Introduction

SOA is an architectural framework consisting of a set of tools and technologies that enable the rapid implementation of services; a set of design patterns and standards for the development of services; and a methodology for finding, reusing/consuming, and exploiting services. SOA is the most promising framework today for changing the way information technology (IT) works -- to make IT more agile and responsive to the business, more cost-effective, and more adaptive to the fast-changing business environment.

Back to top

Defining Information Technology Infrastructure Library

The ITIL was originally developed in the United Kingdom by the Central Computer and Telecom Agency (CCTA) in 1987 as a set of 40 books. Later, the CCTA (now known as the Office of Government Commerce, or OGC) condensed this library into seven books called ITIL Version 2.

Using best practices in the ITIL framework, IT departments and companies can achieve a higher level of alignment between business and IT. Similarly, IT can provide services to the business in a more cost-effective, repeatable, and measurable manner. Today, the ITIL is the most widely adopted framework for enabling IT Service Management (ITSM).

Understanding the importance of the ITIL

If you've never heard of the ITIL or ITSM, you're probably asking yourself, "Why should I care?" Here's why these concepts are important and gaining increasing awareness in IT shops across the globe:

• IT shops have typically been considered cost centers to the business. However, with the increased competitive landscape, the evolution of technology, and a world in which customers are becoming knowledgeable and thorough in their analysis before making purchases, the role of IT has evolved. IT must be more a business enabler.
• Business agility is a big buzz word you have undoubtedly run across in most IT literature. Typically, application development projects spend 70 to 80 percent of their budgets (time and cost) in operations mode. This allocation has resulted in the recognition that IT must be managed from a "services" fashion. (Don't confuse service with SOA; in this sense, "services" refers to the work that IT professionals perform.) These IT services must be more repeatable, measurable, predictable, and reliable -- qualities which are the hallmark of ITSM. The ITIL is a framework that helps IT realize the vision behind ITSM. Table 1 highlights some fundamental shifts in IT practices to help make IT more services based.

Let's dive a bit deeper into what the ITIL really is.

What is the ITIL, really?

The ITIL, as mentioned earlier, is a collection of seven books, as shown in Figure 1:

• The Business Perspective
• Planning to Implement Service Management
• Service Delivery
• Service Support
• Security Management
• Application Management
• ICT Infrastructure Management

These books bridge the gap between business and technology, shown on the sides of the diagram. Service management is the core of the ITIL and is split into two books.

The Business Perspective

This book is targeted to business managers, and it helps them to see the IT perspective on things and talk about concepts such as business continuity planning, outsourcing, business change management, and so on.

Planning to Implement Service Management

This book is written by IT professionals who are highly experienced in implementing ITSM concepts. It provides practical advice, guidelines, checklists, and other project management tools to help you successfully implement ITIL and ITSM in your organization.

Service Delivery

This book is arguably the most important and explores how to deliver IT services. It covers several key concepts, such as:

• Service-level management
• Financial management for IT services
• Capacity management
• IT service continuity management
• Security management
• Availability management

Service support

This book describes how customers can access the different IT services available. It covers concepts such as:

• Service desk
• Incident management
• Problem management
• Configuration management
• Change management
• Release management

Security Management

Security, as you can imagine, is an important topic and has an entire book devoted to it. This book covers concepts regarding confidentiality, integrity, and availability of information (or data).

Application Management

This book talks about how typical application support and management can be performed using a services perspective. It allows for applications to be managed within the context of the business objectives.

ICT Infrastructure Management

This book is technology focused and talks about the people, process, and tools required to manage a stable IT infrastructure at an acceptable cost.

This article doesn't go into further details about these books. Instead, you'll see how they relate to SOA. (To learn more about the ITIL, see Resources.)

Back to top

Exploring the interrelation of SOA and the ITIL

Let's get to the crux of the concept: in ITSM, you're implementing services. You define what you do as an IT shop in terms of the service you provide to your customers. These customers can be either other individuals or groups in your IT organization or the business. A centralized database administrator (DBA) group or a centralized UNIX™ group supporting an application development team are examples of internal IT services. The application team builds applications for the business users and customers. In other words, the applications are external services that IT provides. These services are supported by ITIL processes, such as incident management, capacity management, problem management, and so on.

The convergence here with SOA is that as the loosely coupled, composable SOA services come into play, the service support and service delivery processes can manage and support them per ITIL guidelines. As a simple example, what would the incident management process be on a "get currency rate" SOA service built using technology such as Web services?

On the flip side, you can implement ITSM services such as DBA support in a more service-oriented manner, learning from the concepts of SOA. If you think about it, SOA and ITSM are less likely to be successful without each other. The ITIL is the glue that ties them together.

SOA is about creating agility in both IT and the business. This agility requires repeatable, standardized processes that can be measured, monitored, and reported on. That is the ITIL. Another way to look at it is that SOA needs a significant amount of governance, and the ITIL has a built-in governance framework.

Merging your SOA and ITIL road maps

Teams looking at implementing SOA or the ITIL can learn from each other. To implement a successful SOA, you need a set of best practices, processes, and details about your IT processes that are repeatable and measurable. The ITIL provides this information. Because the ITIL doesn't get into the specifics of how you implement the processes and merely presents a framework, it's relatively easy to "borrow" those concepts and apply them to your SOA implementation plans.

Let me explain with a simple example. One of the key concepts of SOA is the fact that you need a common data model or data definition -- in other words, your enterprise must speak a single language. From an IT processes standpoint, the ITIL provides a common vocabulary and glossary that you can use as a starting point for your enterprise data dictionary. Why is this important? For example, let's say you have an incident management system and a problem management system. Without a common vocabulary and a set of defined parameters, how are these two systems going to talk to each other? This is the same classic problem with Web services and SOA. How are two services going to exchange data unless they speak the same language -- or at least know how to translate between one language and another? Stephen Watt has an excellent article that covers this aspect of SOA in more detail. (See Resources.)

Another aspect where the ITIL and SOA road maps can merge is in the service delivery processes, such as service-level management, financial management for IT services, capacity management, and availability management. Key questions to ask when talking about SOA include who's going to pay to build the service, who's going to pay to make sure that the service is available and scalable, who'll make enhancements to the service, and who'll manage the service? Answers to all these questions lie in the Service Delivery book of the ITIL. As you get further along in establishing these processes for the ITSM-based services (DBA, UNIX support, and so on), you will start seeing how they will apply directly to what we consider services in an SOA or software world.

SOA plays a large role in business process management (BPM). ITIL plays a large role in IT management. As these two initiatives begin to merge, you will start seeing IT align itself more and more with the business.

Back to top

Overcoming barriers to SOA and the ITIL

The challenges to implementing SOA and the ITIL (with or without each other) remain the same. In both cases, technology is the easy part. The biggest challenge is probably the culture change required in most organizations. The business must begin thinking "services." IT groups must reorganize themselves (people, process, and technology) to deliver and manage these services. This sort of a culture change is not easy to implement: It requires a strong business executive and a strong IT executive to partner and drive the process in a top-down manner. It also requires partnering at the grass-roots level -- business analysts and architects working with the users they support to show them the value of services. (See my article on SOA teams, which talks more about the roles of the team members in driving SOA initiatives in Resources).

The second biggest hurdle of SOA is governance. What is the best way to implement governance, and what is the right level at which to govern? IT governance is a big buzz word for chief information officers (CIOs) today. Fortunately, this is one problem that can be mitigated if your organization is further ahead with the ITIL. Inherent to the best practices that the ITIL promotes is a framework for tracking, measuring, and reporting on these services. SOA projects can apply the same concepts to governing the different SOA services in the enterprise.

Back to top

Looking at the ITIL, SOA, and Capability Maturity Model

Now that you've seen how the ITIL and SOA work together, let's take a quick look at the Capability Maturity Model (CMM). The CMM is a framework for accessing the maturity of the IT processes in an organization. The original focus of the CMM was on the software processes. However, the new Capability Maturity Model Integration (CMMI) is probably more applicable to the ITIL, as CMMI includes hardware and software (as ITIL does). If you study CMMI, you'll see an overlap of several CMMI processes with ITIL processes.

The maturity of your ITIL implementation can be directly related to your organization's rating on the CMMI scale of 1 to 5. However, my suggestion is to follow a "just-enough" paradigm. Implement only the amount of ITIL or CMM required for your organization -- not just to get a higher certification level.

Back to top

Summary

As your ITSM (or ITIL) and SOA initiatives mature, you'll start to see a convergence of these concepts and begin to reap the values of standardized IT processes in a true service-oriented world. SOA management is the umbrella term that will encompass what is traditionally covered under SOA management and ITSM.

It is important that organizations bridge the gap between SOA plans and ITIL plans so that they can benefit from the fusion of these initiatives. The earlier these initiatives are aligned, the more successful the overall implementation will be -- and you will face fewer organizational issues and politics. Excellent starting points are a steering committee that bridges these two initiatives and a complementary communication and collaboration framework to weave the two together.

Resources

• Participate in the discussion forum.
  
  
• For more about SOA teams, read "Create the ideal SOA team," (developerWorks, July 2006).
  
  
• Discover more about SOA governance.
  
  
• Learn more about the Service-Oriented Architecture Maturity Model.
  
  
• Read "Enhance IT Infrastructure Library service management capabilities," (developerWorks, November 2005).
  
  
• Visit the developerWorks SOA and Web services area.
  
  
• Discover the ITIL resources available from IBM.
  
  
• For more about ITIL, visit the OGC Web site.
  
  

About the author

Kunal Mittal is a consultant specializing in Java technology, J2EE, and Web services technologies. He is the coauthor of, and has contributed to, several books on these topics. He works as a director within the Domestic TV IT group for Sony Pictures Entertainment, where he's responsible for the technical architecture and management of applications for that division. In his spare time he writes for IBM developerWorks, consults on SOA, and is a private pilot. For more information, visit Kunal's Web site at www.kunalmittal.com or contact him at kunal@kunalmittal.com.

Rate this article

Comments

Back to top

Table of contents

• Introduction
• Defining Information Technology Infrastructure Library
• Exploring the interrelation of SOA and the ITIL
• Overcoming barriers to SOA and the ITIL
• Looking at the ITIL, SOA, and Capability Maturity Model
• Summary
• Resources
• About the author
• Comments