ITIL

A set of detailed practices for IT service management (ITSM).

Practices Employed

• Automation: Service automation is encouraged to improve efficiency and reliability of IT services.
• Change Management: Standardized procedures ensure efficient handling of all changes to IT infrastructure.
• Configuration Management: Configuration management maintains information about Configuration Items (CIs) and their relationships.
• Issue Management: Incident and Problem Management restore normal service and identify root causes.
• Measurement: Service level management sets clear business-based targets for service performance.
• Monitoring: Monitoring and event management identify and prioritize infrastructure and service events.
• Release: Release and Deployment management focus on making new services available for use.

Addresses / Mitigates

Risk	Practices
Agency Risk	Monitoring: Monitoring the behaviour of agents, whether people or processes, helps identify when behaviour becomes counter-productive.
Communication Risk	Issue Management: Facilitates communication about issues and their status among team members.
Complexity Risk	Configuration Management: Reduces complexity by managing system changes in a controlled and documented manner.
Coordination Risk	Change Management: Specifically addresses coordinating change in a structured way.
Feature Fit Risk	Measurement: Helps in understanding the use of the system. Release: Putting new features in the hands of users can make your product fit their needs better.
Funding Risk	Release: Delivering features might mean you get paid for the software you write.
Implementation Risk	Change Management: Avoid bugs from creeping into the system. Configuration Management: Establishes and maintains consistency in the software product's performance and attributes. Issue Management: Tracks and manages defects and issues, ensuring they are resolved. Measurement: Identifies areas of improvement in the implementation process.
Market Risk	Release: Delivering features means you get market feedback.
Operational Risk	Automation: Introduces more consistency in process operations and removes opportunity for human error Change Management: Ensures changes are implemented smoothly and systematically. Configuration Management: Ensures that changes are systematically evaluated and implemented to minimize disruptions. Issue Management: Provides a systematic approach to managing and addressing operational issues. Measurement: Provides data to inform decision-making and improve operational efficiency. Monitoring: Ensures continuous observation to maintain operational stability.
Process Risk	Monitoring: Monitoring a process can ensure that when it misbehaves the issues are quickly caught.
Reliability Risk	Monitoring: Identifies and addresses potential issues before they impact system reliability.
Reputational Risk	Issue Management: Tracking and fixing bugs improves software reputation.
Schedule Risk	Automation: Automating laborious tasks clears the schedule for higher-value work.
Security Risk	Issue Management: Track and Prioritise Security Issues and Incidents. Monitoring: Monitors for security breaches and anomalies.

Attendant Risks

Attendant Risk	Practices
Agency Risk	Automation: Automated processes have their own agency and might not work as desired.
Communication Risk	Automation: The quality and performance characteristics may be obscured by automation.
Complexity Risk	Automation: Introducing automation adds to the complexity of a project Issue Management: Managing an excessive number of logged issues can add complexity. Measurement: Collecting and analyzing data can add to the complexity of the project. Monitoring: Implementing comprehensive monitoring solutions can add complexity.
Feature Fit Risk	Automation: The automated process might not capture the variability of requirements of the original approach
Funding Risk	Measurement: Implementing measurement systems can be expensive. Monitoring: High-quality monitoring tools and systems can be costly.
Internal Model Risk	Automation: Automation of reporting and statuses can lead to false confidence about a system's health. Measurement: Focusing on the wrong measures can blind you to what's important.
Legal Risk	Release: Publishing or releasing code may involve licensing, Intellectual Property, Liability or other legal compliance."
Operational Risk	Automation: Automated processes may be less observable than manual ones. Release: Releasing software means that the software has to be supported in production.
Process Risk	Automation: Automation introduces a process, which therefore means a new source of Process Risk. Change Management: Change control is a process, and therefore is a source of process risk. Issue Management: The issue lifecycle from creation to resolution is a process, therefore a source of process risk. Release: Complex release procedures are a source of process risk.
Reliability Risk	Configuration Management: Carefully managing software configuration ensures that the reliability of dependencies is also managed. Measurement: Creates dependencies on measurement tools and their accuracy. Monitoring: Creates dependency on monitoring tools and their accuracy. Release: Releases can introduce discontinuities in software service if not managed well.
Reputational Risk	Release: Poor release management can destroy reputation and good-will.
Schedule Risk	Change Management: Managing changes systematically can introduce delays. Issue Management: Managing and resolving logged issues can impact project timelines. Release: Delays in the release process can impact overall project time-lines.
Security Risk	Automation: Automation can introduce security issues if automated processes are given elevated privileges.

Description

"ITIL (Information Technology Infrastructure Library) is a set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business." - ITIL, Wikipedia

ITIL is the most widely adopted framework for IT Service Management (ITSM) in the world. It provides a systematic approach to the delivery of quality IT services, covering the entire service lifecycle—from strategy and design to transition, operation, and continual improvement.

See Also