I. Introduction to ITIL Processes and Practices
The Information Technology Infrastructure Library ITIL stands as the world's most widely adopted framework for IT service management (ITSM). Its journey began in the 1980s under the auspices of the UK government's Central Computer and Telecommunications Agency (CCTA), aiming to standardize and improve the quality of IT services across government departments. The initial versions, ITIL v1 and v2, were monumental in establishing a common language and a set of best practices for IT operations, fundamentally organized around a core set of processes. For decades, ITIL was synonymous with a process-centric view of service management, where activities like Incident, Problem, and Change Management were defined as sequential, repeatable workflows with clear inputs, outputs, and roles.
However, the digital landscape has undergone a seismic shift. The rise of Agile, DevOps, cloud computing, and the relentless pace of business change exposed limitations in rigid, process-heavy models. In response, Axelos, the custodian of ITIL, introduced ITIL 4 in 2019. This evolution marked a pivotal transition from a purely process-oriented framework to a more holistic, flexible, and value-centric approach centered on the concept of practices. This shift is not merely semantic; it represents a fundamental rethinking of how IT organizations should structure their capabilities to co-create value with customers and adapt to modern ways of working. Understanding this evolution from processes to practices is critical for any IT professional, whether they hold a PMP IT certification focused on project management or specialize in service operations. It matters because it dictates how an organization learns, adapts, and ultimately thrives in a complex service environment.
II. Defining ITIL Processes
In the context of ITIL v3 and earlier, a process was defined as a structured set of activities designed to accomplish a specific objective. These processes were characterized by their prescriptive nature, with clearly defined sequences, roles (like Process Owner and Process Manager), triggers, inputs, outputs, and key performance indicators (KPIs). Classic examples include Incident Management (restoring normal service operation), Change Management (controlling the lifecycle of changes), and Problem Management (identifying root causes). The process model brought much-needed discipline, consistency, and measurability to IT operations. It allowed organizations to break down silos, establish accountability, and create repeatable workflows that reduced variability and error.
The advantages of this process-centric approach were significant during its era. It provided a clear blueprint for implementation, making ITIL accessible and actionable for large organizations. It enabled benchmarking and compliance, as processes could be audited against defined standards. However, its disadvantages became increasingly apparent. Processes could become bureaucratic bottlenecks, slowing down delivery in an age that demanded speed. They often fostered a siloed mentality, where teams focused on optimizing their specific process (e.g., Change Management's goal of minimizing risk) sometimes at the expense of overall business outcomes or user experience. The rigid boundaries could stifle innovation and make it difficult to integrate with Agile and DevOps practices, which emphasize cross-functional collaboration and continuous flow. As noted by ITSM consultant Kenzo Ho based on his observations in Hong Kong's financial sector, "An over-reliance on rigid process controls, while ensuring stability, often led to friction with development teams trying to deploy features multiple times a day. The process became the goal, not the value it was supposed to enable."
III. Defining ITIL Practices
ITIL 4 redefines the core components of the framework as practices. A practice is a set of organizational resources designed for performing work or accomplishing an objective. This is a broader, more inclusive concept. While a process is a specific type of practice focused on activity flow, a practice encompasses not just processes, but also the people, skills, competencies, tools, technology, and information required to succeed. Think of a practice as the holistic capability an organization builds. For instance, the Service Desk practice isn't just the process of logging and escalating tickets; it includes the service desk agents (people), their training in communication and tools (competencies), the ticketing software and knowledge base (technology/information), and the procedures they follow (processes). Other key practices include Monitoring and Event Management, Service Level Management, and IT Asset Management.
The inherent strength of the practice model lies in its flexibility and adaptability. It acknowledges that there is no one-size-fits-all workflow. Instead of prescribing a strict sequence, ITIL 4 describes the key components and activities that contribute to a practice, allowing organizations to tailor their implementation to their specific context, size, and technology landscape. This makes it far easier to integrate ITIL guidance with other frameworks like DevOps, where practices such as Continuous Deployment or Infrastructure as Code can be seamlessly incorporated. The practice view encourages a focus on building and evolving capabilities rather than merely documenting and enforcing procedures. It shifts the conversation from "Are we following the process?" to "Do we have the right capabilities to achieve our objectives?"
IV. Key Differences Between Processes and Practices
The distinction between processes and practices is profound and manifests in several key dimensions:
A. Scope and Focus
- Process: Narrow scope, focused on the flow of activities (the "how"). It is primarily concerned with efficiency, consistency, and control within a defined boundary.
- Practice: Broad scope, focused on the organizational capability (the "what" and "with what"). It is concerned with effectiveness, value co-creation, and outcomes, encompassing all resources needed.
B. Implementation Approach
- Process: Implementation is often linear and prescriptive. Organizations would typically map out the as-is process, design the to-be process based on ITIL books, and then implement it, sometimes with a "big bang" approach.
- Practice: Implementation is iterative and contextual. Organizations assess their current capabilities across the four dimensions of a practice (people, process, technology, partners/suppliers) and identify improvement opportunities. They can adopt elements of a practice gradually, in line with Agile principles.
C. Measuring Success
| Aspect | Process-Centric Measurement | Practice-Centric Measurement |
|---|---|---|
| Primary Metrics | Process efficiency (e.g., Mean Time to Resolve incidents, % of changes implemented on time). | Capability effectiveness and value outcomes (e.g., user satisfaction, reduction in business impact from incidents, speed of delivering change value). |
| Perspective | Internal, operational. | Holistic, value-stream oriented. |
| Example (Change Management) | Number of changes backed out; CAB meeting attendance. | Reduction in deployment-related incidents; increased frequency of successful releases; feedback from development teams on enablement. |
This shift in measurement is crucial. A 2023 survey of IT leaders in Hong Kong showed that organizations beginning to adopt a practice mindset reported a 30% higher correlation between their ITSM metrics and perceived business value compared to those using purely process-based KPIs.
V. Why the Shift to Practices?
The transition from processes to practices is a direct response to the evolving demands of the digital economy. Two primary forces drive this shift. First, the need to adapt to Agile, Lean, and DevOps cultures. These methodologies thrive on cross-functional collaboration, rapid feedback loops, and end-to-end ownership. A rigid, gated change process is anathema to a DevOps team practicing continuous delivery. The practice model, however, allows for the integration of DevOps principles into the Change Enablement practice. For example, the practice components can include automated testing pipelines and peer review protocols as part of the technology and process dimensions, enabling both speed and control.
Second, there is a growing imperative to emphasize value and outcomes over internal efficiency. The core of ITIL 4 is the Service Value System (SVS), which positions practices as the resources used by the organization to facilitate value co-creation. A process-centric view might optimize the cost per ticket at the service desk. A practice-centric view asks how the entire Service Desk practice—through effective knowledge management, empathetic staff, and smart automation—can improve employee productivity and satisfaction, thereby creating tangible business value. This outcome-focused approach aligns perfectly with the strategic thinking encouraged by certifications like the PMP IT certification, which trains professionals to manage projects not just as sets of tasks, but as vehicles for delivering benefits.
VI. Examples of ITIL Practices in Action
To make the theory concrete, let's examine how two classic processes transform when viewed as practices.
A. Incident Management as a Practice
Traditionally, Incident Management was a linear process: detect, log, categorize, prioritize, diagnose, resolve, close. The practice view expands this significantly. The Incident Management practice now explicitly includes:
- People & Competencies: Not just Level 1/2/3 analysts, but also developers who might be on-call (a DevOps concept), and their training in troubleshooting, communication, and stress management.
- Technology & Information: Advanced AIOps tools for event correlation and prediction, collaborative war-room platforms, integrated knowledge bases, and real-time communication tools.
- Partners & Suppliers: Clear engagement models with third-party vendors for major incident resolution.
- Processes & Procedures: The workflow is still there, but it's more dynamic—it may include swarm sessions for major incidents, automated escalation based on sentiment analysis, and blameless post-incident reviews focused on learning.
B. Change Management as a Practice
The traditional Change Management process, often centered around a heavyweight Change Advisory Board (CAB), was a common pain point. As Kenzo Ho explains, "In Hong Kong's fast-moving tech startups, a weekly CAB was seen as a death knell for innovation." The Change Enablement practice in ITIL 4 reframes this capability. It advocates for a risk-based approach with multiple change pathways. Standard, pre-authorized changes (like routine server patches) can be fully automated. Normal changes may use a lightweight, digital approval workflow or a virtual CAB. Only significant changes with high risk and impact require a formal CAB review. The practice builds the capability to assess risk, automate safely, and enable velocity. The tools (CI/CD pipelines), people (site reliability engineers), and information (change success rate dashboards) all work together within this practice to balance speed and stability.
VII. Embracing the Practice-Based Approach for Enhanced Service Management
The evolution from processes to practices within the Information Technology Infrastructure Library ITIL framework is more than an academic update; it is a necessary adaptation for relevance in the modern digital era. For organizations entrenched in traditional ITIL processes, the path forward is not to discard their hard-won discipline but to broaden their perspective. Start by mapping existing processes to the new ITIL 4 practice definitions and identify the missing components—perhaps investments in team competencies, new collaboration tools, or revised metrics. The goal is to build robust, adaptable organizational capabilities that can seamlessly integrate with Agile and DevOps ways of working.
This approach ultimately fosters a culture focused on value co-creation, resilience, and continuous improvement. Whether you are an IT leader, a service desk manager, or a project professional with a PMP IT certification, understanding and applying the practice-based model is key to bridging the gap between IT operations and business strategy. As demonstrated by forward-thinking organizations in Hong Kong and globally, those who make this shift are better positioned to deliver services that are not only stable and efficient but also agile, innovative, and directly contributory to business success. The future of ITSM lies not in perfecting isolated workflows, but in cultivating interconnected, dynamic practices that empower the entire organization.
By:Doris