Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Better management through best practices

Yes, best practice frameworks work, but no, they're not all the same.

Article comments

The good news about adopting best practices is that corporations aren't limited to one method. The bad news is that companies will most likely need to adopt more than one best-practice framework - or at least parts of many - if they want a complete, effective set of management process guidelines.

A related concern is that when network managers realise that multiple standards may be required to achieve their goals, they may become overwhelmed trying to discern the differences among popular frameworks.

Best-practice frameworks such as IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) have been around for years. For the most part, these frameworks should bring consistency and efficiency to the various aspects of IT, such as application development, help desk, network operations, security, and service delivery and support. Compliance with the Sarbanes-Oxley Act and numerous other regulatory standards is another obvious benefit - and is often the impetus for IT executives to start looking at process frameworks.

Other - and perhaps longer-term - gains are the cost cuts and labour reductions that result when an IT shop deploys processes to which all staff members adhere. Best-practice nirvana occurs when IT is able to align with business by helping network managers translate their services into business terms and assign a business-relevant priority to their tasks.

Broad adoption this year
According to Forrester Research, best-practice frameworks will see broad adoption in 2006. The firm suggests that in many cases, ITIL and COBIT - along with the Capability Maturity Model (CMM) and ISO 17799 - should be adopted in concert. ITIL addresses service delivery and support; COBIT covers the broadest spectrum of IT governance; CMM, which is used frequently by application developers, shows how IT shops rate in terms of maturity compared with best-known processes; and ISO 17799 proposes security management measures.

"Most of these frameworks are not mutually exclusive and are most effective when used in combination with one another," says Craig Symons, a principal analyst with Forrester, in a report released this month. "The road to a comprehensive IT governance framework involves understanding the differences among the frameworks and when to apply each framework."

Which frameworks an organisation starts with depends on its goals. Many industry experts say even though ITIL is quickest to deliver incremental results, COBIT is a good place to start. COBIT can help IT shops prove they are performing the processes laid out in the other frameworks, as it is a common tool for auditors.

"COBIT is focused on governance, and if you are a higher-level IT manager concerned with overall corporate governance, this is the best place to start," says independent ITIL consultant John Worthington. "If you are purely focused on IT and have a specific area to control, you may start with ITIL, but it's likely the two initiatives would come together eventually."

Brian Childers, an independent IT service management consultant and a board member with the US-based IT Service Management Forum (which supports ITIL standards), adopted COBIT reluctantly during an IT process implementation at Earthlink, a previous employer. A big supporter of ITIL's tenets, Childers didn't want to explore the possibility of linking his process plans with those of COBIT. "I was adamant that I didn't want COBIT," he says. "But there was a gap in our plans to roll out two ITIL processes - change and release management - and COBIT addressed the hole because it provided specific audit guidelines that mapped directly to what auditors want."

He says that Earthlink was able to sign off on its Sarbox compliance in September 2004, a few months ahead of the December 2004 deadline, because the combination of ITIL and COBIT helped the IT staff to better define and then prove their processes were in place. "You can flat-out copy the COBIT guidelines and be golden, because that is exactly what the auditors are looking for," he says.

ISO certification as a side-benefit
Lenny Monsour reports a similar scenario, in which the use of one framework - ITIL - led him to get certified in another, ISO 9001, a standard that defines the requirements for a quality-management system. Monsour, product management director at SunGard, started to put ITIL's change management processes in place about 18 months ago and found that by also rolling out an automation platform he could achieve ISO compliance as well.

"ISO demands pretty intense processes that are focused on quality and compliance," he explains. "ITIL gives you a loose guideline as to how to do change management, it's not specific. But with ISO 9001, you have to have your processes documented against your logs, and an auditor will check those against each other."

Two years ago Kent Joshi had an external consulting firm advise him to put best practices in place to govern IT operations at Washington Mutual Bank in Los Angeles. Joshi, the bank's IT vice president, soon realised the suggested processes, which laid out many fundamentals Joshi deems critical, still lacked the specific processes he would need to synchronise IT services with business demands. "We realised without a strong service-level management [SLM] process in place, we weren't instilling practices that addressed IT's interaction with our customers," he says.

Joshi says that before exploring the SLM guidelines, which ITIL lays out at a high level, his organisation would have multiple IT staff people contacting customers, suggesting fixes for their problems. But without well-defined processes, the IT staff would provide only a piece of the necessary service and in a manner that couldn't be measured. The business unit would be left unsatisfied, and the IT staff would be left "scratching their heads" as to how their efforts didn't achieve the goal, he says.

Express and measure
"ITIL's SLM process places itself between the two areas: It expresses customer requirements in terms the business understands and in IT terms for my staff," he says. "And it helps you to figure out a measurable way to prove you delivered the services."

Despite the known benefits of frameworks, network managers should be wary of falling victim to "standards slavery," says Jon Vromat, a best-practice consultant with HP.

"IT organisations often think they have to take it all on at once, and then they fail. Adopting frameworks is more like eating an elephant; to be successful, you have to do it in digestible chunks," he says.

Referring to best-practice frameworks as alphabet soup, Vromat says that managers should approach process adoption in three steps: Start with a framework, such as COBIT or ITIL; move on to a standard that can be certified, such as the many ISO guidelines; then perform ongoing improvements that could be measured by, for example, CMM or Six Sigma.


More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *