In this chapter a management framework designed by and for the IT function will be reviewed from a network’s perspective. ITIL (Information Technology Infrastructure Library) is the result of an initiative of the UK Office of Government Commerce to collate and publish a suite of “Best IT Management” practices. The result is a process model covering the various IT service functions like service desks, problem and incident management; configuration and change management; service level management, capacity management, security management; and IT application development, implementation and maintenance.
TopIt Governance And Itil
IT Governance has variable definitions between organisations or even continents. For some organisations IT Governance is a matter of compliance with pre-determined and approved standard processes. A more enlightened view acknowledges that IT Governance involves more than compliance. We can define IT Governance as the means by which an organisation’s investment in IT is aligned with the business value achieved. That is, a concentration on “doing’ the right IT” rather than “doing IT right”, which is viewed as IT management, more so than IT Governance (PriceWaterhouseCoopers, 2007; Williams, 2007). The other point of contention on IT Governance is whether the function is critical enough to justify it being represented at board level. For many, the lack of board representation can be a cause for poor IT Governance due to a lack of senior executive input. For others, IT is seen as simply a utility support service and therefore does not justify representation at the most senior levels (Carr, 2004).
The following analysis was conducted using outsourcing contracts data for the Australian IT outsourcing market, together with information on the executives of the client and vendor companies involved in these contracts. Relationships between CIOs and board members of the clients’ companies are shown as links. A contractual relationship is also inferred between the CIO and the vendor CEO and is shown as a link. Additional links are also inferred for executives who have either worked for the same organisation at the same time or been board members together. The nodes are identified as individuals who are either board members, CIOs or vendor CEOs. The relative size of the node reflects the number of links a particular individual has.
While the data is limited to what can be gleaned from public sources, broad patterns of relationships are identifiable. Looking at the clusters of board members, one can see that with very few exceptions, there is little intermingling between board members and CIOs and/or vendor CEOs. The data reinforces the view that IT is not currently engaged at the board level. Whether it should or not is still an open question (Nolan & McFarlan, 2005; Williams, 2007). One would anticipate that the situation won’t be changed by the IT functional heads’ promotion of the importance of IT to their respective boards. It is more likely that board attention might come from negative aspects of IT, like major cost overruns on IT projects, serious security breaches or generic business risks as observed during Y2k. Therefore despite the arguments for IT Governance to be a board level concern, for the foreseeable future, IT Governance relationships will need to exist at all levels to be effective.
Figure 1. Relationships between executives in the Australian IT outsourcing market place (data sources: Datamonitor and One Source)
IT Governance surveys typically indicate a variety of support for the different IT Governance Frameworks. A common theme is the growing demand for guidance in this area. The most used IT Governance frameworks are ITIL and COBIT. COBIT (Control Objectives for Information and related Technologies) provides a governance framework for IT with an auditing flavour. Some 34 core processes are identified that relate to 318 control objectives and over 1,500 control practices are provided as guides for customization (Campbell, 2005). In this chapter the ITIL framework has been chosen for review for its closer alignment to the topic of this book, being networks and multisourcing.
The ITIL framework publications are designed to be a source of good practice in service management (ITIL.org, 2007). It is not designed as an auditing standard. It is however a source of knowledge for achieving certification to ISO/IEC 20000 service management standards. The most recent version of the ITIL library (version 3) has five core publications: