Information Technology

From BC$ MobileTV Wiki
(Redirected from ITIL)
Jump to: navigation, search

Information Technology (commonly referred to as IT) is a broad term used to describe the applied field of computer science as it relates to the day-to-day operations of organizations (of all types, including public, private, for-profit and non-profit, etc...).


Information Technology Information Management (ITIM or IT management) is the set of overall policies, processes and practices of information dissemination (access), storage, backup, update/changes, deletion/archival, etc.

IT Service

Information Technology Service Management (ITSM or IT services) is a discipline for managing information technology (IT) systems, philosophically centered on the customer's perspective of IT's contribution to the business.



Within the broad spectrum of IT Service Management is another more precise/specialized discipline, focused on how Incidents, Problems and Service Requests should be handled. This practice of Incident & Technology Service Management (ITSM) is perhaps even more commonly known in the IT industry as ITSM, although somewhat confusingly the acronym could refer to either level depending on the organization (and sometimes even the context of the team/department within that organization). This more focused concept of ITSM defines IT work in terms of:

  1. Incidents - an isolated event that had some impact to a particular feature/page/application/system, for a particular subset of Users (or possibly all Internal Users, all External Users, or all Users in general) for a particular (known or estimated) timeframe
  2. Problems - a series of events (typically unexplained or insufficiently understood) which have impacted a feature/page/application/system over several (known or reliably estimated/evidenced) timeframes, or a series of Incidents likely to be related or with common unknown root causes
  3. Requests - requests for service or actions desired to be carried out by one group (typically within IT) for another group (typically within Business units, but sometimes within/amongst separate departments of IT) or on behalf of End-Users

[2] [3] [4] [5]


Verica Open Incident Database (VOID).



The Information Technology Infrastructure Library (ITIL or IT library), is a set of practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business. In its current form (known as ITILv3 and ITIL 2011 edition), ITIL is published in a series of five core publications, each of which covers an ITSM lifecycle stage.

ITIL best practices include:

  1. Change Advisory Board (CAB)
  2. Risk assessment
  3. Auditing & Compliance
  4. Post Implementation Review (PIR)
  5. Process definition
  6. Knowledge Base

[7] [8] [9] [10] [11] [12] [13] [14] [15]

Business Service

Business Service Management (BSM) is an approach used to manage business IT services. BSM promotes a customer-centric and business-focused approach to service management, aligning business objectives with IT from strategy through to operations. In some organizations it could also refer to a platform through which IT reaches out to or makes requests for service from respective Business Owners, stakeholders or reviewers, as in a corollary to ITSM, but for managing business activities or expertise as they relate to (or depend on) specific IT features/functions/applications/systems.

Shadow IT

Shadow IT is a term that refers to Information Technology (IT) applications and infrastructure that are sourced, procured, managed and utilized without the knowledge and/or approval of the organization's IT department. Shadow IT can include hardware, devices, software, web services, APIs, cloud applications, mobile apps, downloadable/installable tools, or libraries (whether free/open-source or commercial/closed-source) that employees turn to without IT authorization to accomplish work tasks and complete projects.

[16] [17] [18] [19] [20] [21] [22] [23] [24] [25] [26] [27] [28]


Keep The Lights On (KTLO) is an acronym used to describe work/activities that support the day-to-day operation of the business and its corresponding platforms, systems, networks, products and/or services. It supports revenue generation in that it ensures customers can access and transact with the business (i.e. think retail storefront being open for business, PoS system up, online shop returning accurate items/information and making correct inventory changes, website availability, mobile app responsiveness, etc... indicative of a business being available and ready to serve customers).

[29] [30] [31]

Common Stage Gates

For better or worse, in IT, "Gatekeeper groups" are sometimes put together that must be dealt with prior to performing certain actions (such as approving a project, verifying a product/service launch, releasing funding/budget, choosing a vendor, paying a vendor, deploying a software release, patching a system, changing a configuration, etc).

Decision Control Board

Decision Control Board (DCB) is primarily made up of Executives, Director/VP-level, or even Board of Directors (BoD), investors and/or other business stakeholders.

If they exist in an organization, typically should make decisions about use of funds within the company (project/initiative funding) and acceptable or unacceptable levels of risk, but sometimes expand their scope.

Steering Committee

Steering Committee (SC) is primarily made up of Product Owners in Agile (i.e. "voice of the customer"), or, the more traditional Product Manager role (i.e. "voice of the business"), along with possibly some Project Managers (PMs) and/or Business Analysts or QA (Test Leads).

If they exist in an organization, typically should make decisions about Project Management strategy/direction, but sometimes expand their scope.

Architecture Review Board

Architecture Review Board (ARB) is primarily made up of technically-minded folks coming from Software/Hardware/System/Infrastructure/Network/Security Architects, as well as possibly but not necessarily having some representation from Development (such as Senior Developers), Operations (Senior Operations Technicians), QA (Test Leads), and/or the Business (Technical Leads).

If they exist in an organization, typically should make decisions about use of technology within the company (acceptable tech stacks, licenses, use of open source .vs. commercial, vendor strategy) and acceptable or unacceptable levels of dependencies, coupling or inter-connections between systems, but sometimes expand their scope.

Change Advisory Board

Change Advisory Board (CAB) is primarily made up of practitioner/contributor level Operations (Change Manager), QA (Test Lead), Security (Security Lead), Development (Dev Team Lead) and Business (Product Owner and/or Lead Business Analyst) representatives. They often require sign-offs from one individual in each of its representative groups, and often an Environment Coordinator and/or Release Manager for final approval.

If they exist in an organization, typically should make decisions about releases and environment changes within the company (particular those in Production) and acceptable or unacceptable levels of quality controls (testing level), consistency (documentation and/or deviation from release process) or vendor change risk, but sometimes expand their scope.




External Links


  1. ITSM (IT Service Management) definition:
  2. Magic Quadrant for IT Service Management Tools (2018):
  3. The Forrester Wave™: Enterprise Service Management, Q3 2018:
  4. 4 ways to marry ITSM and DevOps:
  5. ITSM tool Business Value calculator:
  6. Announcing the VOID:
  7. Stanford University -- ServiceNow - Change Management Guide:
  8. IT Change Management Process Training: Mgmt Training 2016.10.19 WITH test questions.pdf
  9. What is Post-Implementation Review in Project Management?:
  10. ITIL glossary:
  11. ITIL & ISO 20000 Blog:
  12. What is ISO 20000? Learn why ISO 20000 can benefit your organization:
  13. The Essential Guide to ITIL Change Management:
  14. How to Adopt a Light Version of ITIL’s Change Advisory Board:
  15. What’s an ITIL CAB? A Simple Explanation:
  16. Shadow IT security checklist:
  17. McAfee -- What is Shadow IT?:
  18. Cisco -- What is Shadow IT?:
  19. Shadow IT:
  20. 2012 RSA study on reasons for Shadow IT: (35% of employees feel they need to "work around/outside IT security policies to get their job done", 63% of employees send work files around between file-sharing/storage/outside-of-work email services, 1/3 successful attacks on enterprises are through ShadowIT phish/spam/spoof/trojans/viruses/leaks)
  21. Employees Are Accessing More and More Business Apps, Study Finds:
  22. The Upside of Shadow IT:
  23. The upside of "Shadow IT" revealed:
  24. Shadow IT -- What Are the Risks and How Can You Mitigate Them?:
  25. Managing shadow IT:
  26. Shadow IT -- 8 Ways To Cope:
  27. Strong data protection process can prevent (some of the biggest) Shadow IT risks:
  28. What is a Cloud Access Security Broker (CASB)?:
  29. How to balance maintenance and IT innovation:
  30. Why Keep the Lights On (KTLO) is a waste:
  31. What it means to be Keeping The Lights On (KTLO):
  32. Breaking the Change Management Barrier -- overcoming the shortcomings of Change Advisory Boards (CAB) with DevOps:

See Also

Defect Management | Tech | GreenIT | Auth | Security | Privacy | DevOps