GM has already implemented ITIL in its internal IT operations; now it's extending the ITIL framework to work in an outsourced environment. By the time its current contract with EDS expires in June, GM will have all of its IT providers working under a common umbrella of ITIL-based processes. “ITIL provides a standard, an unambiguous vocabulary for defining a set of processes that have defined interfaces,” says Rudy Wedenoja, GM’s director of enterprise operations management.

ITIL resolves ambiguities that can sap an IT organization’s ability to respond. For example, terms like incident response and problem resolution are often used interchangeably, but under ITIL, as adapted by GM, they have specific meanings: incident response refers to the process of restoring service after an interruption, such as a hard drive failure; problem resolution refers to determining the root causes of the failure and developing systemic fixes for the problem.

The new contracts that GM has signed with suppliers emphasize the notion of a service desk, a common point of contact for all end users. “The service desk is the most visible portion of ITIL as far as end users are concerned,” says Wedenoja.

On ITILS’s Own Terms

GM’s embrace of ITIL comes amid a push for common worldwide IT standards. The ISO 20000 IT services management standard, for example, provides a means of certifying that an organization is following best practices, similar to what the Capability Maturity Model provides for software development. ISO 2000, which replaces the British Standards Institution’s BS15000, allows for an independent assessment of an IT organization’s adherence to ITIL.

ISO 20000 and ITIL are intimately bound, with ITIL providing the documentation for best practices, and ISO 200000 providing the certification standard. Although some IT services providers label themselves as “ITIL-certified,” the term is a misnomer, according to Forrester analyst Peter O’Neill. While ITIL allows for certification on an individual level based on expertise, the only standard for certification on an organizational level is ISO 20000. With an ISO standard behind it, however, ITIL will experience an upsurge in adoption as organizations seek to become ISO 20000-accredited, O’Neill writes in a recent report.

ITIL and ISO 20000 apply to IT service management; other standards, such as CMM (software development) and Control Objectives for Information and related Technology (Cobit—an IT governance framework), lie outside the scope of GM’s ITIL efforts. “ITIL applies only to operations; it doesn’t cover software development,” Wedenoja says.

But that doesn’t mean the various standards don't need to work together. On the contrary, there need to be clear demarcation lines between the areas they cover. Right now, those lines are still somewhat blurry. Wedenoja, who is president of the Great Lakes chapter of the IT Service Management Forum, says work is underway to map ITIL, whose practitioners consist of IT operations personnel, and Cobit, whose practitioners are IT auditors. “Cobit is a viable set of controls to audit ITIL processes,” he says. “We need to better rationalize Cobit and ITIL so there are no conflicts.” For example, Cobit uses the terms “problems” and “incidents“ interchangeably; ITIL makes them distinct.

The groundwork for GM’s third-generation outsourcing was laid in 2004, when it called on key service providers to provide experts to work with GM’s staff on a common set of ITIL-based processes. “We pulled together a multisupplier team to develop ITIL for an outsourced environment,” Wedenoja says.

Lori Armstrong, HP’s principal for infrastructure services for the GM account was one of the experts that participated in the ITIL development. “We had subject matter experts serve on teams that helped to shape GM’s third-generation outsourcing model,” she says. For each ITIL process, the teams extended the basic ITIL definitions to fit the outsourced model. The service desk, for example, was defined as the common point of contact for all end users, regardless of their geographic location.

HP was an early adopter of ITIL, says GM’s Wedenoja. The other service providers are following HP’s lead in implementing ITIL within their own operations, he says.

The GM outsourcing model breaks new ground by requiring service providers to communicate in a common language, ITIL. Assuming the project is a success, other companies are sure to follow in its footsteps. “In the third-wave outsourcing model,” says Wedenoja, “there’s no one service provider or group of providers that stand out. Instead, it’s a collaboration among equals, led by GM’s senior IT executives.”

4 NEXT STEPS