What is ITIL? A guide to the IT Infrastructure Library
ITIL (Information Technology Infrastructure Library) is a framework designed to standardize the selection, planning, delivery, maintenance and overall lifecycle of IT services within a business. The goal is to improve efficiency and achieve predictable service delivery.
The ITIL framework enables IT administrators to be business service partners, rather than just back-end support. ITIL guidelines and best practices align IT department actions and expenses to business needs and change them as the business grows or shifts direction.
ITIL also provides a good foundation for IT organizations that don't have a services framework or best practices in place and enables admins to pursue job specializations. The principles behind ITIL 4 -- the newest ITIL version -- focus on value. Organizations should start where they are and progress iteratively with feedback. They should collaborate and promote visibility, think and work holistically, keep it simple and practical, and optimize and automate. The aim is to expand ITIL's relevance to software developers, service management practitioners and businesses.
What is the ITIL process framework?
Each iteration of ITIL delivers updated documentation and certifications to prepare admins for the current infrastructure landscape and the types of services available. ITIL's framework isn't a rigid checklist of best practices. Instead, organizations evaluate and implement the aspects that are most important for their needs.
This article is part of
What is configuration management? A comprehensive guide
ITIL
In 1989, ITIL's goal was to standardize IT service management (ITSM). This initial iteration gave organizations an overview of how to streamline services and helped admins start thinking about best practices.
ITIL v2
ITIL v2 offered admins a more applicable and uniform structure for service support and delivery. It also included processes for organizations to follow.
ITIL v3
ITIL v3 gave a broader look at IT services and added guiding principles on service strategy, design, transition and operation. It also outlined ways for businesses to continuously improve services. Its framework of core publications collected best practices for each major phase of ITSM.
These books cover five core concepts:
- Service Strategy describes business goals and customer requirements, as well as how to align objectives of both entities.
- Service Design outlines practices such as architecture management, compliance management, service catalog management and capacity management.
- Service Transition advises on processes such as service asset and configuration management, change management and release practices. It also guides admins through environmental interruptions and changes.
- Service Operation offers ways to manage IT services on a daily, monthly and yearly basis.
- Continual Service Improvement covers how to introduce improvements and policy updates within the ITIL process framework.
ITIL v3's stages and processes remain valid and widely used.
ITIL 4
ITIL 4 is designed to help IT admins navigate the ins and outs of the Fourth Industrial Revolution and provide guidance for the role of IT management in a service economy. ITIL 4 accommodates newer approaches, such as DevOps, automation, containers, microservices and the cloud. It also emphasizes the integration of ITSM with other areas of a business.
ITIL 4 presents four dimensions of service management:
- Organizations and people.
- Value streams and processes.
- Information and technology.
- Partners and suppliers.
These are mapped to service value systems and chains.
ITIL 4 also includes 34 practices, which are defined as resources and activities to perform work or accomplish an objective. By comparison, ITIL has redefined processes as recommendations to guide an organization in all circumstances, regardless of type of work, goals or management structure. These practices are broken down into the following three categories:
- General management practices, including projects and portfolios, enterprise risk, information security, continual improvement, workforce and talent, relationships and suppliers.
- Service management practices, such as business analysis, service design, service continuity management, service-level management, service desk, monitoring and incident management, change enablement and IT asset management.
- Technical management practices, covering software development and deployment, infrastructure and platform management.
Certification levels for ITIL
ITIL adoption and maintenance require trained and certified experts to guide a company and its IT staff. Businesses such as Microsoft, IBM and Hewlett Packard Enterprise use ITIL as a foundation for their own internal operating guidelines.
Admins complete ITIL training and certification with a combination of classroom training and a written certification exam. ITIL v3 offered five main certifications:
- Foundation. This entry-level certification covered key concepts, elements and terminology used for the ITIL service lifecycle and contributions to management services.
- Practitioner. This level helped professionals adapt ITIL to their organizations so that it supported business objectives. Admins could take the course any time after a Foundation certification. This module also covered organizational change management, communication and metrics, which weren't available in all certifications.
- Intermediate. Each module of this certification went into different components of ITSM but required more detailed knowledge than Foundation-level exams. This track was split into service lifecycle and service capability modules.
- Expert. At this stage, admins needed to understand the entire ITIL scheme and obtained a set of well-rounded skills pertaining to ITIL best practices. Admins needed to complete 17 credits from previous modules, the Managing Across the Lifecycle module and an exam to get an Expert certification.
- Master. At this level, admins needed to explain how they chose their areas of study, principles and methods. They also needed to demonstrate the techniques they used in their organization to achieve wanted business outcomes. There's no certification exam for this status; instead, admins complete a series of written assignments and oral interviews.
ITIL v3 training and examinations were discontinued by the end of 2021. However, ITIL 4 reorganizes these into a new certification scheme; the Foundation and Master levels remain, and ITIL 4 has three new tiers:
- Managing Professional (MP). Admins must demonstrate practical and technical knowledge about how to run successful IT-enabled services, teams and workflows. This certification requires three specialist modules: the Create, Deliver and Support module, Drive Stakeholder Value module and High-velocity IT module. It also requires a fourth strategist module: Direct, Plan and Improve. Admins must be at Expert level or complete 17 credits. ITIL v3 Experts can take one course and one exam to achieve this designation.
- Strategic Leader (SL). This level requires knowledge of IT operations, as well as an understanding of the interplay of digitally enabled services and business strategy. This tier shares the Direct, Plan and Improve strategist module with the MP tier, so admins holding that designation only have to complete a Digital and IT Strategy leadership module to obtain this one.
- Practice Manager (PM). This level teaches management practices, which are sets of organizational resources designed to accomplish goals. There are 15 modules that offer shorter and flexible means of training, and let professionals mix and match modules they wish to focus on. Modules are named based on practices they teach, and fall into three categories: Monitor, Support and Fulfill; Plan, Implement and Control; and Collaborate, Assure and Improve.
In addition, ITIL 4 now includes four optional extension -- or specialist -- modules:
- ITIL 4 Specialist: Sustainability in Digital and IT. This extension is for IT professionals seeking greater insight into using ITIL methods to manage the effect of digital and IT services on the environment.
- ITIL 4 Specialist: Acquiring and Managing Cloud Services. This extension is for IT professionals and business leaders wishing to learn more about cloud technology and its use in business strategy.
- ITIL 4 Specialist: Business Relationship Management. This extension is for IT professionals who are tasked with creating and sustaining relationships between consumer organizations and service providers, as well as stakeholders involved.
- ITIL 4 Specialist: IT Asset Management. This extension is for IT professionals looking to further their management skills in areas such as IT governance, compliance, cost management and risk assessment.
These modules have no prerequisites and can be attempted at any point in the ITIL certification process. Admins can track their certification progress through a credit system, which assigns a specific credit value to each segment. To advance their ITIL certification, admins must accrue a certain number of credits at the Foundation level, progressing to the MP, SL and PM levels -- and, ultimately, earning the ITIL Master designation.
Benefits and drawbacks of ITIL
ITIL isn't just about straightforward, rote IT skills. The certification also looks at how admins can apply their knowledge within the larger scope of their organization and align with business practices. It represents a key evolution in the role of IT and provides admins with cohesive best practices when addressing all facets of IT management.
There are identifiable benefits of ITIL certification:
- Better goal alignment between IT departments and the business.
- Improved service timelines and customer satisfaction.
- Reduced operational costs because of better use of digital, physical and human resources.
- Increased visibility of IT costs and assets through financial management.
- Streamlined service disruption response and problem management.
- A more flexible service environment that can easily adapt to change.
Despite its benefits, ITIL poses some potential challenges for organizations:
- Training requirements are extensive and time-consuming, and successful implementation requires staff expertise.
- ITIL rollouts can take years to fully implement and refine.
- There's little, if any, short-term return on ITIL initiatives.
- Changes prescribed by ITIL initiatives can be disruptive to existing processes and infrastructure.
- The long-term nature of ITIL can easily be disrupted by other short-term projects and initiatives.
IT admins must be cautious about how management interprets and implements ITIL. It's an industry standard, but that doesn't mean it solves internal personnel or compliance issues. Its implementation guides can make process development easier, but they don't necessarily account for more innovative IT processes or technologies.
ITIL's implementation requires staff time, training and expertise. Organizations must ensure they have the appropriate staff resources and certified employees before going through with an ITIL implementation.
How can ITIL improve a business?
The value of ITIL can be difficult to quantify. The goal of ITIL -- or any ITSM framework -- isn't just to improve IT capabilities, but also to find ways of creating business value and solving business issues with IT.
ITIL offers a comprehensive framework designed to help businesses organize their resources and processes to create new capabilities that provide business value. But it isn't prescriptive -- it doesn't say, "Use X to do Y to realize Z benefit."
Instead, ITIL casts a much wider net. It offers a set of general guidelines that can be readily adapted and adjusted. When developed correctly, ITIL implementation can bring important business benefits, including the following:
- Stronger alignment between IT and business, leading to IT enabling new business services and capabilities.
- Cost reductions, usually through improved resource use.
- Improved service delivery, leading to better revenues and customer satisfaction.
Because ITIL is a voluntary framework rather than an imposed standard, an organization can adopt as much of the framework as needed to meet its specific needs. Still, the benefits of ITIL can increase as more business processes become ITIL-compliant.
How ITIL reduces costs
Organizations incur IT costs quickly when their infrastructure is used inefficiently. ITIL provides strategic guidance and best practices that promote efficiency.
Following ITIL prescriptions, organizations inventory all systems, resources, users and configurations of the systems in question and document the findings. They then identify areas to optimize and reduce inefficiencies. For example, unnecessary resources can be removed from the infrastructure to reduce costs, while configurations that cause unnecessary resource use get reconfigured.
ITIL also provides proactive risk management strategies that let organizations anticipate downtime before it occurs. Unplanned downtime is a significant contributor to IT costs.
How to put ITIL into practice
ITIL is complex to fully understand and even more difficult to fully adopt. ITIL 4 includes 34 distinct practices across general, service and technical management. Implementation can be disruptive, so adoption is rarely approached as a singular, all-or-nothing initiative. Instead, organizations follow a set of steps or phases intended to explore, validate and expand framework adoption over time.
Although there is no one approach to put ITIL into practice, there are several best practices for adoption:
- Understand why. Any ITIL initiative should begin with careful consideration of driving factors. Business leaders must have clear and substantial reasons for adopting ITIL and understand how it could benefit their business.
- Gather knowledge. ITIL implementation takes expertise; it isn't something you can learn from a manual. Business leaders must depend on one or more people with solid ITIL certification and proven expertise to spearhead the initiative. This might require new training or staffing changes to bring on board the knowledge needed to pursue ITIL compliance.
- Start small and build out. Organizations should implement one -- or just a few -- of the 34 ITIL practices as a proof-of-principle project. Document the current process and its tradeoffs. Then, reevaluate the process post-adoption, and see how business performance is affected. As these small projects reveal business value, they can be rolled out across the business, and more practices can be implemented as needed.
- Focus on outcomes. ITIL isn't a goal. Simply implementing ITIL buys the business nothing. Understand what you want ITIL compliance to achieve, such as greater customer satisfaction or lower service costs, and then measure those outcomes objectively using metrics.
History of ITIL
ITIL started in the 1980s when data centers decentralized and adopted more geographically diverse architectures. This practice caused process and deployment discrepancies and resulted in inconsistent or suboptimal IT service performance in organizations.
The United Kingdom's Central Computer and Telecommunications Agency (CCTA) recognized the importance of perceiving IT as a service and applying consistent practices across the entire IT service lifecycle. It developed the Government Information Technology Infrastructure Management methodology. CCTA released ITIL in 1989.
In 2001, CCTA folded into the Office of Government Commerce, which released ITIL v2 the same year.
ITIL v3 emerged in 2007 and was updated in 2011 to include feedback from the user and training community, as well as to resolve errors and inconsistencies.
The U.K. Cabinet Office and Capita PLC formed Axelos in 2013. The organization's mission is to "make individuals and organizations more effective by providing practical guidance, content and qualifications distilled from real-world experience and developing practices."
Axelos, which PeopleCert acquired in 2021, currently oversees ITIL development. It announced the latest ITIL guidelines in 2017, releasing ITIL 4 and related modules throughout 2019 and 2020. Axelos continues developing newer certifications, including Projects IN Controlled Environments, or PRINCE2, which is a project management certification framework applicable to various industries that can be used alongside ITIL implementations to manage IT projects.
DevOps is an IT management process similar to ITIL. Learn the differences between ITIL and DevOps and what each means for an enterprise.