How to Achieve Business Outcomes using The Open Group IT4IT™ Standard and the IFDC VeriSM™ Approach Together
A White Paper by:
Rob Akershoek, Fruition Partners, A DXC Technology Company Sukumar Daniel, Action Research Foundation
Suzanne Galletly, IFDC
Linda Kavanagh, The Open Group Andrea Kis, Deloitte
Rita Pilon, EXIN
Tony Price, Virtual Clarity Leo van Selm, Vaseom
Mark Smalley, ASL BiSL Foundation
Copyright © 2018, The Open Group and the IFDC
The Open Group and the IFDC hereby authorize you to use this document for any purpose, PROVIDED THAT any copy of this document, or any part thereof, which you make shall retain all copyright and other proprietary notices contained herein. This document may contain other proprietary notices and copyright information. Nothing contained herein shall be construed as conferring by implication, estoppel, or otherwise any license or right under any patent or trademark of The Open Group or the IFDC or any third party. Except as expressly provided above, nothing contained herein shall be construed as conferring any license or right under any copyright of The Open Group or the IFDC. Note that any product, process, or technology in this document may be the subject of other intellectual property rights reserved by The Open Group or the IFDC, and may not be licensed hereunder. This document is provided "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. Some jurisdictions do not allow the exclusion of implied warranties, so the above exclusion may not apply to you. Any publication of The Open Group and the IFDC may include technical inaccuracies or typographical errors. Changes may be periodically made to these publications; these changes will be incorporated in new editions of these publications. The Open Group and the IFDC may make improvements and/or changes in the products and/or the programs described in these publications at any time without notice. Should any viewer of this document respond with information including feedback data, such as questions, comments, suggestions, or the like regarding the content of this document, such information shall be deemed to be non-confidential and The Open Group and the IFDC shall have no obligation of any kind with respect to such information and shall be free to reproduce, use, disclose, and distribute the information to others without limitation. Further, The Open Group and the IFDC shall be free to use any ideas, concepts, know-how, or techniques contained in such information for any purpose whatsoever including but not limited to developing, manufacturing, and marketing products incorporating such information.
If you did not obtain this copy through The Open Group or the IFDC, it may not be the latest version. For your convenience, the latest version of this publication may be downloaded at www.opengroup.org/library or www.verism.global. ArchiMate®, DirecNet®, Making Standards Work®, OpenPegasus®, Platform 3.0®, The Open Group®, TOGAF®, UNIX®, UNIXWARE®, and the Open Brand X® logo are registered trademarks and Boundaryless Information Flow™, Build with Integrity Buy with Confidence™, Dependability Through Assuredness™, Digital Practitioner Body of Knowledge™, DPBoK™, EMMM™, FACE™, the FACE™ logo, IT4IT™, the IT4IT™ logo, O-DEF™, O-PAS™, Open FAIR™, Open O™ logo, Open Platform 3.0™, Open Process Automation™, Open Trusted Technology Provider™, SOSA™, and The Open Group Certification logo (Open O and check™) are trademarks of The Open Group. COBIT® is a registered trademark of ISACA and the IT Governance Institute. ITIL® is a registered trademark of AXELOS Limited.VeriSM™ is a trademark of the International Foundation for Digital Competences (IFDC). All other brands, company, and product names are used for identification purposes only and may be trademarks that are the sole property of their respective owners.
Enabling Organizations in the Digital Age: How to Achieve Business Outcomes using The Open Group IT4IT™ Standard and the IFDC VeriSM™ Approach Together Document No.: W187 Published by The Open Group and the IFDC, August 2018. Any comments relating to the material contained in this document may be submitted to: The Open Group, Apex Plaza, Forbury Road, Reading, Berkshire, RG1 1AX, United Kingdom or by email to:
Boundaryless Information Flowä achieved through global interoperability in a secure, reliable, and timely manner
This White Paper has been written to help organizations and professionals understand how The Open Group IT4IT™ standard and the IFDC VeriSM™ approach can be used together to help organizations improve their services and achieve their desired business outcomes. It provides an overview of the two and their synergies and closes with a scenario for how to use them together for business benefit.
The digital era is firmly upon us. Technology is not only an important part of almost every business today, but it is also embedded in society and how we interact with each other in our daily lives. This presents massive opportunities for businesses to completely transform the way they operate. The inability of organizations to embrace new technologies in a timely way is one of the key reasons why over half of the Fortune 500 companies have disappeared since 2000.1 Organizations that ignore digital developments do so at their peril. All of this makes renewed demands on organizations and the professionals that work for them.
Both the IFDC VeriSM approach and The Open Group IT4IT standard have been developed against this background of Digital Transformation, with the aim of helping organizations and professionals to take advantage of the opportunities offered in this digital era as well as to manage the risks associated with it. Both approaches help organizations to improve their services and achieve their desired business outcomes – albeit from different perspectives.
VeriSM and the IT4IT standard share the same drive to manage the new digital ecosystem, each having complementary perspectives which can be used very well together.
VeriSM and the IT4IT Standard
VeriSM is the company-wide service management approach for the digital age that helps service providers to create a flexible operating model in order to meet desired business outcomes. The VeriSM approach supports organizations in developing a service culture across the entire organization, not just in the area of IT. The VeriSM approach is very practical. It helps organizations to better select and apply management practices and technologies that support their daily operations and strategies, and to govern these under one integrated model. VeriSM is an umbrella approach and thus, by definition, vendor and framework-neutral.
The Open Group IT4IT Reference Architecture is an industry standard reference architecture for managing the business of IT. It uses a value chain approach to create a model of all the functions needed to deliver value for the business. The IT4IT standard defines an integrated IT management framework focusing on the full lifecycle of services. It identifies the key things that IT must do – and do well. It allows IT to achieve the same level of business predictability and efficiency that supply chain management has allowed for the business, and was designed by practitioners to be industry, product, and vendor-independent.
In the VeriSM model, governance overarches all organizational capabilities, keeping a strong focus on value and the organization’s goals. Service management principles are defined for the whole organization. These act as guardrails, to make sure that all products and services are aligned with the needs of the organization. Principles include security, risk, quality, and use of assets, and are communicated to all who are involved with the development and operation of products and services. The unique element of the VeriSM model is the management mesh. This provides a flexible approach that can be adapted depending on the requirements for a particular product or service. The mesh includes:
- Management practices
- Emerging technologies
For each product or service, these areas are considered and the mesh is flexed where necessary.
The key focus area of the IT4IT standard is to provide a blueprint for a modern IT operating model using a common information reference model. The IT4IT Reference Architecture defines how IT management functions in the IT service lifecycle should be integrated to enable value to the business. The focus here is on streamlining and automating IT activities across the end-to-end IT value chain and providing transparency and traceability. The IT4IT Reference Architecture helps ensure interoperability of IT management solutions from different technology vendors and different service providers. It provides guidance for IT on becoming a service broker to better manage the growing number of vendors that are part of our hybrid service delivery ecosystem.
There are also differences in the specific objectives of the two approaches. The objectives of VeriSM include the following aspects:
- Define one common, integrated service management model and language for the whole organization, not just the IT department, removing silos and improving communication
- Establish an organization culture based on optimal service delivery, and focused on organizational goals and customer experience, for increased effectiveness and greater competitive advantage
- Increase employee satisfaction by providing service ownership
- Foster an agile mindset to create innovative and adaptive business solutions for the digital age
- Protect existing investments and build further on these to increase resilience and take advantage of the opportunities offered by the digital era
- Reduce risk and costs and increase effectiveness by using the optimal mix of practices and technologies that suit the organization size, aspects, and consumers; and governing it all under one integrated model
The objectives of the IT4IT standard on the other hand are to:
- Provide a reference model for managing the business of IT that will enable IT execution across the entire value chain in a better, faster, cheaper way with less risk
- Provide guidance on realizing an integrated and automated IT value chain with a common service model backbone (defining the common information model for managing the business of IT)
- Support real-world use-cases driven by the digital economy (e.g., cloud sourcing, Agile, DevOps, and service brokering)
- Embrace and complement existing process frameworks and methodologies (e.g., ITIL®, COBIT®, SAFe, Scrum, and the TOGAF® standard) by taking a data-focused implementation model perspective, essentially specifying an information model across the entire value chain
- Be industry-independent to solve the same problems for everyone
- Be designed for existing landscapes and accommodate future IT paradigms
There are a number of synergies between VeriSM and the IT4IT standard. Both approaches are vendor- agnostic and outcome-centric, focused on generating value. Both take a holistic view in terms of spanning the entire value chain. However, each serves a different purpose and as such there are key differences in terms of focus and intention; for example:
- VeriSM places an emphasis on culture and behavior; the IT4IT standard emphasizes the flow of value from the business through IT and provides the functional components and information flows you need to automate IT activities
- VeriSM provides a responsive (customizable) approach to delivering value to consumers through the development, delivery, operation, and promotion of services; the IT4IT Reference Architecture is a normative standard to manage IT across the value chain/lifecycle
- VeriSM is an approach that can be applied organization-wide, viewing IT as one of many organizational capabilities together with others such as Marketing, Legal, Finance, HR, etc.; whereas the IT4IT standard is intended for use specifically in connection with the IT function
The core of the diagram depicts the value stream model contained in the IT4IT standard, with the service model backbone, the four main value streams, and the supporting activities. The VeriSM model has been wrapped around it, containing the overall organizational governance and service management principles, and resulting in the service as driven by the needs of the consumer. The four IT4IT value streams correspond very roughly to the main service phases as defined in the VeriSM model. The VeriSM management mesh, which helps organizations to pick the right mix of technologies and management practices for their individual situation and govern them all under one model, is running through the entire value chain. The IT4IT standard actually forms part of the management mesh, as it is one of the management practices which can help an organization to achieve its desired business outcomes.
Practical Example: EnOrg
This section contains a practical example of how the IT4IT standard and the VeriSM approach can work in tandem to help an organization to reach its desired business outcomes.
EnOrg is an energy provider which has been in the business for more than 40 years. EnOrg is a very stable, reliable provider but recent analysis has revealed that sales of EnOrg have decreased dramatically in the last five years. Further analysis has revealed that consumers are choosing alternative providers because EnOrg’s competitors offer innovative services which are not available at EnOrg. To address this, EnOrg has set up a Digital Transformation program. The program is wide-reaching and includes multiple initiatives which transform the way in which EnOrg develops, delivers, and promotes its services, making use of technology and digital means. The aim of the Digital Transformation program is to win back market share by delivering more value to its customers which in turn should help reshape EnOrg’s image, so it is seen as a modern provider on the cutting edge of innovation.
As part of this overall program, a specific project was set up to develop an app which allows consumers to track their energy use (New App). New App has been developed by an external software development company, and EnOrg’s own internal IT department support it. The Marketing department was involved in the original design of New App, to ensure an attractive “look and feel”. New App relies on data from various sources across multiple suppliers. Upon launch it was well received in the market, but recently some problems have started to emerge. New App doesn’t always work and the various teams (both internal and external) don’t work well together and often blame each other for any failure, leading to a delay in actually resolving the issue. The internal IT department gives high priority to any issues with New App, as they understand the importance of it for EnOrg’s business, but the external software development company does not treat escalated issues with the same urgency. The various suppliers which feed data into New App use different tooling, which means that information flow is poor and sometimes employees even have to manually transfer data from one system to another which leads to additional delays. There have been a lot of complaints about the usability of New App, but the Marketing department considers their job is done and it is the IT department’s responsibility to make any necessary improvements. To make matters even worse, during the invoicing process, customer data was accidentally leaked to one of the suppliers which should not have had access to it. Management is considering withdrawing New App and employees and customers alike are frustrated.
Solving Business Problems
Figure 2 shows how VeriSM and the IT4IT standard can work in tandem to help solve the business problems of EnOrg and deliver the New App service effectively to its consumers.
The following sections explain this in more detail.
Applying the VeriSM Model to EnOrg
The consumer is central to VeriSM. The VeriSM model can be applied to help EnOrg adopt an organizational-wide approach to delivering the New App service to the end consumer. This will help to correct many of the silo issues which are occurring right now, and ensure that there is the right level of commitment across all areas of the organization. This includes developing the right behaviors across the organization (the service culture/mindset). Applying the VeriSM approach will also ensure effective governance of any third parties which contribute to the service, as these will also be governed under one integrated model.
Strategic requirements, goals, and objectives are defined for the Digital Transformation program of EnOrg and the specific projects within it, including the New App service. A structure is established to assess progress against these (measurement). This ensures that there is sufficient management commitment to (and focus on) achieving the outcomes desired by the change, including how to foster a collaborative environment which is required to ensure that the New App service can be delivered and supported effectively.
Service Management Principles
Processes and procedures are defined for the following areas which need particular attention:
- How knowledge is shared, to enable collaboration between the various teams involved so that issues with New App can be solved quickly and lessons learned shared
- How relationships with suppliers are managed, since there are many parties (both internal and external) involved in the design, support, and functioning of New App
- How security risks are managed in the information flow between EnOrg and the various external suppliers, and how awareness of security is communicated and embedded in all departments within EnOrg and its suppliers, to prevent further security breaches
By applying the management mesh, EnOrg can also optimize the way in which it is using resources, considering its operating environment, and applying new management practices and technologies. This will assist EnOrg in keeping pace with the times in terms of innovation, which the consumer expects, whilst reducing cost and risk caused by unnecessary spend on new practices and technologies which are not the right “fit” and as such do not add sufficient value to EnOrg as an organization.
The management mesh is reviewed and flexed to support the Digital Transformation program of EnOrg, including the New App service:
Particular consideration is given to how to ensure knowledge transfer from the software development team to the internal IT department; how third-party resources are governed; and how to ensure that resources are made available from all involved teams, including Marketing which needs to continue to improve the “look and feel”/usability of New App.
Attention is given to how to develop the right “culture of collaboration”, both within EnOrg itself and extended to its suppliers. A competitor analysis is performed to identify industry benchmarks and opportunities to differentiate EnOrg’s New App from similar apps already offered in the market, for greater competitive advantage. There is also focus on the alignment of processes and tools (service stabilizers) across suppliers/teams, to make sure all teams involved give high priority to resolving issues related to New App and that information can be quickly exchanged.
- Management Practices
As the New App service involves close collaboration between suppliers and teams, Service Integration and Management (SIAM) is adopted as a management practice to support EnOrg in managing a multiple supplier model. Also, Lean thinking is applied to identify how unnecessary waste can be eliminated from the app development and support processes, to prevent avoidable delays. The IT4IT standard is used to identify the value streams in the IT delivery and to streamline processes and systems.
- Emerging Technologies
There is focus on cloud and automation solutions to ensure that tooling between the different suppliers involved in the New App service is automatically linked and that knowledge can easily be shared across platforms.
The management mesh can be continually flexed as needed, to allow EnOrg to respond to new consumer demands and changing market dynamics, as well as to embrace new (technological) developments where these add tangible value.
Applying the IT4IT Standard to EnOrg
IT Value Chain
The EnOrg organization can use the IT4IT standard to create a more holistic and integrated approach to manage the entire service lifecycle of all services in the portfolio. The problems experienced with the New App introduced by EnOrg are a symptom of a more fundamental issue about the way EnOrg is governing and managing services across the entire IT value chain, from planning, development, testing, through deployment to operations.
The IT4IT Reference Architecture provides a blueprint to define a common model for enabling interoperability and communication between the different vendors involved in the ecosystem as each have their own processes and tools. Standardizing on the IT4IT information model helps EnOrg to realize a multi- vendor sourcing platform ensuring end-to-end governance and traceability, which includes standard integrations with the service providers to, for example, exchange requirement specifications, incidents, and other lifecycle artifacts. This improves the communication and collaboration between the different vendors in the ecosystem.
IT4IT Reference Architecture
The IT4IT Reference Architecture is used by EnOrg to assess and rationalize its current portfolio of applications. By mapping all its current applications to functional components EnOrg is able to identify and reduce areas of duplication that reduce costs and streamline operations and is able to bring automation to
functions that are still being accomplished manually.
IT4IT Strategy to Portfolio
The Strategy to Portfolio (S2P) value stream manages the portfolio of services and ensures these services are continuously evaluated and aligned with business goals and strategic themes. Within the S2P value stream, opportunities for innovation are identified and managed in the portfolio backlog.
The transformation program of EnOrg is managed in this value stream. The portfolio of initiatives is governed in S2P ensuring the IT investments deliver the expected business outcome. One of the initiatives is to develop a new application which is added to the service backbone. The IT4IT service backbone manages the full lifecycle of all current and planned services and related technologies. The portfolio of services and initiatives in this value stream is related to strategic themes and business objectives.
IT4IT Requirement to Deploy
The Requirement to Deploy (R2D) value stream manages the product backlog and requirements across the different teams and services. The actual sourcing or design, development, and test activities are performed in this value stream resulting in a service blueprint which can be deployed into the different environments.
This value stream ensures that the New App is developed in an iterative manner, ensuring both business requirements and non-functional requirements are considered; e.g., including risk, security, compliance, and operational aspects such as user experience, performance, maintainability, and availability. This integrated approach ensures all requirements are tracked and traced in a common backlog and the design includes all dependencies and integrations needed to make the New App work in production.
The dependencies between the application and other applications and teams/vendors are coordinated. The operational aspects of the service are embedded during the development phase; e.g., monitoring and how to handle service interruptions and integrations with vendors. For the New App a standard blueprint is created which includes the blueprint of all components needed to manage and operate the application as well as the underlying infrastructure (infrastructure as code) and the integration the application has with other data sources. This way a consistent service model is created of the New App with all dependent service components which makes it transparent and easier to identify the interdependencies between the different services and involved teams.
IT4IT Request to Fulfill
The Request to Fulfill (R2F) value stream manages the service catalog and the various request fulfillment activities such as deploying infrastructure and application releases across the different platform and vendors in the ecosystem. This value stream performs the actual provisioning and deployment of the application, tracking usage, and moving the service from a desired service to the actual service in the IT4IT service model backbone once it is deployed.
IT4IT Detect to Correct
The Detect to Correct (D2C) value stream ensures continuous operations by proactively monitoring services and initiating corrective actions to prevent or remediate issues. This includes monitoring services from a business perspective (e.g., user experience) as well as related to security (e.g., threats and vulnerabilities), performance, and so on.
The D2C value stream monitors the end-to-end service across the different vendors, as well as monitoring security and compliance of each of the vendors. For example, data leakage issues are logged and remediation actions are coordinated. The actual service data object in the IT4IT service model is used to pinpoint the root cause of specific incidents to service components and automatically route incidents to the responsible teams. Feedback loops are implemented to ensure identified issues can be fed back to the R2D value stream into the development backlogs.
IT4IT Supporting Activities
The Supporting Activities address disciplines such as governance, risk and compliance, vendor and sourcing management, resource and project, finance and assets, as well as intelligence and reporting.
The vendor and sourcing Supporting Activity is involved in the negotiation and monitoring of the third-party contract for developing the new application. This ensures that all involved service providers and contracts are linked to the New App and continuously monitored to identify improvement opportunities.
In conclusion, the IT4IT standard and the VeriSM approach have different yet complementary focal points, and when used together can help solve business problems better. The IT4IT standard is focused on managing the business of IT whereas VeriSM is an organizational-wide approach to service management. They also have different functions, since VeriSM is an overarching approach which helps organizations to govern multiple practices and technologies under one flexible model, according to the needs of the business, whereas IT4IT is a normative standard that aids organizations in managing and optimizing the flow of information in the value chain to ensure alignment with business objectives across the value chain, drive automation, and support service brokering and SIAM practices. As such, VeriSM and the IT4IT standard are complementary. The synergy between the two approaches, in terms of their holistic view and mutual focus on generating value, makes them very suitable to be combined together to help organizations to take advantage of the opportunities offered by the digital age; and to ensure that their IT capability is digital-ready, and operating in alignment with the rest of the organization.
(Please note that the links below are good at the time of writing but cannot be guaranteed for the future.) For more information on the IT4IT™ standard, please see: www.opengroup.org/it4it.
For more information on VeriSM™, please see: www.verism.global.
The Open Group and the IFDC
In 2017, The Open Group and the IFDC signed a Memorandum of Understanding (MoU) with the intention of joining together to proactively help the market to address the challenges of today’s demanding environment. The Open Group and the IFDC are both community-based organizations and as such are well positioned to take feedback from the community to accelerate the ability of organizations to respond and adapt to the digital age.
About The Open Group
The Open Group is a global consortium that enables the achievement of business objectives through technology standards. Our diverse membership of more than 600 organizations includes customers, systems and solutions suppliers, tools vendors, integrators, academics, and consultants across multiple industries. The Open Group aims to:
- Capture, understand, and address current and emerging requirements, establish policies, and share best practices
- Facilitate interoperability, develop consensus, and evolve and integrate specifications and open source technologies
- Operate the industry’s premier certification service
Further information on The Open Group is available at www.opengroup.org.
About the IFDC
The International Foundation for Digital Competencies (IFDC) is a global non-profit organization and a global thought leader in the area of digital competencies. The mission of the IFDC is to develop, own, maintain, and promote (open) standards and approaches for the development of professionals in the digital era. The IFDC has strong partnerships with industry-leading organizations and revenue is generated by membership as well as royalties from publication and certification sales. Taking a community-based approach to the development of new approaches and standards, the IFDC protects any content developed from commercial interests. VeriSM™ is the first of the approaches to be developed by the IFDC.
Further information on the IFDC is available at www.ifdc.global.