And ITIL is the de facto standard ITSM framework to use. Everything we do in IT Delivery should be framed in terms of the services delivered, and all our activities and behaviors (and spending) derived from that.

There is, however, a mismatch. ITIL does not cover all of IT Delivery.

By “IT Delivery” I’m referring to that half of IT also known as Production or Operations, separated by The Wall from the other half, known as Solutions or Development. (IT Solutions should also be service based, but that is a fight for another day). I’d like to use the term “IT Operations” (and I do), but it is used by ITIL more specifically to refer to the monitor and control functions of IT, the day-to-day, so to avoid confusion we’ll use “IT Delivery”.

The gaps in ITIL’s coverage of IT Delivery are most starkly illuminated by a white paper “COBIT Mapping: Mapping of ITIL V3 With COBIT 4.1”. For those who haven’t met it, COBIT started life as an audit framework for IT and has grown to be something a lot more general and useful. The paper is available for download from www.isaca.org free to ISACA members - others will have to pay. It shows how much more complete COBIT is as a framework (although ITIL has advanced in Version 3), and more rigorous, even if ITIL does have more meat on the bones.

For those of you who don't have a spare twenty-five bucks, the COBIT processes not covered at all by ITIL V3 are:

(The codes are COBIT process identifiers. If you do have the white paper, these assessments come from the diagram on page 19.)

Nothing important in that lot, is there? And the COBIT processes only partially covered by ITIL V3 are: ...

ITIL only scores a full coverage on 8 out of 34 COBIT processes:

More recently we had another white paper, this time issued jointly by ISACA (owners of COBIT) and OGC (owners of ITIL). This paper, the excitingly titled “Aligning CobiT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit” is available for public download. It does not map the processes so starkly – it doesn’t give ratings of coverage. But if you wade through the detail of the mappings you can make your own assessment based on what proportion of COBIT controls for which it shows equivalent ITIL coverage. You may conclude as I did that it seems to rate ITIL more highly against two processes (PO1 and DS2) than the original paper did, and seems to make an even lower assessment than the first paper on five others (PO9, AI2, AI7 DS5, DS10), ending up with indicating that ITIL has full coverage for a slightly different 8 of the 34 COBIT processes.

In today’s world ITSM is IT Delivery. There may be other ways of describing how to run a computer system, but ITSM is the best available and the generally accepted approach.

And ITIL is the de facto standard ITSM framework to use. Everything we do in IT Delivery should be framed in terms of the services delivered, and all our activities and behaviors (and spending) derived from that.

There is, however, a mismatch. ITIL does not cover all of IT Delivery.

By “IT Delivery” I’m referring to that half of IT also known as Production or Operations, separated by The Wall from the other half, known as Solutions or Development. (IT Solutions should also be service based, but that is a fight for another day). I’d like to use the term “IT Operations” (and I do), but it is used by ITIL more specifically to refer to the monitor and control functions of IT, the day-to-day, so to avoid confusion we’ll use “IT Delivery”.

The gaps in ITIL’s coverage of IT Delivery are most starkly illuminated by a white paper “COBIT Mapping: Mapping of ITIL V3 With COBIT 4.1”. For those who haven’t met it, COBIT started life as an audit framework for IT and has grown to be something a lot more general and useful. The paper is available for download from www.isaca.org free to ISACA members - others will have to pay. It shows how much more complete COBIT is as a framework (although ITIL has advanced in Version 3), and more rigorous, even if ITIL does have more meat on the bones.

For those of you who don't have a spare twenty-five bucks, the COBIT processes not covered at all by ITIL V3 are:

(The codes are COBIT process identifiers. If you do have the white paper, these assessments come from the diagram on page 19.)

Nothing important in that lot, is there? And the COBIT processes only partially covered by ITIL V3 are: ...

ITIL only scores a full coverage on 8 out of 34 COBIT processes:

More recently we had another white paper, this time issued jointly by ISACA (owners of COBIT) and OGC (owners of ITIL). This paper, the excitingly titled “Aligning CobiT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit” is available for public download. It does not map the processes so starkly – it doesn’t give ratings of coverage. But if you wade through the detail of the mappings you can make your own assessment based on what proportion of COBIT controls for which it shows equivalent ITIL coverage. You may conclude as I did that it seems to rate ITIL more highly against two processes (PO1 and DS2) than the original paper did, and seems to make an even lower assessment than the first paper on five others (PO9, AI2, AI7 DS5, DS10), ending up with indicating that ITIL has full coverage for a slightly different 8 of the 34 COBIT processes.

In today’s world ITSM is IT Delivery. There may be other ways of describing how to run a computer system, but ITSM is the best available and the generally accepted approach.

And ITIL is the de facto standard ITSM framework to use. Everything we do in IT Delivery should be framed in terms of the services delivered, and all our activities and behaviors (and spending) derived from that.

There is, however, a mismatch. ITIL does not cover all of IT Delivery.

By “IT Delivery” I’m referring to that half of IT also known as Production or Operations, separated by The Wall from the other half, known as Solutions or Development. (IT Solutions should also be service based, but that is a fight for another day). I’d like to use the term “IT Operations” (and I do), but it is used by ITIL more specifically to refer to the monitor and control functions of IT, the day-to-day, so to avoid confusion we’ll use “IT Delivery”.

The gaps in ITIL’s coverage of IT Delivery are most starkly illuminated by a white paper “COBIT Mapping: Mapping of ITIL V3 With COBIT 4.1”. For those who haven’t met it, COBIT started life as an audit framework for IT and has grown to be something a lot more general and useful. The paper is available for download from www.isaca.org free to ISACA members - others will have to pay. It shows how much more complete COBIT is as a framework (although ITIL has advanced in Version 3), and more rigorous, even if ITIL does have more meat on the bones.

For those of you who don't have a spare twenty-five bucks, the COBIT processes not covered at all by ITIL V3 are:

(The codes are COBIT process identifiers. If you do have the white paper, these assessments come from the diagram on page 19.)

Nothing important in that lot, is there? And the COBIT processes only partially covered by ITIL V3 are: ...

ITIL only scores a full coverage on 8 out of 34 COBIT processes:

More recently we had another white paper, this time issued jointly by ISACA (owners of COBIT) and OGC (owners of ITIL). This paper, the excitingly titled “Aligning CobiT® 4.1, ITIL® V3 and ISO/IEC 27002 for Business Benefit” is available for public download. It does not map the processes so starkly – it doesn’t give ratings of coverage. But if you wade through the detail of the mappings you can make your own assessment based on what proportion of COBIT controls for which it shows equivalent ITIL coverage. You may conclude as I did that it seems to rate ITIL more highly against two processes (PO1 and DS2) than the original paper did, and seems to make an even lower assessment than the first paper on five others (PO9, AI2, AI7 DS5, DS10), ending up with indicating that ITIL has full coverage for a slightly different 8 of the 34 COBIT processes.

Remember this is not somebody trying to undermine ITIL – it is a paper co-written by the ITIL Refresh Chief Editor and reviewed by the ITIL Chief Architect. It says ITIL covers less than half of the processes that COBIT does.

This is not a criticism of ITIL. The intent of ITIL is to focus on its core constituency which is ITSM and to do that in depth. ITIL V3 did spread its wings wider but ITIL does not (yet) purport to provide comprehensive coverage of IT whereas COBIT does. (COBIT’s completeness is also subject to debate but that is off topic here. It still provides an effective benchmark against which to test ITIL).

This is a warning. Don’t make the assumption that addressing all the processes in ITIL means addressing all the processes in IT Delivery.

OK perhaps it is a bit of a criticism of ITIL as well. Some of the training, compliance and governance aspects of ITSM are arguably too important to leave out. The most remarkable omission in ITIL is Project Management (PM). Project Management is all but invisible in ITIL V3.

PM is the engine that moves much stuff (hopefully anything major) from Development to Production, which is pretty important now that ITIL has muscled into Application Management. PM should interlock with Change Management and Testing. The project team should provide most of the Early Life Support. Release and Deployment shouldn't move without PM: in general if it is big enough to be a release it should be a project. And so on.

So why is it no-one tells you how ITIL aligns with the Project Management bodies of knowledge PMBOK or PRINCE2?

Service Operation gives Project Management two paragraphs (p165), and not as part of Application Management.

Service Transition gives Project Management passing mention on pages 40 and 62 and 200, and page 180 of Service Transition that explains how important it is NOT to ignore it!! To be fair, it also explains how PM is something done by those people over there, not IT Services (and hence out of scope). Service Transition also duplicates all of PMs functions in the Service Transition plan (p40).

Service Design spends time on it (p31-32) but only vague directions to keep the project honest, not details of how the interface might work between Service Design and Project Management, and never once mentioning PMBOK or PRINCE2. The diagram on p31 is just wrong. It shows the project team's job is done at the start of the pilot or warranty period. This is "dead cat syndrome" which must be avoided at all costs. A project team should retain ownership through the warranty period until acceptance has been signed off.

The Official Introduction gives a cursory nod to assorted BOKs in the Complementary Guidance section.

What happened to Project Management when ITIL V3 was put together? Did someone get bitten by a project manager?

It is interesting to see that there is even less mention of PRINCE2 in particular than of PM in general, despite it being ITIL's stable-mate at OGC. Not much walking across the corridor here! Have the PRINCE2 people got all the good carparks at OGC and everyone hates them? Of course, the North Americans were in control of writing much of ITIL V3 and none of it is actually done at OGC any more.

So don’t let anyone tell you ITIL gives the whole picture. It is not intended to. The creators of it don’t think it does and don’t say it does. On its own it might be enough for you or it might not. It is a complex framework landscape out their now, with ITIL, COBIT, ISO20000, CMMI-SVC, MOF, ASL, USMBOK and many others all offering their own view of the world. Seek professional advice on the best combination for your needs. One day we will see convergence and unification, but for now you may need to mix and match for the best fit and you’ll need help with that.