Why ISO/IEC 20000 Gives ITIL The Force It Needs To Be Successful

In 2017, the number of organizations which are ISO/IEC 20000 certified globally has increased by 45%, compared to 2011; while in the UK has dropped by 47%! I’ve got to admit, I find this very worrying.

By Dr Don Page, ITSM Strategic Director, Marval

As one of ITIL's biggest supporters and critics, I have reached a stage where I am very frustrated with the whole “ITIL journey”, its hype and its promised outcomes.

I have seen organizations trying to embark on this journey, only to fail. Now let’s be clear, it’s not ITIL that fails; it’s the organizations and people implementing it. To be really successful, ITIL requires accountability: personal accountability, accountability to colleagues, to the department and customers.

How do you spread this accountability across the team and the organization? I strongly believe ISO/IEC 20000 is the right strategy to ensuring a more successful ITIL-based service improvement program.

I reckon I am suitably qualified and experienced to comment on both ITIL and ISO/IEC 20000. In our company, we try to practice what we preach and we have attained ISO/IEC 20000 certification, with more than 12 successful audits already taken place.

ISO/IEC 20000 continues to help us improve the services we deliver to the business and customers (and we believe there is always room for improvement). It’s become part of our culture; staff see the benefits and actively use it to demonstrate what a great job they do and the value they add (which they have to present each month).

Yes, it has been a difficult and often stressful journey. It’s not easy to take a long hard look at the way you do things, be honest about your strengths and weaknesses, take some hard decisions, then make improvements (and continue to do so), compare your performance against a worldwide standard and be externally audited to prove our adherence to it.

You don’t have to go for formal certification, but I strongly believe we have the responsibility to give our business, stakeholders and customers confidence that we are a professional service provider. If it was your company and you were paying the salaries, wouldn’t you want to have this confidence?

That’s why ISO/IEC 20000 is primarily a business decision, not an IT decision.

ISO/IEC 20000 is “Auditable Common Sense” focusing on continual improvement. It provides a baseline against which internal IT organization and 3rd party suppliers can be measured and demonstrate to the business that its own service delivery processes represent best practice, are auditable, accountable and value for money.

From the CIO and business manager's perspective it gives them confidence that, what they are being told by their IT supplier, in relation to the quality of their services, is based on them using a proven, auditable and industry driven approach.

ITIL talks of process, which is -after all- the way we are “supposed to work”. It should not be a discussion of whether we follow it or not. Our only responsibility is to contribute to making it better.

People have said to me, “maybe in a few years”, “after we have implemented ITIL, we will go for ISO/IEC 20000”; well, forget it. You need to get an auditable culture of continual improvement and accountability in at the start, because it’s considerably more difficult and time consuming later on (trust me, I know what I am talking about from hard experience).

My advice to anyone starting on their ITIL journey, is to start with ISO/IEC 20000 as their governance framework (use it as your minimal critical requirements).

The “shalls” of a standard instantly remove a lot of the problems and difficulties faced by managers in their quest to deliver a world class service (example: - "all changes SHALL be recorded" - not should or depending on who, what or maybe; but SHALL).

Furthermore, as many modern enterprises are looking to address long-standing challenges (and internal conflicts) by adopting DevOps and SIAM models, ISO/IEC 20000 can provide a solid platform and standardized processes to increase both people’s accountability and the systems’ agility, improve collaboration among teams and eliminate causes of further conflict. Simply put, ISO/IEC 20000 can help you implement DevOps and SIAM easier and with greater possibility of success.

organizations looking at the issues of investing in Service Management best practice and training have a stark choice: either take up ITIL training and seeing staff taking their qualifications with them when they walk out the door, or invest in something that can be proven and doesn't rely on individual members of staff sticking around; something that demonstrates business commitment to its customers.

Which one makes more sense, then?