 | Level: Advanced Kunal Mittal (kunal@kunalmittal.com), Director, Domestic TV IT, Sony Pictures Entertainment
17 Oct 2006 Through the seven books that comprise the IT Infrastructure Library (ITIL), you can learn to set up your organization based on services and use a service-based approach to run the IT infrastructure. Service-Oriented Architecture (SOA) is a key initiative for most IT organizations. In this article, explore the principles of ITIL and SOA -- and the ideas that tie these initiatives together.
Introduction
SOA is an architectural framework consisting of a set of tools and
technologies that enable the rapid implementation of services; a set of design patterns
and standards for the development of services; and a methodology for finding,
reusing/consuming, and exploiting services. SOA is the most promising
framework today for changing the way information technology (IT) works -- to make IT
more agile and responsive to the business, more cost-effective, and more adaptive to the fast-changing business environment.
Defining Information Technology Infrastructure Library
The ITIL was originally developed in the United Kingdom by the Central Computer and
Telecom Agency (CCTA) in 1987 as a set of 40 books. Later, the CCTA (now known as
the Office of Government Commerce, or OGC) condensed this library into seven books
called ITIL Version 2.
| | Note: A plan called the ITIL Refresh project is underway to update
these seven books. This upgrade is supposed to be complete by the end of 2006
and will be called ITIL Version 3. |
|
Using best practices in the ITIL framework, IT departments and companies can
achieve a higher level of alignment between business and IT. Similarly, IT can provide services
to the business in a more cost-effective, repeatable, and measurable manner. Today,
the ITIL is the most widely adopted framework for enabling IT Service Management
(ITSM).
| | Note: Other known ITSM frameworks include the Hewlett-Packard ITSM Reference Model,
the IBM IT Process Model, and Microsoft® Operations Framework (MOF). |
|
Understanding the importance of the ITIL
If you've never heard of the ITIL or ITSM, you're probably asking yourself, "Why should I care?" Here's why these concepts are important and gaining increasing awareness in IT shops across
the globe:
- IT shops have typically been considered cost centers to the business. However,
with the increased competitive landscape, the evolution of technology, and a
world in which customers are becoming knowledgeable and thorough in their
analysis before making purchases, the role of IT has evolved. IT must be more
a business enabler.
- Business agility is a big buzz word you have undoubtedly run across
in most IT literature. Typically, application development projects spend 70 to 80
percent of their budgets (time and cost) in operations mode. This allocation
has resulted in the recognition that IT must be managed from a "services"
fashion. (Don't confuse service with SOA; in this sense, "services" refers to the
work that IT professionals perform.) These IT services must be more repeatable, measurable,
predictable, and reliable -- qualities which are the hallmark of ITSM. The ITIL is a
framework that helps IT realize the vision behind ITSM. Table 1
highlights some fundamental shifts in IT practices to help make IT more services
based.
Table 1. Traditional IT to ITSM
| Traditional IT | ITSM processes |
|---|
| Technology focus | Process focus | | Reactive | Proactive | | Isolated, siloed, centralized | Integrated, distributed, sourced | | Ad hoc | Repeatable | | IT focused | Business focused | | Operational | Service orientation |
Let's dive a bit deeper into what the ITIL really is.
What is the ITIL, really?
The ITIL, as mentioned earlier, is a collection of seven books, as shown in
Figure 1:
- The Business Perspective
- Planning to Implement Service Management
- Service Delivery
- Service Support
- Security Management
- Application Management
- ICT Infrastructure Management
Figure 1. The seven ITIL books
These books bridge the gap between business and technology, shown on the sides
of the diagram. Service management is the core of the ITIL and is split into
two books.
The Business Perspective
This book is targeted to business managers, and it helps them to see the IT perspective
on things and talk about concepts such as business continuity planning, outsourcing,
business change management, and so on.
Planning to Implement Service Management
This book is written by IT professionals who are highly experienced in
implementing ITSM concepts. It provides practical advice, guidelines,
checklists, and other project management tools to help you successfully
implement ITIL and ITSM in your organization.
Service Delivery
This book is arguably the most important and explores how to deliver IT
services. It covers several key concepts, such as:
- Service-level management
- Financial management for IT services
- Capacity management
- IT service continuity management
- Security management
- Availability management
Service support
This book describes how customers can access the different IT services
available. It covers concepts such as:
- Service desk
- Incident management
- Problem management
- Configuration management
- Change management
- Release management
Security Management
Security, as you can imagine, is an important topic and has an entire book devoted
to it. This book covers concepts regarding confidentiality, integrity, and
availability of information (or data).
Application Management
This book talks about how typical application support and management can be
performed using a services perspective. It allows for applications to be
managed within the context of the business objectives.
ICT Infrastructure Management
This book is technology focused and talks about the people, process, and tools
required to manage a stable IT infrastructure at an acceptable cost.
This article doesn't go into further details about these books. Instead, you'll see how they relate to SOA. (To learn more about the ITIL, see Resources.)
Exploring the interrelation of SOA and the ITIL
Let's get to the crux of the concept: in ITSM, you're implementing services. You
define what you do as an IT shop in terms of the service you provide to your
customers. These customers can be either other individuals or groups in your IT organization or
the business. A centralized database administrator (DBA) group or a centralized
UNIX™ group supporting an application development team are examples of
internal IT services. The application team builds applications for the business
users and customers. In other words, the applications are external services
that IT provides. These services are supported by ITIL processes, such as incident
management, capacity management, problem management, and so on.
|
Merging ITIL and SOA
In my experience with ITIL and SOA, I believe that these two concepts can have an happy marriage. Most organizations today have some type of an SOA
initiative at some level of maturity. Many have also taken on
ITSM-related initiatives -- most likely using the guidelines of the ITIL. I believe
that as organizations embark on SOA and ITIL initiatives, they will quickly question
the convergence of these two initiatives and see how one can be more effective with
the other. It's a bit of a chicken-and-egg problem -- should you do ITIL first or
SOA? And there's probably no single correct answer. My recommendation
is that the ITIL can be an SOA enabler and should probably be implemented first. |
|
The convergence here with SOA is that as the loosely coupled, composable SOA services
come into play, the service support and service delivery processes can manage and
support them per ITIL guidelines. As a simple example, what would the incident
management process be on a "get currency rate" SOA service built using technology
such as Web services?
On the flip side, you can implement ITSM services such as DBA support in a more
service-oriented manner, learning from the concepts of SOA. If you think about it,
SOA and ITSM are less likely to be successful without each other. The ITIL is the
glue that ties them together.
SOA is about creating agility in both IT and the business. This agility requires
repeatable, standardized processes that can be measured, monitored, and reported on.
That is the ITIL. Another way to look at it is that SOA needs a significant amount
of governance, and the ITIL has a built-in governance framework.
Merging your SOA and ITIL road maps
Teams looking at implementing SOA or the ITIL can learn from each other. To
implement a successful SOA, you need a set of best practices, processes, and
details about your IT processes that are repeatable and measurable. The ITIL
provides this information. Because the ITIL doesn't get into the specifics of
how you implement the processes and merely presents a framework, it's
relatively easy to "borrow" those concepts and apply them to your SOA
implementation plans.
Let me explain with a simple example. One of the key concepts of SOA is the
fact that you need a common data model or data definition -- in other words,
your enterprise must speak a single language. From an IT processes standpoint,
the ITIL provides a common vocabulary and glossary that you can use as a
starting point for your enterprise data dictionary. Why is this important?
For example, let's say you have an incident management system and a problem management
system. Without a common vocabulary and a set of defined parameters, how are
these two systems going to talk to each other? This is the same classic problem
with Web services and SOA. How are two services going to exchange data unless
they speak the same language -- or at least know how to translate between one
language and another? Stephen Watt has an excellent article that covers this
aspect of SOA in more detail. (See Resources.)
Another aspect where the ITIL and SOA road maps can merge is in the service
delivery processes, such as service-level management, financial management for
IT services, capacity management, and availability management. Key questions
to ask when talking about SOA include who's going to pay to build the service,
who's going to pay to make sure that the service is available and scalable,
who'll make enhancements to the service, and who'll manage the service? Answers
to all these questions lie in the Service Delivery book of the ITIL. As
you get further along in establishing these processes for the ITSM-based services
(DBA, UNIX support, and so on), you will start seeing how they will
apply directly to what we consider services in an SOA or software world.
SOA plays a large role in business process management (BPM). ITIL plays a large
role in IT management. As these two initiatives begin to merge, you will
start seeing IT align itself more and more with the business.
Overcoming barriers to SOA and the ITIL
The challenges to implementing SOA and the ITIL (with or without each other) remain
the same. In both cases, technology is the easy part. The biggest challenge is
probably the culture change required in most organizations. The business must begin
thinking "services." IT groups must reorganize themselves (people, process, and
technology) to deliver and manage these services. This sort of a culture change
is not easy to implement: It requires a strong business executive and a strong IT
executive to partner and drive the process in a top-down manner. It also
requires partnering at the grass-roots level -- business analysts and architects
working with the users they support to show them the value of services. (See my article
on SOA teams, which talks more about the roles of the team members in driving SOA
initiatives in Resources).
The second biggest hurdle of SOA is governance. What is the best way to implement
governance, and what is the right level at which to govern? IT governance is
a big buzz word for chief information officers (CIOs) today. Fortunately, this is one
problem that can be mitigated if your organization is further ahead
with the ITIL. Inherent to the best practices that the ITIL promotes is a framework
for tracking, measuring, and reporting on these services. SOA projects can apply the
same concepts to governing the different SOA services in the enterprise.
Looking at the ITIL, SOA, and Capability Maturity Model
Now that you've seen how the ITIL and SOA work together, let's take a quick look at the
Capability Maturity Model (CMM). The CMM is a framework for accessing the maturity of
the IT processes in an organization. The original focus of the CMM was on the software
processes. However, the new Capability Maturity Model Integration (CMMI) is probably
more applicable to the ITIL, as CMMI includes hardware and software (as ITIL does).
If you study CMMI, you'll see an overlap of several CMMI processes with ITIL processes.
The maturity of your ITIL implementation can be directly related to your
organization's rating on the CMMI scale of 1 to 5. However, my suggestion is
to follow a "just-enough" paradigm. Implement only the amount of ITIL or CMM
required for your organization -- not just to get a higher certification level.
Summary
As your ITSM (or ITIL) and SOA initiatives mature, you'll start to see a convergence
of these concepts and begin to reap the values of standardized IT processes in a
true service-oriented world. SOA management is the umbrella term that will
encompass what is traditionally covered under SOA management and ITSM.
It is important that organizations bridge the gap between SOA plans and ITIL
plans so that they can benefit from the fusion of these initiatives. The earlier
these initiatives are aligned, the more successful the overall implementation
will be -- and you will face fewer organizational issues and politics. Excellent starting points are a steering committee that bridges these two initiatives and a complementary
communication and collaboration framework to weave the two together.
Resources
About the author | 
| | Kunal Mittal is a consultant specializing in Java technology, J2EE, and Web services technologies. He is the coauthor of, and has contributed to, several books on these topics. He works as a director within the Domestic TV IT group for Sony Pictures Entertainment, where he's responsible for the technical architecture and management of applications for that division. In his spare time he writes for IBM developerWorks, consults on SOA, and is a private pilot. For more information, visit Kunal's Web site at www.kunalmittal.com or contact him at kunal@kunalmittal.com. |
Rate this page
| |
