Recently in IT Infrastructure Library (ITIL) Category

Imagine a company department that works the following way:

Back in 2007 when I was still at BMC Software as Global Best Practices Director I worked with their CTO, Tom Bishop who worked on setting up an industry taskforce to set a standard for CMDB connectivity. As always these taskforces take some time to document their goals and objectives and then to actually release a specification. Well it did take 2 years for the specification to be released. Back in July of this year, the Distributed Management Taskforce (DMTF) gave its approval for the CMDBf specification for supporting federated CMDB systems -- or as ITIL v3 says, a federated Configuration Management System (CMS). In this vision, multiple reconciled sources including management data repositories, discovery systems, etc. can provide a cohesive frame to support more effective service management in its broadest, cross-discipline sense.

The CMDBf specification was first released by the CMDB Federation Workgroup in August of 2007, and the DMTF announced the creation of a working committee around the CMDBf specification on November 27, 2007. The Workgroup included BMC, CA, Fujitsu, HP, IBM and Microsoft in Q3 200. Some vendors left out wondered why they weren't included, but in this case small is beneficial. Keeping the group small was considered essential if progress was going to be made. Knowing how difficult it is to get busy people from different organisations together, I would agree that keeping it small and focused was the only way to get results, and 6 of the largest software vendors in the ITSM space is small, but powerful.  

Looking at the specifics, the CMDBf specification leverages SOA (Service Orientated Architecture) standards such as SOAP (Simple Object Access Protocol ), XML (Extensible Markup Language) schema, HTTP (HyperText Transfer Protocol ), and WS-I (Web Services Interoperability). It describes how APIs (application Program Interface) and calls to CMDB registration APIs can be pre-built into the management data repositories (MDRs) of management tool set providers. In this way, a federating CMDB can access data from a multiple MDRs using the query service defined in the specification. MDRs can push data to a federating CMDB using a registration service. The specification also supports CMDB-to-CMDB federation, as CMDBs can extract data from each other using the query service. In essence, the specification supports data access in a federated mode, as well as bi-directional data sharing across federated CMDBs.

Boy we like using acronyms! This is the first time I've really seen the term "Management Data Repositories" (MDR) used seriously and it's really what the CMS is all about, in my opinion. A term we should use when explaining the CMS to the Business, as it will resonate much more with them.

If such a vision is to become reality, then the industry needs a more consistent approach for federating multiple sources than the current rag-tag mix of adapters, APIs, and other technologies that still make federation, especially federation across multiple brands, such a painful experience.

For more information check out the DTMF announcements here >>

These may not be the latest and greatest, but we found two more depictions of maturity models related to Business Service Management from HP and IBM. 

I'm sure they have others, but this is what we found (scroll down to the end of the post).

Stay tuned for more.

One of our unstated goals at BSMReview.com is to create a maturity model for Business Service Management and beyond. Of course, this maturity model may differ slightly by industry, but the idea is to create a model which is good enough to create a "common roadmap" for IT and its business partners (yes, we will include cloud services).

To start the discussion, I've brought together some of the traditional thinking from IT 1.0, and some "edge insights" from people like JSB.

To start, let's look at Gartner's IT Management Process Maturity Model from 2005. Looks familiar, doesn't it? What should Level 5 and Level 6 look like? 

Goodbye ITIL v2.

The OGC has announced the date and time of the end:

OGC has considered these findings alongside its own requirements for the maintenance of the ITIL product set, and agreed that:

a. Withdrawal will be product based, with all language variants for individual qualifications and publications being removed at the same time.
b. Removal of version2 will complete on 30 June 2011. Specific product withdrawal will be as follows:

• V2 Foundation to cease 30 June 2010
• V2 Manager to cease 31 August 2010
• V2 Practitioner to cease 31 Dec 2010 
• Foundation Bridge to cease 31 Dec 2010

I wonder if they followed the ITIL v3 guidelines for a Service Lifecycle, specifically the part about Service Transition:




They must not have read Bill's Mitigating Risk for End-of-Life Technology.

Business Service Management (BSM) is a process, a mindset, not a product (as Peter Armstrong would say) so it is not a technology in the first place.  It is strategic, however, so let's take a quick look at each of Gartner's choices and ask:

"What has this got to do with BSM?"

Gartner's Top 10 Strategic Technologies for 2010

Cloud Computing. Cloud computing is a style of computing that characterizes a model in which providers deliver a variety of IT-enabled capabilities to consumers. Cloud-based services can be exploited in a variety of ways to develop an application or a solution. Using cloud resources does not eliminate the costs of IT solutions, but does re-arrange some and reduce others. In addition, consuming cloud services enterprises will increasingly act as cloud providers and deliver application, information or business process services to customers and business partners.

My two cents: Managing cloud services demands that companies must have a BSM strategy which can monitor and manage the physical datacenter, virtualization, and the cloud - whether it be public, private, or hybrid. We need ITIL in the Cloud and robust Cloud Service SLAs.

Advanced Analytics. Optimization and simulation is using analytical tools and models to maximize business process and decision effectiveness by examining alternative outcomes and scenarios, before, during and after process implementation and execution. This can be viewed as a third step in supporting operational business decisions. Fixed rules and prepared policies gave way to more informed decisions powered by the right information delivered at the right time, whether through customer relationship management (CRM) or enterprise resource planning (ERP) or other applications. The new step is to provide simulation, prediction, optimization and other analytics, not simply information, to empower even more decision flexibility at the time and place of every business process action. The new step looks into the future, predicting what can or will happen.

My two cents: OK, so now we know how to compete on analytics. But the decision-making process is much more complex than most people expected. Analytics are fine, but what we need is refined insight and critical understanding.  The Big Shift Index tells us about what we haven't thought about measuring yet! Where's BSM in all of this? Well, if your CRM and yoru ERP systems are mission-critical, then BSM ensures they deliver on their promise when you need it.

Client Computing. Virtualization is bringing new ways of packaging client computing applications and capabilities. As a result, the choice of a particular PC hardware platform, and eventually the OS platform, becomes less critical. Enterprises should proactively build a five to eight year strategic client computing roadmap outlining an approach to device standards, ownership and support; operating system and application selection, deployment and update; and management and security plans to manage diversity.

My two cents: Anytime, anywhere, on any device. BSM must be an integral part of managing virtualization to avoid virtual sprawl, if nothing else. Of course there's the end-user experience that needs monitoring as well.

IT for Green. IT can enable many green initiatives. The use of IT, particularly among the white collar staff, can greatly enhance an enterprise's green credentials. Common green initiatives include the use of e-documents, reducing travel and teleworking. IT can also provide the analytic tools that others in the enterprise may use to reduce energy consumption in the transportation of goods or other carbon management activities.

My two cents: Virtualization and Cloud computing will help IT become greener faster, by reducing the datacenter footprint.  And virtual collaboration can reduce carbon emissions. Isn't optimizing asset usage a BSM function?

Reshaping the Data Center. In the past, design principles for data centers were simple: Figure out what you have, estimate growth for 15 to 20 years, then build to suit. Newly-built data centers often opened with huge areas of white floor space, fully powered and backed by a uninterruptible power supply (UPS), water-and air-cooled and mostly empty. However, costs are actually lower if enterprises adopt a pod-based approach to data center construction and expansion. If 9,000 square feet is expected to be needed during the life of a data center, then design the site to support it, but only build what's needed for five to seven years. Cutting operating expenses, which are a nontrivial part of the overall IT spend for most clients, frees up money to apply to other projects or investments either in IT or in the business itself.

My two cents: See previous two cents <<

Social Computing. Workers do not want two distinct environments to support their work - one for their own work products (whether personal or group) and another for accessing "external" information. Enterprises must focus both on use of social software and social media in the enterprise and participation and integration with externally facing enterprise-sponsored and public communities. Do not ignore the role of the social profile to bring communities together.

My two cents: Have you noticed that Twitter is having availability issues lately?  I wonder if they use ITIL or BSM?  Same story on Facebook. Maybe they use ITIL-Lite.  There are unfortunately, some documented productivity issues with social computing, but we have an effective solution for improving knowledge-worker productivity.

Security - Activity Monitoring. Traditionally, security has focused on putting up a perimeter fence to keep others out, but it has evolved to monitoring activities and identifying patterns that would have been missed before. Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements. A variety of complimentary (and sometimes overlapping) monitoring and analysis tools help enterprises better detect and investigate suspicious activity - often with real-time alerting or transaction intervention. By understanding the strengths and weaknesses of these tools, enterprises can better understand how to use them to defend the enterprise and meet audit requirements.

My two cents: See this survey on security management best practices.

Flash Memory. Flash memory is not new, but it is moving up to a new tier in the storage echelon. Flash memory is a semiconductor memory device, familiar from its use in USB memory sticks and digital camera cards. It is much faster than rotating disk, but considerably more expensive, however this differential is shrinking. At the rate of price declines, the technology will enjoy more than a 100 percent compound annual growth rate during the new few years and become strategic in many IT areas including consumer devices, entertainment equipment and other embedded IT systems. In addition, it offers a new layer of the storage hierarchy in servers and client computers that has key advantages including space, heat, performance and ruggedness.

My two cents: Wrong? We're going to see cloud storage take over this area, and it may or may not use flash memory.

Virtualization for Availability. Virtualization has been on the list of top strategic technologies in previous years. It is on the list this year because Gartner emphases new elements such as live migration for availability that have longer term implications. Live migration is the movement of a running virtual machine (VM), while its operating system and other software continue to execute as if they remained on the original physical server. This takes place by replicating the state of physical memory between the source and destination VMs, then, at some instant in time, one instruction finishes execution on the source machine and the next instruction begins on the destination machine.

However, if replication of memory continues indefinitely, but execution of instructions remains on the source VM, and then the source VM fails the next instruction would now place on the destination machine. If the destination VM were to fail, just pick a new destination to start the indefinite migration, thus making very high availability possible. 

The key value proposition is to displace a variety of separate mechanisms with a single "dial" that can be set to any level of availability from baseline to fault tolerance, all using a common mechanism and permitting the settings to be changed rapidly as needed. Expensive high-reliability hardware, with fail-over cluster software and perhaps even fault-tolerant hardware could be dispensed with, but still meet availability needs. This is key to cutting costs, lowering complexity, as well as increasing agility as needs shift.

My two cents: Now this is a BSM play if there ever was one!

Mobile Applications. By year-end 2010, 1.2 billion people will carry handsets capable of rich, mobile commerce providing a rich environment for the convergence of mobility and the Web. There are already many thousands of applications for platforms such as the Apple iPhone, in spite of the limited market and need for unique coding. It may take a newer version that is designed to flexibly operate on both full PC and miniature systems, but if the operating system interface and processor architecture were identical, that enabling factor would create a huge turn upwards in mobile application availability.

My two cents: Anytime, anywhere, on any device.  Didn't I write about that a few seconds ago? And don't we need our CMDB to track all these diverse devices and apps?

As you can see, I've attached Business Service Management (BSM) as an enabling IT strategy for just about all ten of Gartner's Strategic Technologies for 2010. And of course if it's a service provided by IT or even an external service provider, we're still going to need a Service Catalog for 2010. More on that in a later post.

Israel, where do agile practices fit into this? Just about everywhere as well?

Chrisan's friends over at the Enterprise Strategy Group shared this security best practices report with us. Let us know what you think.

Its strange how history repeats itself, fashions go in cycles, and every generation comes to them for the first time thinking these things are new, innovative and revolutionary. I guess it's because we're still human and we still need to learn the same lessons over and over again. We want to listen to advice, but can't, we want to learn from the past, but don't, we all want something that's called "common" but is far from it - sense!

May years ago now the company I worked for at the time brought a new concept to the marketplace. The analysts jumped onto it and made it their own and the market hype was all over it, it was the direction all business had to get to. Eight or more years on and we're still moving in that direction, the buzz died down, but the capabilities slowed and the term used changed from IRM to BSM.  However BSM was actually only a subset of what IRM aimed to achieve. With the complexities we find ourselves in today, with Virtualisation and Cloud computing the issues are still the same only in some cases magnified and the responsibility of ownership is moving. More and more the Business is, and will continue to, relinquishing ownership of the delivery of services to the employee (who make up the business) and allow suppliers to take over. It's something that has happened for centuries now. We moved from self-sufficiency to being reliant on others. Once, we all had wells in the garden to provide water for the household, now it's all provided through piped services. Once, we had to make our own small generators for the electrification of the Home, Farm or estate, now it's all provided through piped services. The list goes on, and so it is and will continue to be within the IT environment. Hence the need for Service Management to ensure we all have the disciplines, controls, standards and processes in place, controlled and managed to ensure delivery as required by the customers, whomever they may be.  Why did we move this way? Well for various reasons, economies of scale, cost savings, and to allow us to focus on our core competency without being dragged down by day to day necessities of life.

A slide on my website shows what is required to support the employee, who is at the centre of the business, and how these are more and more being delivered via services as depicted around the circumference of the sphere.  This slide goes back 8 years or more, so not new, but it appears it was rather a vision of the future, and more and more I can see it being fulfilled. Whether we use the same term or not is irrelevant, what matters is the end goal. Something that Geoffrey Moore of Crossing the Chasm fame predicted at roughly the same time.

Check out the slide and let me know if you see it being slowly fulfilled:

Says Annie Shum:

IT professionals should underscore the critical roles played by integrated virtualized service oriented management, governance, performance assurance, and analytics-based feedback loops. Together, they can safeguard the successful adoption and, ultimately, the viability of Cloud Computing in enterprise IT.

Read: A Measured Approach To Cloud Computing: Capacity Planning and Performance Assurance

Malcolm Fry brings up an excellent question in his ITIL Lite article:

So why are there so many people seeing ITIL v3 more as a methodology than as a framework?

As summarized in The Tool is the Method, the phenomenon observed under similar circumstances in Agile initiatives is correlation with sure footedness (or lack thereof). The tendency is to follow the 'prescription' as is until one becomes sure footed enough to interpret it in an intelligent manner. 

Explains Richard:

Initially, compliance was an externally imposed distraction, representing just one more burden on an over-stretched enterprise and IT staff. But now, compliance activities not only provide data about current practices but also highlight areas where increasing the level of control could yield greater efficiencies in operation.

Read The Path to Compliance as a Business Strategy »

BMC Software announced yesterday the acquisition of Tideway Systems Limited, a UK-based, privately-held IT discovery solution.  As outlined in the press release, there is always goodness in IT delivering greater value to their business community through improved understanding of what IT assets are owned, what constitutes their relationships and inter-dependencies, where they are located and who owns them.  Tideway's contribution to that value is unquestioned.  (See Israel Gat's story on the acquisition announcement). 
 
BMC indicated that "the new offering supports the complete set of discovery requirements for BSM and features deep integration with BMC's Atrium Configuration Management Database (CMDB)." The yet-to-be fulfilled promise deals with the deeper integration of Tideway's IT discovery and BMC's Atrium Configuration Management Database (CMDB).  I'm assuming deeper integration as a result of the acquisition, else why the need to buy out their premier IT discovery partner ...except to remove that premiere offering from the grasp of BMC's competitors? 

Unknown is the impact to Tideway's existing partners such as Oracle and ASG Software Solutions.  What about the other 60+ Tideway partners and those customers who are dependent upon Tideway technologies?

We're also wary of any tool that promises to support the "complete set of discovery requirements for BSM" ...when true Business Service Management (BSM) requires discovery and mapping of most business oriented assets.  For example, does this mean that BMC is promising to support all types of business assets, including communication assets, manufacturing assets, inventory assets and transportation assets ...all of which include embedded IT components leveraged by commercial applications?  That would truly be impressive.

Finally, as IT management becomes more of a gating factor for the successful implementation of cloud computing, the BMC recognition that "visibility into the data center" and the need to "model, manage and maintain applications and services" is critical for cloud environments is welcomed. We believe the Tideway acquisition puts BMC in a stronger position to build a cloud-based CMDB which could become a core competence within BMC's solution suite, should they decide to pursue this value proposition. 

In today's recessionary climate, we need to be effective, to manage our capability, to remove excess costs, reduce expenditure on IT and the business, and provide clearer visibility into  business performance.

But how?

Explains Ken Turbitt:

"...there is a guidance to help you, something that has been around for over 20 years and been proven in the early '90s downturn. Yes, it's ITIL. ITIL is there to help you address all of the above. The central core, the driver of this is Business Service Management (BSM). BSM seeks to define IT resources in terms that not only make functional sense to the business, but which relate directly to business metrics and concepts. BSM needs to become the core of your business to enable that clear visibility into business performance and add competitive edge. Now more than at any time in the last 20years is the critical period to review your processes in line with ITIL to improve and automate, understand where you can remove costs without impacting your customers, and keep your business running. To succeed and survive you need to be flexible and respond quickly to the changing requirements and demands being made, and do this whilst protecting and enhancing the business, your products and services and your business processes."

Read the rest of Turbitt's article: Where can I turn to in a Recession?

You do not need to be an expert in Value Stream Mapping to appreciate the power of speeding up deployment to match the pace of Agile development. By aligning development with deployment, you streamline "production" with "consumption." The rationale for so doing is aptly captured in the first bullet of the Declaration of Interdependence:

We increase return on investment by making continuous flow of value our focus.

Flickr and IMVU seem to be doing an exceptionally fine job streamlining the flow of value: every thirty minutes and every nine minutes respectively. A recent presentation in Velocity 2009 by John Allpsaw and John Hammond adds color how development and operations at Flickr cooperate to accomplish "10+ deploys per day."

What does such fast pace mean to the business? In a nutshell, much of the guess work as to what features are really needed is eliminated when you develop, deploy and collect customer feedback in ultra fast manner. Consequently, the company's business design is likely to be transformed. Click here, here, and here for more detailed discussions how the business design gets transformed.

Discussion around Business Service Management (BSM) has been ongoing for years ...and years ...and years. Yet it remains a fairly immature dialogue as vendors scope BSM to capitalize on their respective product offerings; as IT organizations struggle to articulate the desired end state; and as industry analysts deliver unique perspectives for purposes of differentiation.

Fortunately, the purpose of BSM is so fundamental, so basic, and so obvious ...that vendors, IT organizations, business managers, analysts and editors intuitively "get it" ...dwindling the confusion that so frequently accompanies newer technology concepts. This website is dedicated to the BSM dialogue by whoever wishes to participate. There is no fee to join ...no content that requires a subscription ...and no censorship of reasonable ideas and questions.

IT has been, is and will continue to be hammered for being disconnected from the business needs of the customer that IT serves. Sometimes the IT organization is adequately connected to the business entity, with the value simply unrecognized. More often, IT is guilty of diversionary focus on technology silos that business doesn't care about. BSM is the discipline that aligns the deliverables of IT to the enterprise's business goals.

That discipline comes in the forms of activities, technologies, tools, metrics, processes, best practices and people. BSM creates a laser focus on those deliverables generated by IT into something that is meaningful to the business community. If the IT deliverable is of no importance to the business function, then IT should eliminate or repackage it into a service that carries appropriate business value. BSM success is entirely dependent upon the willingness and skill of both IT and business to have an effective two way conversation ...one party without the other is doomed to failure.

Read my complete introduction: The Why & What of Business Service Management