Published on 05/25/2017 | Strategy
Information Technology (IT) has been formalized for a lot longer compared to Operational Technology (OT). Thus, there have been standards and openness inherent in IT projects for many more years. Whereas, OT projects have been closed architecture, proprietary solutions for the most part built in siloed business units focused on specific applications that are normally mission critical to the organization. But, things are slowly beginning to change. Now, we see OT projects formalizing and adopting some of the best practices of IT. Nowhere is this change more evident than in ITSM (Information Technology Service Management).
Information technology service management (ITSM) can be defined as the way in which the business manages information systems and delivers value to customers and users. The ITSM concept is a moderately new approach to planning and managing change, establishing tasks when something unexpected happens, or managing IT budgets, ensuring payment of suppliers. By adopting the elements of ITSM, an organization can help prevent negative impacts for the business.
ITSM has several benefits, such as reduced operating costs, improved IT resource allocation and enhanced productivity.
Changing to an ITSM model is no easy task, because it affects the entire organization – the business, the IT department as well as existing projects. There are several management standards and best practices, such as CoBIT, ISO 20000, TOGAF, and ITIL, which are worldwide recognized. But, can these same methodologies be applied to OT and still deliver value to the business and its customers? Is OTSM (Operational Technology Service Management) now a reality? I argue that the answer is a resounding, yes.
Clearly, how a business manages its IT and OT will define its ultimate success. The core focus points to vector towards success are driven by:
These points are just as valid for OT as they are for IT. Yet, operators of OT solutions have been slow to adopt these methodologies for running projects and operating systems. Some standards or approaches have been embraced already, such as from the realm of project management, but more is needed and with some efforts, they can be leveraged to improve both project and operational success. Here are some of the methodologies to consider.
CoBIT 5 - CoBIT (Control Objectives for Information and Related Technologies) is a good-practice framework created by international professional association ISACA for information technology (IT) management and IT governance. CoBIT provides an implementable "set of controls over information technology and organizes them around a logical framework of IT-related processes and enablers.
ITIL - ITIL, formerly an acronym for Information Technology Infrastructure Library, is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. In its current form (known as ITIL V3), ITIL is published as a series of five core volumes, each of which covers a different ITSM life-cycle stage. Although ITIL underpins ISO/IEC 20000 (previously BS 15000), the International Service Management Standard for IT service management, there are some differences between the ISO 20000 standard and the ITIL framework.
ITIL describes processes, procedures, tasks, and checklists which are not organization-specific, but can be applied by an organization for establishing integration with the organization's strategy, delivering value, and maintaining a minimum level of competency. It allows the organization to establish a baseline from which it can plan, implement, and measure. It is used to demonstrate compliance and to measure improvement.
TOGAF - The Open Group Architecture Framework (TOGAF) is a framework for enterprise architecture that provides an approach for designing, planning, implementing, and governing an enterprise information technology architecture. TOGAF is a high-level approach to design. It is typically modeled at four levels: Business, Application, Data, and Technology. It relies heavily on modularization, standardization, and already existing, proven technologies and products.
CMMI - Capability Maturity Model Integration (CMMI) is a process level improvement training and appraisal program. Administered by the CMMI Institute, a subsidiary of ISACA, it was developed at Carnegie Mellon University (CMU). It is required by many DoD and U.S. Government contracts, especially in software development. CMU claims CMMI can be used to guide process improvement across a project, division, or an entire organization. CMMI defines the following maturity levels for processes: Initial, Managed and Defined. Currently supported is CMMI Version 1.3.
ISO / IEC 20000 - ISO/IEC 20000 is the first international standard for IT service management. It was developed in 2005, by ISO/IEC JTC1/SC7 and revised in 2011. It is based on and intended to supersede the earlier BS 15000 that was developed by BSI Group.
ISO/IEC 20000, like its BS 15000 predecessor, was originally developed to reflect best practice guidance contained within the ITIL (Information Technology Infrastructure Library) framework although it equally supports other IT service management frameworks and approaches including Microsoft Operations Framework and components of ISACA's CoBIT framework.
The standard was first published in December 2005. In June 2011, the ISO/IEC 20000-1:2005 was updated to ISO/IEC 20000-1:2011. In February 2012, ISO/IEC 20000-2:2005 was updated to ISO/IEC 20000-2:2012.
PMI PMBoK - The Project Management Institute’s Project Management Body of Knowledge is a set of standard terminology and guidelines (a body of knowledge) for project management. The body of knowledge evolves over time and is presented in A Guide to the Project Management Body of Knowledge (the Guide to the PMBoK or the Guide), a book whose fifth edition came out in 2013. The Guide is a document resulting from work overseen by the Project Management Institute (PMI), which offers the CAPM and PMP certifications.
Much of PMBoK is unique to project management e.g. critical path method and work breakdown structure (WBS). The PMBoK also overlaps with general management which both include planning, organizing, staffing, executing and controlling, the operations of an organization. Other management disciplines which overlap include financial forecasting, organizational behaviour, management science, budgeting and other planning methods.
Conclusion
If we consider a typical project, it has defined stages for its creation, implementation, and operation. The methodologies described above offer strengths at different stages in this life-cycle. Some, like PMBoK are very much project oriented and not ideal for operations. Others, like ITIL are best focused on the operation of a solution. CoBIT is best for the front-end aspects like planning and governance creation. TOGAF is perfect for the change management aspects of an operating system. It is not practical nor cost effective to consider using them all. So, select the best methodologies to service the needs of your organization. ITIL and PMBoK are popular in North America. TOGAF and ISO / IEC 20000 are strong in Europe. Other methodologies exist beyond the ones listed here, such as Prince 2, ISO / IEC 27000, ISO / IEC 31000, and ISO / IEC 38500. But, they largely overlap with the more popular methodologies listed.
Whichever methodology or combinations of methodologies you use in your OT projects is not critical, the important aspect is use one or more of them to help shape your project or operational success for the sake of your organization and to deliver the creation of value to your stakeholders. Leveraging the same methodology as the IT department and creating harmonization within the organization is important too.
This article was originally featured on LinkedIn.