests with outcomes end to end through IT. Typical activities in the lifecycle of change management include:

Planningproposing a change; justifying the need, identifying the business benefit and assessing the impact, risks and costs associated with the change. Approvingreviewing and validating the proposed change and ensuring impacted entities have the opportunity to provide feedback. Executingmanaging and coordinating the change and ensuring correct completion. Reviewingreviewing change outcome and impacts; evaluating lessons learned, if applicable, and closing the change request.
Most potential for gain in Change Management comes from re-engineering and automating high-volume IT workflows (changes), viewed in two ways: Basic re-engineering of key, high-volume IT workflows. Key improvement points in each of the four phases of the Change Management lifecycle. B. Business Process Re-engineering Classic Business Process Re-engineering efforts show the greatest gains when looking at workflows that are more complex (have a greater number of steps and approvals) and cross three or more areas (silos) in going from start to finish. Organizations that have not base-lined and re-engineered the top five to six highvolume workflows in IT can see efficiency gains of 25-40%.

To provide adequate evidence of the value of re-engineering, select three highvolume workflows crossing three or more areas. Examples may include IT security approval processes, medium-level software programming changes (such as 20-40 hours of code development), IT procurement actions, server operating systems or database upgrades. Using a spreadsheet, interview those involved from end to end to create the as-is process state. Review the workflow for unnecessary steps, duplicative activities, excessive manual activities, excessive delays and rework caused by inaccuracies and errors due to poor end-to-end understanding and communication. Build the desired state by devising the most simple, streamlined approach to meet the business requirements and assume the use of basic Change Management technology to automate communications and workflow. Measure the expected change in efficiency and elapsed time. In practice, simple workflow end-to-end redesign can be done in a working session with the relevant parties. By facilitating discussion of the current state and its drawbacks, it is relatively straightforward to build the desired state, step by step, as the current state is being documented. Additional refinement of the desired state can be done after the working session. C. Change Management Lifecycle Improvements Key improvements can also be found in the four phases of the Change Lifecycle Plan, Approve, Execute and Review. A great deal of IT time and energy goes to Change Management execution. For most organizations, there are valuable opportunities for improvement in other areas that are often overlooked. C.1. Change Management Planning Most potential for gain in this area will be uncovered by discussing the Change Planning process with those handling the IT change requests. Typical improvements come from raising the bar for change approval (saying no to changes that are not justified), empowering those requesting the change to plan it, matching level of effort in change planning with the materiality of the proposed change, and clarifying and communicating expectations related to change submission completion and lead times. The table below should assist in analyzing the Change Planning process for improvement opportunities.
Change Management Planning Analysis Table

How many different types of changes are there; how are they grouped? Is there a process to group changes into five or six types, based on risk and materiality (cost and business value)? o If so, is there a reliable process for ranking changes that is not self selected by the requestor?

Have change requestors (users) been empowered through some type of self service function to create and submit change request packages? o Are there clear submission guidelines and change lead times based upon the risk and materiality weighting of the proposed change? Have these been well communicated?

10

What percent of change requests have errors or lack appropriate support and must be returned for rework? What percent of change requests are non standard for lead time? (Short notice or emergency changes arising from lack of advanced planning.) What percent of change requests are rejected based on not meeting minimum business justification levels? What backlog of change requests exists at this stage? o o How does it break down by change request type? What should the level be, and what impact does it have on the business, if any, at the current level?

General Improvement Questions: o o o o Ask staff what they would change, if anything? What is most frustrating in their jobs and why? What achievement(s) are they most proud of? What activities do they see as adding no value?

C.2. Change Management Approval Most potential for gain in the Change Management Approval area will be uncovered by discussing the Change Approval process with those handling the IT Change Approval process. Typical improvements come from streamlining and routing approval processes based on risk and materiality, reducing approval activities by screening out unqualified requests, reducing time required by standardizing and improving the quality of the requests, and planning work more efficiently by raising compliance with submission lead time standards.
Change Management Approval Analysis Table

Are there different levels of approval process and oversight? o If so how are the levels defined? Are they directly linked to the change planning activities? o Does the level of impact analysis vary with the risk or materiality?

What percentage of change requests are rejected at the Change Advisory Board level? o What are the top three reasons for rejections? Incomplete? Undetermined risk? Poor impact analysis? Lack of business value? o What are these rejections costing the business?

What percent of change requests reviewed for approval are non standard for lead time? (short notice or emergency changes arising from lack of advanced planning) o What are these emergency requests costing the organization?

What percentage of change requests are reviewed by the Change Advisory Board that are not worthy of their involvement? o How do these submissions get to this level?

11

Does this create risk by limiting the time available to review truly critical change requests?

What backlog of change requests exists at this stage? o o How does it break down by change request type? What should the level be, and what impact does it have on the business, if any, at the current level?

General Improvement Questions: o o o o Ask staff what they would change, if anything? What is most frustrating in their jobs and why? What achievement(s) are they most proud of? What activities do they see as adding no value?

C.3. Change Management Execution Most potential for gain in the area of Change Management Execution will be uncovered by discussing the Change Execution process with those doing the work and passing it from silo to silo. Typical improvements come from streamlining and reducing complexity by grouping similar workflows and reducing them to a manageable number. For example, all server upgrades are essentially the same, yet many organizations have completely different workflows for each type of server platform. Executing via common workflows makes the work of IT less customized and more replicable. Gains in efficiency, simplicity, accuracy and service quality are common, along with reductions in cost and risk. These improvements come from: Filtering approval processes based on the risk and materiality of the proposed change Reducing approval activities by screening out unqualified change requests Reducing work time required by standardizing and improving the quality of the requests Planning work more efficiently by getting staff to comply with change submission lead time standards Key questions to uncover business value are included in the table below.
Change Management Execution Analysis Table

Which, if any, high-volume activities have been grouped into common workflows? Which, if any, workflows have been redesigned (at the enterprise level) and automated in Change Management? What backlog of change requests exists at this stage? o o How does it break down by change request type? What should the level be, and what impact does it have on the business, if any, at the current level?

What percentage of changes were emergency? o For non-emergency changes treated as such, what was the cost to the

12

business to handle these? What was the root cause?

General Improvement Questions: o o o o Ask staff what they would change, if anything? What is most frustrating in their jobs and why? What achievement(s) are they most proud of? What activities do they see as adding no value?

C.4. Change Management Review Most potential for gain in the area of Change Management Review will be uncovered by discussing the Change Review process with those performing the review work. For most organizations, effective change review is the most neglected change activity. Changes that do not fail, but dont perform well for some reason or other are rarely reviewed. Changes that fail during execution or illustrate themselves as software failures are obvious and should be considered separately. More subtle changes need to be examined separately and root causes examined. Changes that cause serious failures, often evidenced by unplanned downtime or worse, usually do receive in-depth analysis. These often result in major systematic course corrections, but only after the fact, when high costs have been incurred. Red flags should go up for changes that fail during initial execution, but more subtle changes should be investigated thoroughly as well. Many IT organizations operate reactively and thus ignore these more subtle changes, spending the majority of their time on reactive analysis. Typical improvements come from better change review activities that reduce the number of failures and also reduce the number of changes that fail in execution, thereby reducing the number of near failures. Questions for analysis of the Change Management Review function are listed in the table below.
Change Management Review Analysis Table

Review the failed changes and the changes that caused failures in a given period by type, risk, materiality and configuration item (CI). Consider: o Which changes failed and had to be reversed? Review root causes and actions taken o Which changes caused system failures? Review root causes and actions taken o Which changes consistently take longer than projected; why? Is there an unrecognized risk here? o o Review cost and risk to the business for all of the above. Consider incident volume related to these changes to help determine impact to the business. For any CI with a high percentage of changes, was deeper analysis performed? If so, what were the findings?

13

What percentage of changes were emergency and high-risk changes? o Review root causes and actions taken

Analysis of the findings in Change Management from the perspectives of basic reengineering of key, high-volume workflows and key improvement points in each of the four phases of the Change Management lifecycle should point out clear opportunities for business value improvement. These include improvements in service quality, efficiency, accuracy and agility and reductions in risks and costs. D. Configuration Management According to ITIL, Configuration Management provides a logical model of the IT infrastructure by identifying, controlling, maintaining, and verifying the version of all Configurations Items in existence. A Configuration Item (CI) is defined as a component of the infrastructure. All the detail and relationship information about CIs is stored in a repositorythe Configuration Management Database (CMDB). All ITIL processes access the CMDB, which is fundamental to consistency across ITIL processes. One can think of the ITIL Service Management processes as IT workflow and the CMDB as an information store. Workflow accesses the information store to plan and execute more effectively. Many organizations are working on CMDB functionality today, but few have an operational CMDB. If there is no CMDB baseline today, then how can one assess the potential value of a CMDB in the organization? The answer lies in assessing the following: Improvements related to IT asset effectiveness. Improvements in effective Incident and Problem Management. Improvements in Change and Release Management. Providing source data for compliance activities In most cases, the CMDB will be a superset of IT asset management information, and as such, analysis can yield useful information from classic IT asset management queries. The table below can assist in that assessment.

Configuration Management Execution Analysis Table

Do we have an accurate IT hardware and software discovery capability? Have we reconciled discovered software assets with significant software license agreements? o o Have we used this information in negotiations with the vendor? Have we gone a step deeper and reviewed license use by user?

Have we done the same for hardware assets? Have we done the same for telecom assets/circuits? Have we done the same for outsourced relationships where pricing may be based in part, or in whole, on some asset count? Have we used this data to reconcile insurance and property tax costs?

14

Have we reconciled assets with department managers to recover underutilized assets? Is the data being used in chargeback system by department?

Many organizations are fairly advanced in IT asset management practices and have recovered millions of dollars by eliminating unnecessary expenditures. Good snapshot areas include comparing the number of knowledge workers with the number of PCs owned and the number of servers per employee in the organization, benchmarked against others. Especially close attention should be given to expensive enterprise license agreements and their degree of use. Insight gained from this area can help assess the potential value of improvements. IT staff that provide level 1-3 support can be valuable resources in this area, as they understand the value of having asset and configuration information at their fingertips during incident diagnosis. The table below can assist in this analysis.

Asset and Configuration Management Data Analysis Table

What are the top three to four incident types that could be resolved more effectively by having asset and configuration data easily available? o o o What is the cost of not having this information? How are these resolved? What volume of incidences does this affect? For these incidences, what is the end-user downtime impact?

Is lack of asset/configuration information the root cause of any problems today? o o Could effective asset data eliminate any common types of incidences? What would be the value of this?

Potential improvements in the Change and Release Management processes include reduction of systems failures, reduction in failed changes, reduction of risk and improvements in efficiency, accuracy and service quality. Gains could come in all phases of Change and Release Management, including planning, approving, executing and reviewing changes and releases, as well as the core re-engineering of the high-volume workflows. In each Change Management activity, there should be an analysis to determine what asset and configuration information would improve the speed and accuracy of the activity. For most organizations, informal repositories of asset and configuration data are maintained in each technical silo, with varying degrees of accuracy. The cost of the maintenance of these multiple repositories should be explored, as well as impacts and failures that may arise form inaccurate data. Most change failures are self inflicted and caused by the unintended consequences of changes. For many of these failures, the root cause of the failure is an inability to accurately understand the true impact of a proposed change. The root causes of all change and system failures should be examined, and a determination should be

15

made as to which of those could have been prevented by accurate impact analysis. The costs of these failures to the business should be calculated and presented as part of the business case.

VIII. Service Level and Financial Management

A. Service Level Management According to ITIL, the goal of Service Level Management (SLM) is to maintain and improve IT service quality by establishing and monitoring performance commitments, in line with business or cost justifications. Many organizations set goals in this area, but struggle to achieve any consistent performance against them, as the processes and data supporting the measurements are not complete or reliable. Establishing goals in SLM without the ability to perform effectively against them can actually hurt customer service ratings, as expectations are raised and then not delivered against. Most potential for gain in SLM will be uncovered by discussing it with the people who negotiated the Service Level Agreements (SLAs) and those who work to deliver services under the requirements of those agreements. The most basic efforts in SLM can create fairly significant business value if the effort is made to analyze the agreements and their administration. Many organizations have only begun to leverage the gains presented by analyzing SLM and funding those projects. If no SLAs exist, proceed on to the next section, as the table below is meant to assist in analyzing SLM policy and SLAs. When reviewing the table below focus on the policy of SLM and the top three to four SLAs.

Service Level Management Analysis Table

What is our SLM policy, and why and how was it developed? o o What adjustments have been made to it since its creation? Why? What is the greatest opportunity to improve it, and why? What value can be derived from it, and how might it be measured?

What are the top three SLAs, and why are they most important? o o o o How was the value for SLAs derived? What have the results beenpositive and negative? How have these helped the business? How has the business measured these improvements? What unexpected benefits, if any, have come from using SLM?

What additional SLAs would be useful and why? o How might they add value to the business?

Have customer satisfaction surveys been reviewed against SLA goals and outcomes? o o What has been learned and how can it be applied? Has Problem Management data for root cause issues and the way in which it affects SLAs been reviewed? How recently?

16

Are reviews with customers regularly scheduled, and do those reviews update and align the SLM process with what matters most to the business? Has the SLM portfolio been reviewed against the businesss ability to deliver recently? o o o Was this done in light of peak demand periods rather than just average demand over time? How are business critical SLAs reviewed against other SLAs? Are variable response times offered at different cost points? If not, should they be? Is response time being evaluated against value delivered?

General Improvement Questions: o o o o Ask staff what they would change, if anything? What is most frustrating in their jobs and why? What achievement(s) are they most proud of? What activities do they see as adding no value?

B. Financial Management The goal of Financial Management is to provide cost effective stewardship of the IT assets and resources used in providing IT services. ITIL takes this concept further, to include resources used in providing IT services. Financial Management provides the essential management information to ensure that services are run efficiently, economically, and cost effectively. Services usually involve people, processes and assets. This information enables us to effectively: Account for and control ITs expenditures Attribute costs to the appropriate users Plan and make decisions regarding current and potential new IT services Provide a reasonable business approach to cost recovery for the purpose of chargeback. While reviewing the data in the table below, it would be useful to also consider data gathered in Incident and Problem Phase 1 and Change Management Phase 2. For asset effectiveness, refer to data gathered in Configuration Management Phase 2. For balancing service levels and costs refer to data gathered in SLM, in the previous section.

Financial Management Analysis Table

Is there a system for recovering costs from customers? o o How has it added value to the business? How has it improved the management of IT? Has it helped balance the demand for IT services with capacity to deliver in any meaningful way?

17

Has it identified services of little or no real value? o What action has been taken as a result?

Does it give customers more choice in actively managing their IT costs? What is the customers level satisfaction with this system?

What are the top three improvements that should be made to it and why?

What has been done to identify the actual cost of delivering key services? o What are the lessons learned and how has the business benefited from this learning?

What actions have we taken to encourage efficient use of resources by customers? o o What are the lessons learned, and how has the business benefited from this learning? What services are being provided at no cost? Which services are most abused by ITs customers, i.e., by duplicating ITs efforts? What are these services costing the business in aggregate? Is there a mechanism that could be used to encourage more customer efficiency?

What actions have been taken to influence customer actions, such as providing incentives to use non-critical resources? Have IT costs been analyzed over specified periods of time, i.e., days, weeks, months, quarters, etc.? o o Lessons learned? Has the cost structure been designed for peak levels only, or has variability been built in? Has variation for essential and non-essential services been built in?

How has financial data been used in capital planning and tradeoff analyses? o o o How did it help the business? What other opportunities for gain in this area might be unexplored? Have full lifecycle costs of classes of assets and systems been examined, (including software, hardware, maintenance, programming, support, staffing, training, integrations, upgrades, etc.) in making upgrade and replacement decisions?

IX. Capacity, IT Service Continuity and Availability Management

The goal of Capacity Management is to understand future business needs, the organizations current service delivery load and the current infrastructures ability to deliver and ensure current and future needs are cost effectively met.

18

The goal of IT Service Continuity Management is to ensure that the IT technical and service delivery functions are recoverable to an operational state, within agreedupon timeframes, in the event of unforeseen circumstances or events. The goal of Availability Management is to ensure that the IT infrastructure can deliver cost-effective, sustained levels of overall availability that meet the needs of the business. Capacity, Service Continuity and Availability are all critical IT areas and are rising in complexity and risk as Service Oriented Architectures, Web Services and the virtual data center concepts proliferate. However, for purposes of brevity, those disciplines will be addressed in a separate document.

X. Conclusion
ITIL is a set of best practices for managing and delivering the services of IT and is independent, worldwide and has a large body of practitioners. It provides a common language that allows IT professionals to work together more effectively. There is a great opportunity today to run IT more successfully through simplifying and streamlining ITs work and standardizing those workflows across the enterprise using ITIL. Any complex, high-volume work process that has never been base-lined and re-engineered is ripe for improvement using ITIL. Common sense and solid evidence point to returns waiting those willing to undertake the efforts. However, the value of ITIL lies only in how its principles are leveraged to improve the business, which is an enterprise-level transformation activity. Although some ITIL efforts may fail due to an over-reliance on the power of supporting technologies and blind faith in the strategic value of ITIL (without strong business value underpinnings), those fueled by a step-by-step plan with proven value in each phase and a well articulated, compelling, shared vision and strategy are bound to succeed.

19