Sign up on our email list for regular site updates!

(Privacy is Our Priority)
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

 

 

ITIL, SIX SIGMA, CMM, ISO9000, MOF, COBIT, ISO17799, BS15000, ISO20000 - Which Way Do We Go?
By Silvia Prickel

With so many standards, frameworks, principles, reference models and concepts, it is no wonder why IT Organizations are confused and bewildered.  How is an organization to decide which model to choose?  What are the differences?  What do they mean?  And most importantly, why should they care?

This article describes the evolutionary process of IT Service Management starting from the early 1980s through today.  Understanding the history will make it clearer as to the direction that Service Management is going and how it will impact the IT Industry.

What is Service Management?

It is “the high-level process that manages IT services on behalf of the business customers.  It has authority to make decisions about the delivery of the entire portfolio of IT services.”

What are these reference models, standards, principles and concepts?

In the last 20 years, IT developments have had a major impact on business processes. Distributed infrastructure, faster computing cycles, and demand for information systems all contributed to the Information Technology boom.   Unfortunately, IT organizations were not equipped to meet the needs of the rapidly changing and demanding market. Dealing with quality issues and exploding costs became priority concerns.

As a result, Total Quality Management (TQM) was the focus in the early 1980s.  Over the years, TQM transformed to Service Quality, and from Service Quality, to Service Management.   During this time, several service management philosophies evolved, each delivering its own reference model. Let’s explore each of these models in more depth.

ITIL:  1980s
IT Infrastructure Library (ITIL) is a collection of best practices for the management and delivery of IT services and IT infrastructure.  It was originally developed by the British Government in the early 1980’s.  It was the first public-domain framework that took a holistic approach to managing IT.  It was well-received and quickly adopted as the de facto standard in many countries around the world.  In fact, it is the basis from which many new standards and frameworks were conceived.

ISO9000: 1987
Then, in 1987, ISO 9000 brought ISO to the attention of a much wider business community. ISO 9000 became an international reference for quality management requirements in business-to-business dealings.

ISO 9000 is known as a generic management system standard that can be applied to all parts of an organization.

Generic means that the same standards can be applied to any organization, large or small, whatever its product - including services. It can be applied in any sector of activity, whether it is a business enterprise, a public administration, or a government department.

Management system refers to what the organization does to manage its processes or activities in order that the products or services that it produces meet the objectives defined, such as:

  • Satisfy customer quality requirements
  • Comply to regulations
  • Meet environmental objectives

CMM:  1991
Quality issues abound within the software development community as well.  In response to a perceived crisis related to escalating software cost and quality problems, the Department of Defense established the Software Engineering Institute (SEI) at Carnegie Mellon University in Pittsburgh, Pennsylvania in the early 1980s. SEI began the development of a process improvement model for software engineering in 1988.

In August 1991 the first version of the Capability Maturity Model for Software (SW-CMM) was published by the SEI.

In 2000, CMM was upgraded to the Capability Maturity Model Integration (CMMI), a holistic approach used to measure the maturity of IT Processes for the development and delivery of a system or product.

The IT Organization quickly adopted CMMI to measure the process maturity of IT Infrastructure and Operations.  It provided a tool that complimented the requirements set forth in meeting ISO9000 standards.

MOF: 1999
In keeping with the ITIL spirit to “adopt and adapt,” Microsoft created the first version of the Microsoft Operations Framework in 1999.  MOF describes proven team structures and operational processes and applies information technology (IT) best practices to improve the efficiency and quality of IT operations.  It is based on the model of ‘Change, Operate, Support, and Optimize.’

Unlike ITIL, MOF is a proprietary solution specifically designed around Microsoft products.

SIX SIGMA:  1987
Quality was not only a concern of Information Technology; it was also a concern of the manufacturing community. Six Sigma was used to reduce product defects in assembly lines.

The success of implementing Six Sigma in manufacturing quickly spread to all parts of the organization.  Six Sigma was then adopted as a discipline and methodology for eliminating defects in any process – from manufacturing to transactional and from product to service. Six Sigma is based on the model of ‘Measure, Analyze, Improve, & Control’ (MAIC).

ISO17799: 1999
In addition to managing service & product quality, security became a focus of concern as well.  ISO 17799 is a comprehensive set of controls comprising best practices in information security. Intended to serve as a single reference point for identifying a range of controls needed for most situations where information systems are used in industry and commerce. First published by British Standard Institute in 1999, it was published as the ISO standard in December 2000.  The primary focus was on data security, confidentiality and integrity.

COBIT: 2002
Control Objectives for Information and related Technology (COBIT) Framework was published by the IT Governance Institute® (ITGI) and is internationally accepted as good practice for control over information, IT and related risks. COBIT is used to implement governance over IT and improve IT controls and has become a tool for companies working toward regulatory compliance, including the Sarbanes-Oxley Act in the US.

BS15000/ISO20000: 2005
On May 17, 2005, ISO, the International Organization for Standardization, has accepted BS15000 as a new international ISO standard: ISO20000.

BS15000 is the world’s first service management process standard.  It proposes a process approach to IT Service Management within an overall Plan-Do-Check-Act (PDCA) cycle.  This approach enables IT organizations to establish IT Service Management processes to deliver managed services in a systematic and controlled manner and to enhance the quality of their IT services to customers.

It was produced by the British Standard Institute (BSI) and is based on the knowledge and experience of service management experts.  It is aligned with ISO9000 and ITIL and integrated with BS7799.

What does it all mean?
Clearly, Service Management has evolved from quality management concepts to a standard set of operating procedures for managing the IT Infrastructure and the delivery of services.  It will become modus operandi for many IT organizations.

So which reference model or standard should an organization choose?
ITIL is the foundation from which many of these frameworks have been conceived.  So, one could conclude, that adopting ‘grass roots’ principles might be the best option.

On the other hand, BS15000/ISO20000 appears to be the direction of the future, considering that it is the first to be accepted as an ISO Standard.  It also appears to be a ‘well-rounded’ standard that has integrated many other models’ principles:

  • Security compliance (ISO17799)

BS 7799 (ISO/IEC 17799) provides guidance on information security management and BS 15000 makes reference to it.  The expectation is that if a service provider has achieved compliance with BS 7799, then it will meet the security requirements of BS15000.

  • Best practice processes (ITIL)
  • ITIL is a widely accepted set of best practice guidelines and advice on IT service management.  The ITIL best practice guides and the BS15000 standard have been aligned.
  • Governance (COBIT)
  • BS15000 emphasizes a formal and structured governance model that is supported by senior management and is communicated from top-down.  The approach used in BS15000 is similar to the approach used in COBIT.
  • Quality of service (ISO9000)
  • ISO 9000 is a well established quality management system standard that is designed to be applicable to all organizations.  It is more generic than BS15000 and has a broader scope as it addresses all working practices in an organization.  However, the concepts and principles are the same.
  • Statistics and reporting (Six Sigma)
  • BS15000 and Six Sigma use a similar continuous improvement model:
  • BS15000 uses the concept of ‘Plan, Do, Check, Act’
  • Six Sigma uses the concept of ‘Measure, Analyze, Implement, Control’

While both focus on metric for reporting and analysis, Six Sigma uses statistics and probabilities for calculating defects and for determining improvement opportunities.

  • Release Management (CMM)
  • While application development lifecycle is not defined in detail within the BS15000 standard, there is a section devoted to Release Management that focuses on producing quality software releases.

Why should IT organizations care?
…Quite simply, because the business community demands it! Differentiation in the IT industry will not be focused on technology, but on the ability to deliver service.

 

Author Bio

Silvia is a certified ITIL Service Manager, ISO20000 consultant and Six Sigma Blackbelt. She has more than 20 years of IT experience ranging from mainframe program development to Desktop Strategy Program Manager.

As Program Manager for a large manufacturing company, Silvia was responsible for implementing ITIL which resulted in a 20% reduction of operating expenses.
As an IT Service Management Consultant and Educator, Silvia had the opportunity to work with several Companies to design, develop and implement ITIL.

Silvia is now the Director of Service Management at United Airlines.
Company Profile

None
Contact

Phone:

(847) 700-7739

Email:

Silvia's Email

Website:

None
Products

Essential ISO/IEC 20000 Executive's Guide
By Alan Nance

$50 (US)

Workshops
This Week
New Presentation
New Doctor Answer
New Tools
New Article
New Case Study
New Best Practice
New White Paper
Get Your Copy Today
Free Executive Support Industry Maturity Report for Q2 2006
Submit Your Help Desk Audit Results & Receive the Full Maturity Report
Past Best Practices
Available at The Bookstore

THE HELP DESK AUDIT: BLUEPRINT FOR SUCCESS
By Julie L. Mohr


$49.95 (US)

.pdf summary

THE HELP DESK AUDIT TOOLKIT: COMPANION CD
By Julie L. Mohr


$45.95 (US)

.pdf summary

CUSTOMER SURVEYING
By Fred Van Bennekom


$44.95 (US)

 

Google
WWW www.BlueprintAudits.com

 


Quick Links to New Stuff --> | Submit Your Audit Results | The Doctor | Article of the Week | Books | Tools | Site Map

©2003-2008, BlueprintAudits.com