The Main Bodies of ITSM Best Practice Guidance

The Main Bodies of ITSM Best Practice Guidance

The Main Bodies of ITSM Best Practice Guidance


Welcome to the Allari blog! As owners of Allari, Ravi & I look forward to using this medium to share current information about IT Operations, Cybersecurity, software products & IT Management with our readers. We’ll report, analyze, and provide perspective & recommendations from some of the industry’s leading minds as well as from our direct experiences. We will strive to provide blogs that impart important information. These are the types of blogs that our team members prefer to read, and that’s exactly what we plan to provide.

John Mathieu, Founder
* Allari provides IT Operations & Cybersecurity services to organizations using IBM, Microsoft, Oracle & SAP Products. We provide a True IT as a Service delivery model with Offices in US, Ecuador, Brazil & India. Customers located in 56 countries.

#goallari #allari #ITaaS #ITService #ITasaService #ITSM #ITOperations #ITMaintenance #CyberSecurity

To help us IT service management (ITSM) folks get ahead, there are a number of ITSM best practice frameworks, methodologies, and standards available. While the number of these is impressive, it leads to a problem within itself – which approach or approaches should be used? The answer to this question isn’t simple to answer because it really depends on an organization’s size, maturity, needs, and capabilities. Plus, geography – given the regional preferences for different approaches.

To help you decide what might be right for your organization, I’ve put together this guide on the main bodies of ITSM best practice. Outlining what they’re primarily used for, who they’re aimed at, and the available qualifications.


I begin with ITIL 4 simply because it’s one of, if not the, most popular ITSM framework out there. ITIL has been owned by AXELOS since 2013 – with the original version of ITIL created in 1989 – and is, in the words of AXELOS, “the most widely accepted approach to IT service management in the world.”

ITIL has recently received a much-needed update (from 2011’s ITIL v3 2011 Edition to ITIL 4) to bring its guidance in line with the digital age. In fact, ITIL is now seen as a service management framework (instead of an ITSM framework) and the responsibility for service management is that of the organization, not just the IT department. Each organizational unit has its own part to play and ITIL 4 promotes a holistic approach encouraging business units to work together as one rather than in siloed teams.

While ITIL guides organizations along the best-practice path of service management it doesn’t strictly tell them how to do something, this means it can be used by various organizations across different industries. The best-practice can be followed but how it’s actioned is entirely up to the organization and what suits them best.

ITIL 4 is also designed to be a flexible framework that can be used alongside other approaches as organizations see fit. Importantly, it isn’t trying to be the be-all and end-all, but rather a framework that can be integrated with others as necessary. Also, ITIL allows you to pick it up at any time in your ITSM journey. In fact, one of the ITIL 4 guiding principles in to “start where you are.”

Individuals can become ITIL certified, starting with a foundation certificate working their way through to ITIL Master status if desired. For anyone with an ITIL v3 Foundation certificate, a credits-based system is used for the progression to higher-level ITIL 4 qualifications.

You can read more about ITIL 4 in this blog Everything You Officially Need to Know About ITIL 4.

COBIT 2019

COBIT was created by ISACA in 1996, originally developed for the IT audit environment. Its value to organizations was quickly realized and subsequently, ISACA has expanded the framework for wider governance purposes. COBIT is now used across multiple industries, and in organizations large and small, as a framework “for the governance and management of enterprise information and technology, aimed at the whole enterprise. COBIT defines the components and design factors to build and sustain a best-fit governance system.”

To align itself with the digital age, similarly to ITIL 4, COBIT has recently seen an update moving from COBIT 5 (last updated in 2012) to COBIT 2019. Again, as with ITIL, COBIT 2019 can be integrated with other IT standards and frameworks and is not necessarily designed to be used alone, rather it sees itself as an “umbrella framework.”

The COBIT 2019 update has introduced new concepts allowing the framework to better guide organizations to tailor a governance system to the needs of the business. It understands that every business is unique and, as there’s a no-one-size-fits-all approach that will work for the governance and management of information and technology, this flexibility is essential.

Individuals wishing to become COBIT 2019 certified can complete the COBIT 2019 Foundation exam which has been designed to introduce people to the basics of the COBIT framework. For those who are designing and implementing enterprise governance systems within their organization, the COBIT 2019 Design and Implementation exam is recommended but can only be taken on successful completion of the foundation-level certification. Anyone who already holds a COBIT 5 foundation certificate can opt to take the new bridge program that covers the differences between COBIT 5 and COBIT 2019, this is a one-day program that’s followed by a multiple-choice examination.

You can read more about COBIT 2019 in this blog COBIT 2019 – the Key Changes to COBIT 5.

ISO/IEC 20000

Coming from “The International Organization for Standardization,” ISO/IEC 20000 (commonly called simply ISO 20000) is a standard rather than a framework. In fact, it’s the first international standard for service management. It was created in 2005, updated in 2011, and then again in 2018.

The standard helps organizations ensure that their IT processes fit not only the needs of the business but also international best practices. ISO 20000 works incredibly well alongside ITIL as the standard was developed around ITIL’s best-practice guidelines but other frameworks such as COBIT 2019 are also supported.

ISO 20000 certification helps organizations to improve their services, increase their rate of change, and enhance staff productivity. It will also help organizations access new markets where ISO 20000 certification is deemed to be mandatory. Because it’s globally recognized, ISO 20000 appeals to larger organizations that may want to attract customers from around the world – with an ISO 20000 certification used as a marketing device because it helps prove a company is not only customer-focused but also mature in its service management and delivery.

While organizations can become ISO 20000 certified, individuals can choose to do so too. A person holding an ISO 20000 certificate can be brought into an organization to help improve their processes and bring them in line with the standard, preparing the organization for certification.

ISO 20000 starts with a foundation exam for those that need to become certified in the basics of the standard, this is a multiple-choice exam suitable for people working in an ISO 20000 certified organization. Next on offer is the ISO 20000 practitioner exam which can only be sat once an individual has gained either the ISO 20000 foundation certificate or passed the ITIL foundation exam. For IT auditors the ISO 20000 Auditor exam can be sat but only once an individual has three or more years’ experience in an auditing environment.

You can read more about ISO/IEC 20000 in this blog Hello ISO 20000 (2018), We’ve Been Expecting You.


IT4IT comes from The Open Group – “a global consortium that enables the achievement of business objectives through technology standards.” This standard is a little different to the ones covered so far. Whereas frameworks such as ITIL and COBIT provide guidance to organizations around service management and they don’t tell organizations exactly how to do something, IT4IT does. Essentially, it’s a more prescriptive approach to IT service management. As with the other frameworks and standards, IT4IT is designed not to replace them but to work with them.

The standard uses an IT value chain, a concept that has since been introduced to ITIL, which is explained by The Open Group as “a series of activities that an organization performs in order to deliver something valuable, such as a product or service. Products pass through activities of a chain in order and, at each activity, the product gains some value. A value chain framework helps organizations to identify the activities that are especially important for competitiveness – for the advancement of strategy and attainment of goals.”

IT4IT believes that its approach can lower costs, motivate employees, increase accuracy, reduce risk, and enhance the management of external suppliers – all of which allow companies to evolve faster and provide service excellence to customers.

Certification of IT4IT can be only be achieved by individuals and there’s just one certification available – a foundation-level IT4IT certificate. The exam uses a simple multiple-choice format and there are no prerequisites.

You can read more about IT4IT in this blog IT4IT 101: A New Approach to IT Development and Delivery.


Developed by the International Foundation for Digital Competences (IFDC), VeriSM is a service management framework. It was created for organizations operating in the digital age that are perhaps becoming (understandably) confused by the world of ITSM and all of the standards and frameworks that now exist around it.

VeriSM recognizes that modern organizations need to be flexible and that IT should not be held solely responsible for service delivery. Rather, businesses should take a holistic approach and deliver value by utilizing all organizational units.

VeriSM describes itself as “a holistic, business-oriented approach to service management, which helps you make sense of the growing landscape of best practices out there, and how you can best integrate them to add value to your business. It is therefore different in that it provides the ‘glue’ which helps you bring all of the different practices together and make best use of them.”

The great benefit of VeriSM is its real-life approach. It’s practical and it works with real examples and case studies, making it easier to understand and implement in the business.

Currently, there are two VeriSM exams that individuals can take. The foundation level exam is a closed book, multiple-choice paper. This tests the individual on the concepts of VeriSM to prove that they understand the basics of the framework. The VeriSM professional exam is also a multiple-choice paper. However, it’s more in-depth and challenges individuals to understand how to apply VeriSM in an organizational setting as well as understanding the impact of digital transformation on a business and its people. The VeriSM leader certification is also being developed but few details are available right now.

You can read more about VeriSM in this blog The A-Z Guide of VeriSM.


FitSM is not published or managed by an established standards organization. So, it might not appeal to companies that are looking to badge themselves with a recognized standard. Other companies though, that perhaps don’t require a globally recognized sticker of approval, but are still keen to provide value and to do things the right way, could certainly benefit from FitSM.

This is a lightweight ITSM option whose training materials are completely free and provided to people under a creative commons license. The IT Education Management Organization (ITEMO) maintains FitSM and its certifications. However, it was originally developed by the FedSM Project, funded by the European Commission.

FitSM was designed to help a range of organizations deliver ITSM effectively by keeping things “simple, clear, pragmatic, and lightweight.” It’s suitable for any organization from start-ups right through to large enterprises.

The framework can be integrated with ISO 20000 or ITIL and can either be used as a basic option for ITSM or as an introduction to applying best practices. A foundation certificate can be achieved by completing a day course followed by a 30-minute multiple-choice examination. This course is designed to introduce participants to ITSM basics and the FITSM model.

Following this, individuals can go on to take an advanced course. There are two advanced courses both taking two days to complete, with these especially suited to those looking to manage a specific process within ITSM. If both advanced courses are completed, then the expert level course follows for full FitSM certification.

Holders of the ITIL Expert certificate, the Consultant/Manager in ITSM according to ISO/IEC 20000 certificate, or the Associate in ITSM according to ISO/IEC 20000 certificate are eligible to take the FitSM Expert Bridge course allowing them to become fully qualified in FitSM without the need to the sit lower-level certifications first.

Knowledge-Centered Service (KCS)

This one is all about, you guessed it, knowledge! The KCS Academy is a “network of knowledge-centered service (KCS) practitioners and vendors who support the successful adoption of KCS and contribute to the continuous improvement of the KCS methodology across all knowledge-intensive industries.” The KCS Academy provides all of the resources for KCS and is the only awarding body of the KCS certification.

Organizations generally tend to understand that knowledge is necessary to improve incident resolution and enable a self-service strategy but too often knowledge management isn’t given the attention it deserves and other, “more important” daily tasks get in the way of successful knowledge creation and use. The idea behind knowledge-centered service is that the creation and maintenance of knowledge to resolve incidents becomes front and center in IT support operations rather than acting as an add-on.

KCS is based on four principles that revolve around focusing on the big picture, collaboration and sharing of knowledge, using customer input to understand where knowledge needs to be improved, and engaging and motivating employees. KCS focuses on people over processes, creating value, and answering demand which, if you’ve been reading carefully, is very closely aligned with the other frameworks and standards in this blog. The KCS Academy states that when organizations adopt KCS they see “50-60% improved time in incident resolution and a 30-50% increase in first contact resolution.”

An entry-level certification can be taken by anyone who wishes to learn the basics of KCS which can be followed by an advanced level for those who want to dive deeper and gain a more thorough understanding of the framework.
Source: Joe the IT Guy

Related Articles:

The DX 200: The Race For Digital Transformation

Get Weekly Updates on Key Issues Facing IT Directors

Subscribe to our Weekly E-zine

Cost Calculator Book a Call
jde installations attacked by cyber criminals

JDE Installations Attacked by Cyber Criminals

JDE Installations Attacked by Cyber Criminals The threat is real. In the

​Read More
JDE vulnerability for your business

60% of Security Breaches are from Known Unpatched Vulnerabilities

60% of Security Breaches are from Known Unpatched Vulnerabilities  Vulnerabilities are flaws

​Read More
Founded in 1999, Trailblazer Allari is making a bold move towards providing IT Operations and Maintenance, as well as Cost and Efficiency conscious IT Leaders via an Innovative On-demand Consumption-based Service Value Model. IT Leaders gain access to processes and expertise for Scheduled Maintenance, On-Demand IT Tasks and Advanced IT Projects.
All delivered as IT-As-A-Service (ITaaS) via the Go.Allari Platform for daily support and projects related to ERP, Database, Helpdesk, Security, and Vulnerability Management. Its breadth of Platform Coverage is extensive, covering all Major Platforms including JD Edwards EnterpriseOne, Oracle Database, MS SQL, Microsoft BI, Qualys IT Security and many more.
Allari supports its customers from locations around the Globe 24/7. To learn more visit: