WIREDGOV

Blog posted by: Steve Lawless – Purple Griffon, 03 September 2018.

Traditionally, ITSM has not been agile.

People have tended to focus more on having robust processes and rather than considering “what do we need?”, they have asked “what more can we put in to processes?”.

This level of “over-control” has happened because of over-engineering and not understanding ITIL®sufficiently.

Today’s emergence of cloud-based services, Software as a Service (SaaS) and DevOps in software development has led to a re-think about processes. That re-think is about finding an appropriate balance of control and agility.

A process review approach

1. Are your processes, procedures and policies fit for purpose? A review should ensure that they are agile enough for a rapidly-changing IT environment.

You need to understand what the purpose of a process is: ultimately, driving the right response from the staff following the process. Therefore, that could mean changing staff behaviour to work in a more agile way while still getting the right level of control for good governance.

2. You need the various stakeholders to be involved in process re-design. That involves the management perspective, suppliers, internal practitioners and customers. In the past a lot of processes were designed by technical people and were tool-driven instead of customer driven. Now they need to meet business needs and achieve business objectives.
3. Embed and communicate the process so people understand the purpose of changing it. Explain to people what’s in it for them and the broader picture of business needs, to influence attitude, behaviour and organizational culture. 
4. Change Advisory Board meetings may no longer meet the needs of the business so introduce a continuous change approval process, if appropriate. You can combine a suitable level of control with agility to drive the IT services that a business relies on.
5. Push delegated authority down to people. A better design of services should mean less support requirements.
6. ITIL: using the service lifecycle means recognizing the need for a good strategy and continual improvement versus an instant problem and change approach. 
7. Understanding agile: agile is not an excuse for lack of documentation or control. Service management needs to be agile but with end-to-end control. Otherwise, you risk the growth of “shadow IT”, where non-IT departments buy hardware and software for which they expect support and integration with the existing IT system.

Organizations with a clear strategy for agility are getting it right and are combining agility and control for ITSM. Others, without clear strategy, or those undertaking a knee-jerk reaction to business demand, find it’s not implemented well and causes problems in terms of support, poor service transition, etc. Overall, it needs clear strategy about how IT services are implemented and supported.

Here is a useful checklist for making ITSM agile:

• Read the Agile Manifesto – review when addressing a move to increased agility in your organization. ITSM can’t be left behind so how do you apply agile principles in a modern IT delivery environment?
• ITIL – identify waste in processes and activities that are no longer required because they don’t add value. Think about doing things in more agile way.
• Processes need to be more people-centric than tool-centric, underpinning and supporting day to day roles and responsibilities.
• ITIL Practitioner provides a focus on stakeholder involvement, providing a greater understanding of timescales and minimum viable process – this is agile from a service management perspective and creating better collaboration with all stakeholders to achieve business outcomes.

With an increased recognition that things have to change, there’s a risk that people will focus entirely on agile approaches for ITSM. They must remember that ITIL can be agile and, without it, you can end up with loss of control and a “Wild West” scenario.

In that scenario, customers might demand to have something more quickly, but it won’t necessarily meet their needs and there will be a lack of support for and understanding of how the service works.

For some organizations, having agile ITSM will increase risk to a level that’s too high. It’s a balancing act that is different in every organization.