Essential Guide

The Essential Guide to ITIL

ITIL software tools

What Is ITIL? 

In the early days of enterprise IT, the information technology department was viewed as a cost center within the business. Communication and collaboration between the IT department and the business was poor, and many organizations lacked any formalized processes for requesting services or reporting IT incidents. As a result, there was a common perception within many organizations that IT did not add much value and did not effectively serve the needs and goals of the business.

As enterprise IT organizations matured, they recognized a growing need to demonstrate their value by catering to the specific needs of the business. IT professionals began practicing IT in a new paradigm known as IT Service Management (ITSM). In the ITSM paradigm, the IT organization is viewed as its own entity and the business unit is the customer. To satisfy its customers, the IT organization provides services that are supported by IT assets and capabilities. These services must align with the strategic requirements of the business and they must be delivered by the IT organization in accordance with agreed service levels. 

As a growing number of businesses developed IT capabilities while adopting the ITSM paradigm, there was a growing need to establish standardized processes for the management of IT services. Several standards have been released, including COBIT, ISO 20000, and others, but the ITIL framework has become the most widely accepted and practiced standard for managing the lifecycle and delivery of IT services. ITIL is a framework of best practices for managing the It service lifecycle. ITIL's publications and guidance have transformed enterprise IT with their emphasis on aligning IT services with the strategic demands of the business.

ITIL vs ITSM: Key Differences Explained

Some IT professionals use the terms ITIL and ITSM interchangeably. In fact, if someone tells you that their organization is doing ITIL, you know for sure that they're doing ITSM - but if they say they're doing ITSM, they still may not be following the ITIL best practices framework. So what's the difference between ITSM vs ITIL

The key difference between ITSM and ITIL is that ITSM is a paradigm and ITIL is a framework of best practices.

A paradigm is a worldview that underlies a particular methodology or way of doing things. The ITSM paradigm is a specific way of understanding the relationship between an IT organization and the business that it supports. The early days of IT management were characterized by a focus on the management of technologies themselves, which included a lot of reactive break-fix activities and ad-hoc operations. As the ITSM paradigm emerged, IT organizations began to focus on the management of services and the delivery of those services to the business. The ITSM paradigm can be summarized simply:

  1. The IT department is its own organization and its customers are the business.

  2. The role of the IT organization is to provide services to the business.

  3. The services provided by IT should align with the strategic goals and needs of the business.

  4. Services must be managed throughout their entire lifecycle.

Additional Resource
IT Service Management Plays Beyond IT

ITIL goes beyond simply defining the relationship between the IT organization and the business. ITIL is a framework for effectively managing IT services throughout the entire service lifecycle. The ITIL framework offers guidance and best practices for managing the five stages of the IT service lifecycle: service strategy, service design, service transition, service operation and continual service improvement. 

Organizations who practice ITSM may think of IT as a service-provider to the business, but they may follow a separate framework like COBIT or ISO/IEC 20000 for managing IT services. Still, ITIL is the most commonly applied framework of best practices for organizations operating within the ITSM paradigm.

ITIL V1: The Origin 

The ITIL framework was first developed by the Central Computing and Telecommunications Agency (CCTA), a government agency in Great Britain. It was 1986 and the British government saw that its information technology was getting increasingly costly - there was a need to develop a methodology for IT service management that would enable cost savings and more efficient use of resources. By 1988, the CCTA had published a set of guidelines known as the Government Infrastructure Management Method (GITMM), however the word "government" in the name of the standard was seen to have a negative influence on private-sector adoption. In 1989, the GITMM was re-named the Information Technology Infrastructure Library (ITIL).

The first version of ITIL was highly unrefined compared to later versions. Released in 40 separate volumes, it included guidance on service level management, help desk management, change management, contingency planning, problem management, configuration management and cost management. There was also plenty of highly technical subject matter, including best practices for cabling, configuring backup power supplies and designing office acoustics. Despite the poor organization of ITIL v1, the standard and ITIL processes continued to grow in popularity as additional publications were released throughout the 1990's.

ITIL V2: The First Major Evolution 

The early late 1990's and early 2000's were a challenging period for ITIL, characterized by changes and growing competition.  The International Organization for Standardization (ISO) had released its own ITSM standard in 1995, known as ISO/IEC 20000 and other ITSM standards were beginning to emerge as well. Just in the year 2000, the CCTA merged into Great Britain's Office for Government Commerce (OGC), BSI released the BS 15000:2000 specification for ITSM and Microsoft, using ITIL as inspiration, created their own ITSM framework known as Microsoft Operations Framework (MOF).

To remain relevant in the face of growing competition, the ITIL framework and processes needed to be improved, re-invented, and reorganized into a more structured framework that would become known as ITIL V2. This revision of ITIL allowed OGC to describe new IT concepts like release and deployment management and clearly define processes like ITIL incident management and the financial management of IT assets. Publishing ITIL V2 would also allow for the elimination of duplicate entries that characterized ITIL V1.

The first volume of ITIL v2 was released in 2001. By 2002, seven volumes of ITIL V2 were made available:

  1. Service Support

  2. Service Delivery

  3. ICT Infrastructure Management

  4. Security Management

  5. Application Management

  6. Software Asset Management

  7. Planning to Implement Service Management

2005 saw the release of the ITIL V2 glossary that would clarify certain terms in the framework that were poorly defined. In 2006, the OGC released a supplement to ITIL V2 called ITIL small-scale implementation that provided additional guidance for small businesses who hoped to benefit from the ITIL framework. ITIL V2 was a more complete and organized version of ITIL V1 that served as a necessary intermediate standard between V1 and the even more robust and comprehensive ITIL V3.

ITIL V3: Introducing the IT Service lifecycle

By 2007, the OGC had further refined their approach to ITSM and were prepared to release an even more comprehensive and well-organized update to ITIL V2. ITIL V3 was released in 2007 as a set of five publications, each corresponding to an individual stage of the IT service lifecycle. The five books were titled:

  1. ITIL Service Strategy

  2. ITIL Service Design

  3. ITIL Service Transition

  4. ITIL Service Operation

  5. ITIL Continual Service Improvement

Together, the five books of ITIL V3 (which would become known as ITIL 2007 after the ITIL 2011 revision) described a comprehensive set of processes and functions that support the various aspects of IT service delivery. ITIL V3 covers all essential steps of IT service management, from strategically prioritizing the delivery of IT services that satisfy business needs to managing the continual service improvement process. Below, we review and examine the contents of ITIL V3's five core publications, describing the goals of each stage of the service lifecycle and the processes that support these ITIL objectives. 

Service Strategy

Service strategy is the first book in ITIL V3 and corresponds to the first stage in the IT service lifecycle. The purpose of service strategy is to align the actions of the IT organization with the needs of the business. To do this, the IT organization must decide on a strategy for effectively serving its customers. As part of Service Strategy, the IT organization works with the business to determine what services the IT organization should offer and what capabilities must be developed.

There are five processes described in the Service Strategy volume of ITIL V3:

Service Design

Once the IT organization has decided to develop a new service, the next step is Service Design. The Service Design stage focuses on developing new IT services, as well as modifying or improving existing IT services to enhance their value to the business.

There are eleven processes described in the Service Design volume of ITIL V3:

Service Transition

A service that has been designed enters the Service Transition phase where it will be built and deployed onto the organization's IT infrastructure. The purpose of Service Transition is to control the production and deployment of new IT services while ensuring that changes to existing services are effectively coordinated to prevent business disruptions.

There are eight processes described in the Service Transition volume of ITIL V3:

Service Operation

Service Operation is the fourth stage in the IT service lifecycle. Its objective is to ensure that operational IT services are delivered effectively and efficiently for customers. This stage is unique in that it contains both processes and functions. A function performs a specialized task or set of tasks, while a process is a collection of sub-processes that can be performed in a particular sequence to achieve a desired goal. 

There are six processes and four functions described in the Service Operation volume of ITIL V3.

The six processes are:

The four functions are:

Continual Service Improvement (CSI)

Continual Service Improvement is the final stage in the service lifecycle. Once a service is in operation, it may be periodically reviewed to identify whether there are any opportunities to improve the service.A CSI manager may be responsible for recommending and monitoring process changes to verify their impact on operational efficiency and cost.

There are four processes described in the Continual Service Improvement volume of ITIL V3:

Axelos Takes Ownership of ITIL in 2013

In 2013 and 2014, a company called AXELOS took ownership of the ITIL framework. AXELOS was set up as a joint venture between the professional services firm Capita PLC and the Government of the United Kingdom. From 2013 onward, AXELOS would take the lead in updating and refining the ITIL framework, as well as overseeing the accreditation of ITIL certification and training institutions around the world. 

ITIL 4: Embracing the Service Value System 

The recent release of ITIL 4 is changing the way IT organizations do ITSM. ITIL 4 was launched in February 2019 and represents the most significant update to the framework since the 2007 release of ITIL V3. ITIL 4 promotes a holistic approach to service management with its new four dimensions model that identifies the four factors critical to successful value delivery with ITIL: 

  1. Organizations and people

  2. Information and technology

  3. Partners and suppliers

  4. Value streams and processes

While previous versions of ITIL placed a strong emphasis on the management of IT services throughout the service lifecycle, the ITIL 4 framework is built around a new model called the Service Value System (SVS). The SVS is composed of five elements that support the conversion of an opportunity or demand for a service into value for the customer:

7 Guiding Principles of ITSM in ITIL 4

Following in the steps of software development frameworks like Agile and DevOps, ITIL 4 puts forth a set of seven guiding principles that IT professionals can reference to inform their own decision-making, promote continual improvement of ITSM systems and processes, and to understand the purpose and intentions that underlie ITIL 4's guidelines. They are:

  1. Focus on Value

  2. Start Where You Are

  3. Progress Iteratively with Feedback

  4. Collaborate and Promote Visibility

  5. Think and Work Holistically

  6. Keep it Simple and Practical

  7. Optimize and Automate

Additional Resource
7 Deadly Sins of ITIL Implementations (Including Updated ITIL 4 Guidance!)

ITIL 4 Governance

Governance plays an important role in the service value system of ITIL 4. Governance refers to the means or mechanisms by which the organization maintains control, direction and oversight of IT activities. IT governance can include managers, vice presidents and presidents or even the board of directors. A governance body directs the organization and takes responsibility for its performance and compliance. There are three ways that governance of ITIL 4 is realized in an organizational context:

  1. Direct - The governance body assigns responsibility for the establishment, preparation and implementation of ITIL strategy and policies. Strategy includes the specific plan for the effective implementation and operation of ITIL 4 practices, while policy includes the specific activities and behaviors that will be required of the staff, vendors and others responsible for carrying out the organization's strategy.

  2. Monitor - The governance body monitors the organization's practices, procedures and services to ensure they are in line with the stated policies and strategic aims.

  3. Evaluate - The governance body performs regular reviews of organizational strategy and policy, updating both to account for internal and external change.

The ITIL 4 Service Value Chain

The service value chain is ITIL's new six-step model for creating value through the implementation of IT services. The input for the service value chain is a new demand for a service or an identified opportunity to create value through implementing a new service. The ultimate goal of the service value chain is to create value for the organization through a six step process that includes:

  1. Planning - To identify a strategic direction of improvement for the IT organization 

  2. Engagement - To capture the needs of stakeholders and maintain positive stakeholder relations

  3. Design and Transition - To create products and services that meet stakeholder expectations for quality, cost, and timeliness

  4. Procurement/Building - To ensure that customers of the IT organization can access essential service components when required, according to the agreed specifications

  5. Deliver and Support - To launch and support IT services that meet the organization's strategic needs and the expectations of customers

  6. Improve - To facilitate ongoing improvement of all IT-related products and services, all activities in the value chain and the four dimensions of service management

Continual Improvement in ITIL 4

Continual improvement is heavily emphasized in ITIL 4. The concept of continual improvement appears as the fourth element of the service value system, the final step in the service value chain and as an ITIL practice under "general management practices". In ITIL 4, the continual improvement process is liberally applied to every component of ITSM processes, activities and strategy - not just to IT services.

ITIL 4 Management Practices

Perhaps the most significant change in ITIL 4 is the reorganization and renaming of the ITIL processes. In ITIL 2007, service management processes were grouped according to their place in the ITIL service lifecycle. In ITIL 4, the original processes have been renamed "practices" and grouped into three categories:

  1. General management practices

  2. Service management practices

  3. Technical management practices

This change in nomenclature highlights the reality that ITIL is a framework of best practices and not a set of specifications or specific procedures for doing ITSM. Calling the listed items "practices" instead of "processes" encourages IT professionals to adopt the elements of each practice that make sense for their business while discarding the elements that don't. ITIL 4 practices are defined as "sets of organizational resources designed for performing work of accomplishing an objective". They include:

General Management Practices

Service Management Practices

Technical Management Practices

ITIL Certification Changes Under ITIL 4

ITIL owners AXELOS have already established a new certification scheme to accompany the release of ITIL 4. The first certification for ITIL 4, known as ITIL Foundation was released in February 2019, with the additional certifications slated for release through 2019 and 2020. AXELOS has identified four certification levels for ITIL 4:

  1. ITIL Foundation - The ITIL 4 Foundation course is an update of the ITIL Foundation course that was previously based on ITIL V3. This ITIL certification delivers a basic understanding of the ITIL framework and how it can be used to enhance IT service management. 

  2. ITIL 4 Managing Professional - An ITIL certification obtained after completing a set of four modules (courses) on ITIL 4. The modules will be released in the second half of 2019. They include:

    • ITIL 4 Specialist: Create, Delivery and Support

    • ITIL 4 Specialist: Drive Stakeholder Value

    • ITIL 4 Specialist: High Velocity IT

    • ITIL 4 Strategist: Direct, Plan and Improve

  3. ITIL 4 Strategic Leader- A certification stream that consists of two modules due for launch in the first half of 2020. These courses emphasize the relationship between IT and business strategy. They include

    • ITIL 4 Strategist: Direct, Plan and Improve

    • ITIL 4 Leader: Digital and IT Strategy

  4. ITIL Master - The coveted ITIL Master certification is the highest-level credential for ITIL practitioners. To obtain it, you must be able to demonstrate that you have personally applied ITIL principles and methodologies to achieve desired business outcomes in a practical environment. In the past, eligibility for this certification required practitioners to have achieved the ITIL Expert certification and worked in IT service management in a leadership role for at least five years. It remains to be seen what the eligibility requirements will be for a Master certification after the release of ITIL 4.

Other ITSM Frameworks

ITIL 4 is the world's leading framework of best practices for IT service management, but it is not the only one in use today. Many organizations apply elements from more than one framework, as each one services a slightly different function in supporting business objectives. Below, we list the service management frameworks that can complement ITIL in enterprise IT.

ISO/IEC 20000 

First published in December 2005, ISO/IEC 20000 was the first standard for service management released by the International Organization for Standardization. The publication was originally meant to reflect ITIL practices, so there is plenty of overlap between the ISO and ITIL frameworks. The biggest difference is that organizations can obtain an ISO certification for compliance with the "must-do" guidelines of  ISO/IEC 20000, which can provide a competitive advantage. 


Control Objectives for Information and Related Technologies (COBIT) was released in 1996 as a set of control objectives that would simplify the process of financially auditing IT organizations. COBIT's guidance overlaps significantly with that of ITIL, but there are major differences in organization. Another key difference is COBIT's emphasis on the IT governance aspect of ITSM, which contrasts with ITIL's focus on service delivery and value creation.


FitSM is a framework developed by the European Union to help increase the effectiveness of service management for federated IT infrastructures. The framework is published under Creative Common licenses and is freely accessible for all. FitSM has been described as a "lightweight" version of ITIL that describes simplified policies and procedures for improving IT service management.

The Business Process Framework (eTOM)

eTOM is a model of the processes that are needed to run an efficient and effective digital enterprise, and is mainly used in the telecommunications industry. The framework groups processes into three general categories: 

  1. Strategy, Infrastructure and Product

  2. Operations

  3. Enterprise Management

Many of the eTOM processes have ITIL analogs, so there is significant overlap between the two frameworks, but while ITIL is specifically geared towards IT organizations, the eTOM framework is meant to be applied to the whole business. Some organizations incorporate elements of both frameworks into their business and IT processes and procedures.

Microsoft Operations Framework (MOF)

The MOF was completed in early 2008. Like ITIL, the framework specifies processes that can help IT professionals more efficiently establish and deliver IT services to the business. MOF defines the IT service lifecycle in three phases:

  1. Plan Phase

  2. Deliver Phase

  3. Operate Phase

MOF 4.0 defines a management layer that is responsible for risk, changes and controls. There are service management functions; management reviews; and guidance for governance, risk, and compliance in the enterprise IT context.

Additional Resource:
ITIL Videos on Problem, Change, and Incident Management

Benefits of ITIL Adoption

The ITIL framework provides guidance for enhancing the delivery and support of IT services and driving value creation through the activities and behaviors of the IT organization and the provision of services that IT customers want. Below are three of the most important benefits associated with ITIL adoption.

Providing Better Services 

IT organizations can leverage their adoption of ITIL guidance and practices to help provide better services to the business. Processes for aligning IT strategy with the needs and goals of the business, along with ITIL 4's emphasis on value creation helps to ensure that the IT organization is effectively capturing user needs, evaluating opportunities and assessing the demand for new services. The service value chain provides a framework for effectively and systematically engaging with these inputs and providing value for the organization through the creation of services that the business wants.

Providing Better Support

Many IT organizations choose to enhance their support capabilities with ITIL as a response to recent growth. ITIL helps IT organizations increase the effectiveness of existing Incident Management and Problem Management processes including resolving IT incidents more effectively. IT organizations can also enhance their support capabilities by implementing a Configuration Management process to enhance oversight and control of IT infrastructure. When successfully implemented, ITIL's best practice framework supports the business by resolving IT issues more quickly and preventing or limiting unplanned business downtime.

Enabling Business Change 

One of our favorite things about ITIL is that way that it promotes and enables business change by providing guidance for service management. Change becomes a constant force for good as organizations further systematize their ITSM processes and management through progressive ITIL adoption. Processes for change management and evaluation help to ensure that organizations can grow and develop their IT infrastructure and services without disrupting the business, and the top-down emphasis on continual service improvement (CSI) offered by ITIL 4 acts as a constant driver of positive change across all elements of the IT organization.

How to Avoid Common ITIL Adoption Mistakes

With its 34 distinct practices, guiding principles and service value chain model, the process of ITIL 4 adoption can feel intimidating. The good news is that ITIL implementations can be relatively painless as long as you avoid these five common pitfalls for organizations adopting ITIL. For organizations that steer clear of these basic mistakes, ITIL adoption can feel easy, even while transforming your IT organization into a value creation machine.

Don’t Take ITIL Too Literally

The ITIL framework was never meant to prescribe exactly how your organization should plan, build and deliver IT services. Every industry is different and every IT organization is unique - you should always establish and define your own process based on what makes the most sense for your organization. ITIL is simply a set of best practices to point you in the right direction and help you build efficient processes that cost less and achieve more of what your customers want.

Identify and Manage Risk 

Just like any other project, there are always project risks associated with ITIL implementation. Identifying and managing these risks is a critical aspect of ensuring that your implementation will succeed. Even if you are certain that the ITIL framework can help, you could still face risks such as:

As with other projects , IT organizations should proactively assess sources of project risk and manage them throughout the implementation to ensure success.

“Right-Size” Your Implementation

Another common misconception about ITIL is that IT organizations must adopt all of the ITIL processes at once. This couldn't be further from the truth. Adopting many new ITIL practices at the same time can lead to chaos, so most IT organizations take a step-by-step approach where they adopt one or two processes at first and progressively add more later on when the first ones have stabilized. Common first processes include incident management and request fulfillment - the two key activities of the service desk.

Say “Yes” to Continual Improvement

Organizations that are resistant to continuously improving processes based on the best available evidence will fail to realize the full potential of ITIL adoption. Continual improvement is one of ITIL's most powerful processes, as it gives organizations the capability to iteratively get better at every single activity and process that they are accountable for. Continual improvement is most successful in corporate cultures that encourage collaboration, visibility of information and the optimization and automation of key processes. These values are reflected in ITIL 4's seven guiding principles.

Select the Right Tool for the Job

IT service management software solutions can significantly streamline and simplify the implementation process for the ITIL best practices framework. A reliable vendor partner can offer training, consultation and software support that helps you get the most value out of both your chosen ITIL software tool and your adoption of ITIL. Organizations should choose an ITSM software tool like Cherwell IT Service Management that features out-of-the-box compliance with ITIL's most commonly adopted processes.

Where to Start

Choosing the right ITSM platform is critical to the success of your organization's implementation of ITIL. Cherwell offers a comprehensive service management platform that was purpose-built to support ITIL's core processes, including incident management, change management, configuration management, service catalog, service desk and more. Cherwell ITSM is compliant out-of-the-box with 11 ITIL processes. As industry leaders in IT service management, we can provide learning services, documentation and technical support to help ensure the success of your ITIL adoption.

Want to learn more? Download our white paper below and we'll show you how to integrate people, process and technology that better supports your ITSM practices in accordance with the ITIL framework.

Additional Resource:
ITIL Made Easy: ITSM Processes and Best Practices

Ivanti Acquires Cherwell to Deliver Personalized Employee Experiences in the Everywhere Workplace