What is ITIL (Information Technology Infrastructure Library)?
ITIL (Information Technology Infrastructure Library) is a framework designed to standardize the selection, planning, delivery, maintenance and overall lifecycle of IT services within a business. The goal is to improve efficiency and achieve predictable service delivery. The ITIL framework enables IT administrators to be business service partners, rather than just back-end support. ITIL guidelines and best practices align IT department actions and expenses to business needs and change them as the business grows or shifts direction.
ITIL started in the 1980s, when data centers decentralized and adopted more geographically diverse architectures. This practice caused process and deployment discrepancies and brought inconsistent or suboptimal IT service performance into organizations.
The United Kingdom's Central Computer and Telecommunications Agency (CCTA) recognized the importance of perceiving IT as a service and applying consistent practices across the entire IT service lifecycle, so it developed the Government Information Technology Infrastructure Management methodology. CCTA released ITIL v1 in 1989.
In 2000, the CCTA folded into the Office of Government Commerce and released ITIL v2 the following year.
ITIL v3 emerged in 2007 and was updated in 2011 to include feedback from the user and training community, as well as to resolve errors and inconsistencies.
This article is part of
The U.K. Cabinet Office and Capita PLC formed Axelos in 2013. The organization's mission is to "make individuals and organizations more effective by providing practical guidance, content and qualifications distilled from real-world experience and developing practices."
Axelos currently oversees ITIL development. It announced the latest ITIL guidelines in 2017, releasing ITIL v4 and related modules throughout 2019 and 2020. Axelos continues to manage the development and oversight of best practice certifications and methods, including ITIL and PRINCE2.
What is the ITIL process framework?
Each iteration of ITIL delivers updated documentation and certifications to prepare admins for the current infrastructure landscape and the types of services they provide. ITIL's framework is not a rigid checklist to implement best practices -- organizations evaluate and implement the aspects that are most important for their needs.
In 1989, ITIL's goal was to standardize IT service management (ITSM). This initial iteration gave organizations an overview of how to streamline services and helped admins start thinking about best practices.
ITIL v2 offered admins a more applicable and uniform structure for service support and delivery, and it included actual processes for organizations to follow.
ITIL v3 gave a broader look at IT services and added guidelines on service strategy, design, transition and operation. It also outlined ways for businesses to continuously improve services. Its framework of core publications collected best practices for each major phase of ITSM. These books and their core concepts are the following:
- Service Strategy, which describes business goals and customer requirements, as well as how to align objectives of both entities;
- Service Design, which outlines practices for the production of IT policies, architectures and documentation;
- Service Transition, which advises on change management and release practices and also guides admins through environmental interruptions and changes;
- Service Operation, which offers ways to manage IT services on a daily, monthly and yearly basis; and
- Continual Service Improvement, which covers how to introduce improvements and policy updates within the ITIL process framework.
ITIL v3's stages and processes remain valid and widely used.
ITIL v4 is designed to help IT admins navigate the ins and outs of the Fourth Industrial Revolution and provide guidance for the role of IT management in a service economy. ITIL v4 accommodates newer approaches, such as DevOps, automation, containers, microservices and the cloud. It also emphasizes the integration of ITSM with other areas of a business.
ITIL v4 presents four dimensions of service management:
- organizations and people
- value streams and processes
- information and technology
- partners and suppliers
These are mapped to service value systems and chains.
ITIL v4 also includes 34 practices -- defined as resources and activities to perform work or accomplish an objective. (By comparison, ITIL has redefined processes as recommendations to guide an organization in all circumstances regardless of type of work, goals or management structure.) These practices are broken down into the following three categories:
- general management practices, including projects and portfolios, enterprise risk, information security, continual improvement, workforce and talent, relationships and suppliers;
- service management practices, such as business analysis, service design and continuity, service desk, monitoring and incident management, change enablement, and IT asset management; and
- technical management practices, covering software development, deployment, infrastructure and platform.
Changes to ITIL certifications from v3 to v4
ITIL adoption and maintenance requires trained and certified experts to guide a company and its IT staff. Businesses such as Microsoft, IBM and Hewlett Packard Enterprise use ITIL as a foundation for their own internal operating guidelines.
Admins complete ITIL training and certification with a combination of classroom training and a written certification exam. ITIL v3 offered five main certifications:
- Foundation. This entry-level certification covers key concepts, elements and terminology used for the ITIL service lifecycle and contributions to management services.
- Practitioner. This level helps professionals adapt ITIL to their organizations so that it supports business objectives. Admins can take the course any time after a Foundation certification. This module also covers organizational change management, communication and metrics, which aren't available in all certifications.
- Intermediate. Each module of this certification goes into different components of ITSM but requires more detailed knowledge than Foundation-level exams. The track is split into service lifecycle and service capability modules.
- Expert. At this stage, admins are interested in demonstrating the entire ITIL scheme. ITIL experts obtain a set of well-rounded skills pertaining to ITIL best practices. Admins must complete 17 credits from previous modules, the "Managing Across the Lifecycle" module and an exam to get an Expert certification.
- Master. At the Master level, admins need to explain how they chose their areas of study, principles and methods, as well as the techniques they used within their organization to achieve wanted business outcomes. To achieve Master status, there is no certification exam; instead, admins complete a series of written assignments and oral interviews.
ITIL v3 training and examinations were discontinued by the end of 2021. However, ITIL v4 reorganizes these into four certification schemes. Foundation and Master remain, but the others have been merged into two tiers:
- Managing Professional (MP). Admins must demonstrate practical and technical knowledge about how to run successful IT-enabled services, teams and workflows. This certification requires three specialist modules -- "Create, Deliver and Support," "Drive Stakeholder Value," and "High-Velocity IT" -- plus a fourth strategist module, "Direct, Plan and Improve." Admins must be at Expert level or complete 17 credits. ITIL v3 Experts can gain this designation by taking one course and one exam.
- Strategic Leader (SL). This level requires knowledge of not just IT operations, but also the interplay of digitally enabled services and business strategy. This tier shares the "Direct, Plan and Improve" strategist module with the MP tier, so admins with that designation must only complete a leadership module -- "Digital and IT Strategy" -- to obtain this one.
In addition, ITIL v4 now includes two optional extension -- or specialist -- modules:
- ITIL 4 Specialist: Sustainability in Digital and IT. This extension is intended for IT professionals seeking greater insight into using ITIL methods to manage the effect of digital and IT services on the environment.
- ITIL 4 Specialist: Acquiring and Managing Cloud Services. This extension is intended for IT professionals and business leaders wishing to learn more about cloud technology and its use in business strategy.
These modules have no prerequisites and can be attempted at any point in the ITIL certification process. Admins can track their certification progress through a credit system, which assigns a specific credit value to each segment. To advance ITIL certification, admins must accrue a certain number of credits at the Foundation and Intermediate levels, progressing to MP and/or SL -- and ultimately earning the ITIL Master designation.
Benefits and drawbacks of ITIL
ITIL is not just about straightforward, rote IT skills. The certification also looks at how admins can apply their knowledge within the larger scope of their organization and align with business practices -- a key shift and evolution in the role of IT. This means admins now have more cohesive best practices when addressing all facets of IT management. With this in mind, there are six main, identifiable benefits of ITIL certification:
- better goal alignment between IT departments and the business;
- improved service timelines and customer satisfaction;
- reduced operational costs due to better utilization of resources -- digital, physical and human;
- increased visibility of IT costs and assets;
- streamlined service disruption response and management; and
- more flexible service environment that can easily adapt to change.
The principles behind ITIL v4 -- focus on value, start where you are, progress iteratively with feedback, collaborate and promote visibility, think and work holistically, keep it simple and practical, and optimize and automate -- aim to expand ITIL's relevance to software developers, service management practitioners and businesses.
ITIL also provides a good foundation for organizations that don't have any sort of services framework or best practices and enables admins to pursue job specializations.
In spite of its benefits, ITIL poses the following potential drawbacks for the business:
- Training requirements can be extensive and time-consuming, and successful implementation requires staff expertise.
- ITIL rollouts can take years to fully implement and refine.
- There is little, if any, short-term return on ITIL initiatives.
- Changes prescribed by ITIL initiatives can be disruptive to existing processes and infrastructure.
- The long-term nature of ITIL can easily be disrupted by other short-term projects and initiatives.
Admins must be cautious about how management interprets and implements ITIL. It is an industry standard, but that doesn't mean it solves internal personnel or compliance issues. Its implementation guides can make process development easier, but they don't necessarily account for more innovative processes or technologies. ITIL's implementation requires staff time, training and expertise, so organizations must ensure that they have the appropriate resources -- and certified employees -- before going through with an ITIL implementation.
How can ITIL improve a business?
The value of ITIL can be difficult to quantify. The goal of ITIL -- or any ITSM framework -- isn't just to improve IT capabilities, but also to find ways of creating business value and solving business issues with IT. ITIL offers a comprehensive framework designed to help businesses organize their resources and processes to create new capabilities that provide business value. But ITIL isn't prescriptive -- it doesn't say, "Use X to do Y to realize Z benefit."
Instead, ITIL casts a much wider net by offering a set of general guidelines that can be readily adapted and adjusted. When developed correctly, ITIL implementation can bring important business benefits, including the following:
- stronger alignment between IT and business, leading to IT enabling new business services and capabilities;
- cost reductions, usually through improved resource use; and
- improved service delivery, leading to better revenues and customer satisfaction.
Because ITIL is a voluntary framework rather than an imposed standard, organizations are welcome to adopt as much of the ITIL framework as necessary and appropriate to suit the needs of the specific business. Still, the benefits of ITIL can increase as more business processes become ITIL-compliant.
How to put ITIL into practice
ITIL can be complex to fully understand and even more difficult to adopt fully. ITIL v4 includes 34 distinct practices across general, service and technical management. ITIL implementation can be disruptive, so adoption is rarely approached as a singular, all-or-nothing initiative, but rather as a set of steps or phases intended to explore, validate and expand framework adoption over time. Although there is no single approach to put ITIL into practice, there are several best practices for adoption, including the following:
- Understand why. Any ITIL initiative should begin with a careful consideration of driving factors. Business leaders should have clear and substantial reasons for adopting ITIL and understand how ITIL should benefit their business.
- Possess knowledge. ITIL implementation takes expertise -- it isn't something you can learn from a manual. Business leaders must depend on one or more people with solid ITIL certification and proven expertise to spearhead the initiative. This might require some new training or staffing changes to onboard the knowledge needed to pursue ITIL compliance.
- Start small and build out. Start by implementing one -- or just a few -- of the 34 ITIL practices as a proof-of-principle project. Document the current process and its tradeoffs. Then, reevaluate the process post-adoption, and see how business performance is affected. As these small projects reveal business value, they can be rolled out across the business, and more practices can be implemented as needed.
- Focus on outcomes. ITIL isn't a goal. Simply implementing ITIL buys the business nothing. Understand what you want ITIL compliance to achieve, such as greater customer satisfaction or lower service costs, and then measure those outcomes objectively using metrics.