Home �   ITIL�  Index

The IT Accountability Model

Jan 5, 2009

Valerie Arraj


Agreements and Contracts


One of the most logical and elegant mechanisms for accountability offered through ITIL are the agreements and contracts associated with Service Level Management: the Service Level Agreement (SLA), Operational Level Agreement (OLA) and the Underpinning Contract (UC). Within this triad of pacts, the Service Level Agreement or SLA is the contract made between IT and the business. In order to meet any commitments specified in this agreement, there must be some assurances that the resources and capabilities required within the organization and outside of organization to fulfill service commitments are in place.


To align these resources and capabilities there is an agreement put in place with internal organization that represents their commitment to deliver on these promises via the OLA. The OLA is a commitment that must be communicated and internalized by those functional units involved in the delivery and ongoing operation of the services and can also be translated to each individual’s personal performance metrics.


The internal accountability hierarchy is Customer » IT Organization » Functional Unit » Individual. This makes it apparent to everyone how they are being measured and what they are being measured on. External organizations also play a large role in assuring that SLAs can be met. Similarly, with external organizations, the UC should align to the SLA.


Let’s look at a 24x7 email service that has an SLA specifying a two hour response time on priority one issues and 99.99% availability as a point of illustration of how OLAs and UCs work. It’s practical to assume that this email service requires a messaging application, a server farm, some number of network devices providing connectivity, Internet access for Internet-based email and storage for mailboxes/messages.


In this scenario, there would be an OLA between the Service Level Management process owner and the team responsible for the messaging application, the team responsible for the management of the email servers, the team responsible for networking and the team responsible for storage. Each of these groups would sign up and therefore prepare appropriately from a technology and staffing perspective to meet this two hour response time and 99.99% availability requirement.


External organizations involved might include an ISP for Internet service, the vendor for the messaging application and the hardware vendors for networking, servers and storage. The contracts in place for these vendors must have service levels that are rigorous enough to meet the needs of the SLA between IT and the business customer.


The accountability model that is outlined in ITIL via “roles”, the RACI matrix and the contract structure associated with SLM can bring clarity and order to what today is a pain point in many IT organizations. Utilizing this guidance as a framework for clearly defined roles and responsibilities enables better communication and prioritization resulting in dramatic improvements in effective and efficient service management.


Valerie Arraj is principal and managing partner for Compliance Process Partners, an IT compliance focused consulting and training company that uses service management and control objectives to help organizations lay the groundwork for compliance to regulatory and governance guidelines.