The new challenges of the cloud and everything-as-a-service models demand new tools, skills and IT service management practices. Future-ready practices and capabilities in people, processes, technology and business management can be differentiators for internal and external IT service providers.
Gartner FoundationalThis research is reviewed periodically for accuracy. It was last reviewed on 23 February 2016. |
From 2011 onward, ITSM practices have undergone incremental changes, in terms of newer or refreshed versions of frameworks and standards. ITIL 2011, COBIT 5.1 and International Organization for Standardization (ISO) 20000 were all refreshed.
As per ITSIO data,1 which now has a statistically significant number of data points, the current status and trends of I&O maturity (see "Infrastructure and Operations Maturity: How Do You Compare?" and "ITScore for I&O Analysis: Take Action Now to Improve Your Organization's Maturity") shows that very few I&O organizations are sufficiently mature, business-oriented and future-ready to be able to leverage the new technology and service options.
To remain relevant to the business and the organization, I&O teams have to be in sync with all the disruptive innovations in the technology space and operating/service models. ITSM and IT operations practices will have to evolve and adapt. Given the strategic value of these practices, it's crucial that I&O teams are aware of the potential next practices, and how they should prepare to embrace the future and build capabilities in these practices that will sustain them for the long term. The following next practices are based on the potential future paths of evolution of ITSM practices:
1 Rationalize metrics and key performance indicators (KPIs), and make them business-relevant.
2 Move toward business-driven SLAs, reporting, service pricing and billing models.
3 Reinvent the service part of IT service.
4 Redefine and differentiate IT services by their business value contributions.
5 Demand futuristic tool functionalities and differentiated capabilities from tool vendors.
6 Do "just enough" processes to avoid the dangers of overdoing ITIL.
7 Focus on mature and transparent change management practices.
8 Create "bright spots" to bring organizational change for service orientation and to promote the desired behavioral traits of the I&O staff.
9 Build IT service business cases jointly between internal IT teams and business functions.
10 Make a conscious, planned switch in the responses of I&O teams, from reactive mode to proactive mode.
In a presentation from one of the top-five India-based managed service providers, the leaders shared their abilities to support the constant tracking and monitoring of 120 to 140 KPIs. The question is how can they be considered KPIs if there are 120 to 140 of them? That is similar to discovering that a house is on fire, but you need 120 keys to open the door. In addition, as the IT leader in an end-user organization, if you have to keep track of 120 to 140 KPIs, then when will you have the time and energy to make money (i.e., to run IT like a business)?
Metrics is a key pain point. ITSIO results in people, process, and business management dimensions showing that the least mature attribute among these dimensions is metrics. What is not measured right is not managed right.2 Therefore, metrics is the No. 1 next practice to start with, so that you will know what to target and how to measure it best (see "How Best to Advance in IT Operations Metrics From Level 1 to Level 5 in ITScore for Infrastructure and Operations").
For ITSM and I&O KPIs and metrics, sample steps toward rationalization and business relevance include:
Internal or external service providers alike should target end-user organization's and business users' buy-in through business-relevant or business-driven SLAs and service-level management (SLM) reporting (see "Six Steps to Rationalize IT Service Costs with 'Just Enough' Service Levels Based on Business Value"). Keep internal technical metrics, such as service and network availability and uptime, for internal consumption only. Plan and take measured steps to move from fragmented technical SLAs to service-based SLAs for critical services:
ITScore data (approximately 90% below Level 3, through April 2013) shows that I&O teams are still focused more on the technology part than the service part when it comes to delivering IT as a service. Few organizations at Level 3 (i.e., those that have handled the processes well) are also looking at processes primarily for technology delivery, rather than service delivery.
To change this, fresh thinking is required in I&O. IT service must be handled as a service entity, not just a technical entity. Learning from and taking cues from traditional service industries (such as hospitality) will surely help.
For example, when rating a restaurant, it's not just the menu (i.e., service catalog equivalent) that is looked at. The overall experience is also evaluated, in terms of whether:
Therefore:
Consider that, in the service industry, efficiencies are focal points or targets at the back end, but it is experience that is the primary focus at the front end.
All best-practice ITSM frameworks, such as ITIL and COBIT, emphasize the importance of linking IT services to business outcomes, and IT service goals and strategies to business goals and strategies.
Inquiries and reviews of more than 100 different types of SLAs reveal that most IT service providers, internal or external, are still defining IT services as technical entities (such as, email, enterprise applications and sales force automation [SFA]). This technical bundling helps standardization and efficiencies from the back-end service delivery perspective, but it does not help business users or end users. For example, every email is treated the same and every application in ERP is treated the same, whereas the business outcomes supported by them can be very different. As another example, a CRM automated email communicating to a customer that his premium payment has been successful and delivering receipt notification within seconds of the payment transaction being completed has a direct business impact in terms of customer satisfaction.
Therefore:
ITOM tools have become so standardized these days that there are hardly any noticeable key technology differentiators among the multiple vendors and their offerings. For example, a lack of innovation is visible in the fact that Gartner's 2012 ITSSM Magic Quadrant had no vendors in the Leaders and Visionaries quadrants, and only two in the Challengers quadrant; most of the vendors were in the Niche Players quadrant. Similar commoditized, nondifferentiated functionalities are available in most ITOM and IT process automation (ITPA) tools that support processes such as incident management, change and configuration management, SLA management or release management, capacity planning, etc. This primarily assumes a relatively static environment and limited visibility into business value criticality and linkages. A common excuse from the tool vendors regarding this overcommoditization and lack of innovation is that they supply functionality only as demanded by end users. Therefore, it is in the interest of the end-user I&O team that it:
Do just as much as is required to address your specific organization's key pain points and changing current realities. The ultimate purpose of the processes should be to support the strategic business goals of the organization (for example, a good/efficient change management process can improve organizational agility to respond faster to changing market demands and do better than the competition).
The wrong processes or the wrong execution of processes can have far worse consequences than no processes. The wrong execution can be intentional or unintentional. Processes will fail if everything is not done with valid business value justifications in tangible or intangible, subjective or objective, and quantitative or qualitative terms. Without a business value connection, processes can be potentially misused by I&O staff as a shield to hide their inefficiencies or lack of capabilities, or as an excuse or delaying tactic for not catering to the business's IT service requirements. This will drive businesses further away from IT, rather than bringing them closer.
Therefore:
Be it for internal IT or external service providers, clients must ensure complete transparency and visibility into change effort estimation parameters, preferably factored in the contract itself, including the estimation techniques and templates to be used.
A streamlined, efficient and mature change management process should manifest itself into speedy and correct changes because the:
For change effort estimation, dependency analysis, coding, testing, transition and release management are required jointly from service providers and clients. Change management is a mutual exercise between the service provider and the client for example, if the assessment of a change request shows that it is very complex and highly risky, it has to be authorized from higher management. This may include business leadership as well, from the clients' side. Hence, this part of the workflow (e.g., getting the necessary inputs from business) needs to be expedited by the client-side IT teams. Good change management practices will eventually help not just the clients to get the best value for their money, but will also improve the service orientation and practical value of the service providers' process maturity, and will result in better client relationships in the long run. Stable, clear process accountability brings visibility into the value chain, not just in change request processing, but also in all aspects of service delivery, including release management, SLM, availability and continuity management.
Visibility brings transparency. Transparency builds confidence and trust between the service provider and its clients. That's how processes bring win-win situations.
Bright spots (see "Switch: How to Change Things When Change Is Hard," by Chip and Dan Heath) are the quickest way to bring about change; otherwise, organizational change is a nebulous exercise, involving many variables and control levers, and it becomes a mammoth task for the I&O team and the targeted business user groups.
I&O leaders can start by identifying a few of the most critical and highly IT-enabled business functions or processes. For example, if you are in a volume-based retail business, your supply chain process visibilities and controls are crucial. IT operations can refresh inventory data in near real time (i.e., with near-zero latency) and deliver it to the handheld devices of store managers. As a result, they won't run out of stock on high-demand items and can trigger the right sourcing and planning and transactional processes at the right times. Out-of-stock means lost sales (i.e., opportunity costs).
Reducing latency in IT services that support inventory and supply chain application delivery has a direct impact on the business processes for which store managers are responsible.
Now, if there are 500 stores in your chain, the inevitable question is where to start. For example, a relatively business-savvy member of your I&O team gets to do this project jointly with one store in his or her area of residence. The carrot for the IT guy is that these projects and their outcomes will be factored into performance appraisals with a good weighting. The carrot for the store manager is that there is an opportunity to share credit for reducing lost sales in his or her store.
This creates a small bright spot. Now, the savings (due to reduced opportunity costs) are not just IT savings, but the businesses will also view it as a business savings. Sharing the credit with business serves the purpose for IT.
IT can automate business processes and can improve its own efficiencies, as well as the business team's productivity. However, these improvements do not necessarily translate into improvements in the top and bottom lines, in terms of dollars. This is the fundamental disconnect that often hinders IT to act as an internal business consultant for all IT-enabled business processes and functions. Most IT teams confuse automation with transformation. Transformation is the goal, and automation is just one of the means to that end.
For example, an organization wants to virtualize and then build a private cloud on 80% of its storage and servers, to improve its server and storage utilization between 30% and 50%. Now, these are still technical metrics and targets for automation through virtualization and a cloud management platform; there is no business case here. These parameters, although important achievements for the technical team, convey very little in terms of how the utilization improvements will translate into business value.
Without the business value connection, business leaders may think IT is still doing apparently non-value-added things, even with the increased compute and storage capacity. Literally, the million dollar question that the CFO and other nontechnical CxOs and business leaders may ask the IT leader is how is this additional compute and storage capacity that's now become available due to virtualization and cloud being deployed for improving IT's contribution to and support of the key organizational business goals of growth, profitability, etc.? What's being done with the extra capacity? This is the crucial last-mile connect that goes missing in most IT business cases.
IT cannot do it alone. IT has to communicate to other functions to get the data and to build the case. For example, if the additional capacity in the example is dedicated to receivables processing as a top priority in the automation policies, that may lead to shortening your receivables processing cycles say by a target 30% to 40%. This is a business-relevant target that IT shares with finance function, and shows dollar gains. Faster receivables mean faster collections and revenue realization, thereby positively impacting your organization's cash-flow.
Very few end-user I&O teams manifest proactive process orientation, either in their own service delivery environments or in terms of demanding it at the service providers' end, as is apparent from several outsourced/managed service contract reviews. All incidents, including security-related ones, are handled in reactive response mode.
For companies in the insurance and financial services sectors, where relationships and trust are the most long-term and strategic business assets, reactive policies especially in the case of security-linked IT services can do irreversible damage to a company's reputation. For example, if there is an attempt to compromise the security of customers' personal information, and the attempt is successful but only gets reported as a breach, then no matter what penalty clauses protect the client, the client's business faces an irreversible loss of brand value in the market. If IT service providers really intend to protect and improve business relevance and the value of IT services for their clients, then they need to switch from reactive to proactive modes, at least for these kinds of mission-critical services.
Source: Gartner Research Note G00237446, Tapati Bandopadhyay, 12 June 2013
1 Given this operational orientation, it's hardly a surprise that Gartner's maturity model ITScore for I&O shows that more than 90% of respondents have self-assessed themselves at Levels 1 and 2, (i.e., with predominant technology silo focus and limited processes).
2 ITScore for I&O data (over 90% at Levels 1 and 2, N = 639, through September 2012) shows that I&O teams are still focused more on the technology part than the service part when it comes to delivering IT as a service. (Level 4 is the service-aligned view, and only one organization got scores of 4 in the people, process, technology and business management dimensions of ITScore for I&O.) Few organizations at Level 3 (that is, those that have handled the processes well) are also looking at processes primarily for technology delivery, rather than service delivery.
Some tool vendors and service providers are moving ahead on the tools and service innovation curves, but at different speeds. For example, vendors such as Torry Harris Business Solutions have built specialized and automated cloud consumption tracking and analysis solutions that help organizations consume cloud services (for example, from Amazon) in a transparent, manageable way. Arago and IPsoft have integrated advanced artificial intelligence capabilities in their ITOM/ITPA tools to automate routine tasks (see "Cool Vendors in IT Operations Management, 2013").