ITIL Process Glossary

Now in its fourth version, ITIL is one of the leading frameworks for IT service delivery. It outlines best practices for the most common ITSM processes along with the general principles of effective service delivery.

ITIL-certified professionals have the skills and expertise to select, plan, deliver, and maintain IT services that deliver value to the wider organization.

Made up of 34 distinct practices, ITIL offers a roadmap for delivering value to service users across all aspects of business IT.

What is ITIL?

ITIL stands for Information Technology Infrastructure Library. Designed with the purpose of achieving maximum alignment between IT teams and wider organizational goals, it’s a framework that outlines best practices for delivering services in an enterprise context.

As well as providing IT departments with a playbook for planning and implementing services, ITIL’s creators, AXELOS, provide certification for colleagues to prove their familiarity with the systematic approach to service delivery.

In its current version, ITIL outlines 34 distinct processes split across three lifecycle stages. The goal here is to provide an adaptable, scalable, and customizable playbook for implementing each of these core IT services.

As such, each process provides a series of constituent actions, triggers, inputs, and outputs. Each of these processes is defined in more detail later in this resource.

ITIL priorities and goals

ITIL’s primary goal is to create predictable IT environments that provide the maximum value to service users, whether these are customers or colleagues.

More specifically, ITIL is grounded in the following seven guiding principles:

  1. Focus on value - Decisions should be based on providing value to service users, including in terms of efficiency, value for money, and user experiences.
  2. Start where you are - Changes should be based on the current state of your ITSM efforts rather than tearing these down and starting from scratch.
  3. Progress iteratively with feedback - Changes should be broken into manageable iterations, with opportunities to gather feedback from service users and other stakeholders.
  4. Collaborate and promote visibility - ITIL places heavy emphasis on de-siloing our IT service delivery and fostering a collaborative environment.
  5. Think and work holistically - We must take account of the fact that services interact in complex ways to provide value to stakeholders.
  6. Keep it simple and practical - Use the minimum number of steps and actions within processes to provide value for users.
  7. Optimize and automate - Maximize efficiency by leveraging automation where possible and eliminating extraneous steps within service delivery processes.

Changes to processes in ITIL V4

The fourth version of ITIL was published in 2018. While most of the substantive information was carried across from previous versions, ITIL V4 also introduced some important changes in terms of terminology.

Specifically, ITIL V3’s 26 constituent processes were replaced with 34 practices in ITIL V4.

These are divided into three categories.

Despite the change in name to practices, we can still effectively think of these as generic business processes.

As such, we’ll be using the terms practices and processes interchangeably.

The Service Value System in ITIL 4

All processes within ITIL are structured around what is known as the Service Value Chain. This is the basic outline that each of the constituent practices follows to enable IT teams to identify demand and facilitate value to service users.

The six stages of the Service Value Chain are as follows:

  1. Plan - creating a shared understanding of the current state of services and their respective improvement directions.
  2. Improve - identifying specific improvement actions and objects for service delivery.
  3. Engage - creating an understanding of the needs of stakeholders, including service user priorities, as well as risk and resourcing restraints.
  4. Design and transition - designing changes that will continuously meet stakeholder requirements across quality, costs, and time to market.
  5. Obtain/Build - ensuring that service components are available according to agreed specifications.
  6. Deliver and support - delivering and supporting services that provide value to users.

34 ITIL processes and 3 stages

The 34 underlying processes within ITIL V4 are broken into the following three categories:

  1. General management practices - processes relating to the overall management and governance of IT services across an organization.
  2. Service management practices - processes relating to the design, delivery, optimization, and improvement of individual services that the IT team offers.
  3. Technical management practices - processes relating to how the IT team identifies, plans, deploys, and manages technical capabilities.

Let’s take a look at each category in more depth.

General management

There are 14 distinct practices within the general management category. As noted, these relate to the IT team’s overarching service delivery rather than the granular details of individual services.

These are:

Strategy management

Strategy management involves setting goals for the ITSM team and identifying strategies to meet them. This helps the IT department identify the resources and services required to achieve our organizational goals, along with service delivery KPIs.

Strategy management includes:

  • Analyzing the organization’s current IT environment to identify opportunities for improvement.
  • Identifying constraints that might prevent us from achieving these improvements.
  • Deciding on an improvement direction for services with relevant stakeholders.
  • Ensuring that strategies are translated into actionable plans for teams responsible for delivery.
  • Managing changes to our strategies in response to changing requirements or environments.

Architecture management

Architecture management aims to provide an understanding of the all of the different elements that make up the organization and its IT services, along with the various ways that these relate to one another.

There are five key strands of architecture management:

  1. Business architecture - Enabling IT teams to examine capabilities and services in terms of how they align with wider business goals. In turn, this facilitates gap analysis to identify new areas where ITSM teams can provide business value.
  2. Service architecture - Providing a view of all of the services provided by IT teams, as well as what these involve and how they fit together, with a view to providing opportunities for improvement.
  3. Information systems architecture - Outlining our organization’s data assets and the tools and processes used to manage these in order to provide maximum transparency and business value.
  4. Technology architecture - The software and hardware needed to support our portfolio of IT services.
  5. Environmental architecture - External factors influencing our IT service delivery.

Service financial management

Service financial management aims to ensure that financial resources are used as effectively as possible when delivering IT services, including a range of foreceasting, control, and administrative tasks.

The three key elements of service financial management are:

  1. Budgeting - Identifying the financial resources that are required to deliver services.
  2. Accounting - Tracking actual spending against budgets.
  3. Charging - Charging service users for costs incurred, if applicable.

Workforce and talent management

Workforce and talent management seeks to ensure that our organization has the right colleagues in the right roles across our service delivery teams. This includes everything from planning, recruitment, and onboarding to people management and performance reviews.

Effective workforce management is vital for maximizing service quality. By ensuring that we have the required skills, talent, and expertise across our IT team, we’re considerably better positioned to deliver quality internal services in a timely manner.

Continual improvement

Continual improvement is the practice of retaining alignment between our IT services and wider business objectives, especially in the context of changing requirements or environmental factors.

Key aspects of the continual improvement process under ITIL include:

  • Fostering a culture of continuous improvement across the organization.
  • Identifying and logging improvement opportunities.
  • Securing resources for improvement actions.
  • Making business cases for improvements.
  • Planning and implementing improvements and evaluating the results.

Measurement and reporting

Measurement and reporting furnishes our ITSM team with the data they need to make informed decisions around service management, changes, and improvements. This involves gathering and analyzing relevant data around individual services and our IT capabilities as a whole.

The primary data objects that we’ll need to operationalize and measure include:

  • Critical Success Factors (CSFs) - Preconditions that are required for us to achieve our desired results.
  • Key Performance Indicators (KPIs) - Metrics used to evaluate whether or not we’ve met our goals.

Risk management

Risk management is how an organization identifies, mitigates, prevents, and handles risk, including in relation to finances, operations, security, and other resources. As such, risk management is critical to all other processes within ITIL.

The basic process for managing risks includes:

  1. Identification - Determining where risks exist, as well as documenting their nature.
  2. Assessment - Analysing the likelihood and potential impact of a risk occurring.
  3. Treatment - Implementing measures to monitor, prevent, and mitigate against a risk.

Information security management

Information security management comprises all of our efforts to protect the information assets required for the organization to function. This includes maintaining the accuracy, integrity, confidentiality, and availability of data, including controlling storage, access, and exposure.

Information security management requires a range of policies, measures, and protocols to balance:

  • Prevention - Preventing incidents from occurring.
  • Detection - Identifying incidents that have occurred.
  • Correction - Recovering from identified incidents.

Knowledge management

Knowledge management is the process of documenting, sharing, and codifying information about our IT services and leveraging it across the organization. This can be for the benefit of service-delivery colleagues or end users.

Knowledge is information that’s useful in a specific context, like how to action a defined workflow or resolve a particular problem. Therefore, knowledge management furnishes our team with the information they need to deliver services to colleagues.

Organizational change management

Organizational change management deals with how changes are implemented within the organization. More specifically, it seeks to ensure that human aspects of change don’t undermine its success and effectiveness.

The goal is to ensure that all stakeholders affected by the change understand and accept it, including seeking buy-in, providing training, addressing concerns, formalzing approvals and authorization, and other strategies for removing barriers to change.

Project management

Project management is the process of monitoring and controlling the progress of projects so that they are delivered successfully. Within ITIL, a project is a temporary initiative that seeks to deliver agreed outputs according to an agreed business case.

Most ITSM projects follow either the Waterfall or Agile methodologies. In either case, the goal is to maintain operations while ensuring that new initiatives are implemented on time, within budget, and according to agreed specifications.

Relationship management

Relationship management is the ITIL process that relates to maintaining links with other stakeholders, including service users, vendors, and customers. The goal is to ensure that stakeholders’ needs are understood so IT teams can deliver value.

The core of relationship management within ITIL is facilitating structured communications between the IT team and stakeholders, as well as logging and learning from interactions. For instance, within complaints or escalation workflows.

Supplier management

Supplier management handles the performance of external stakeholders and partners, including vendors or contractors. Specifically, this ensures that required products and services are delivered effectively while also seeking to minimize associated risks and financial costs.

We can consider this at two levels:

  • Managing individual suppliers - including financial, contractual, and performance aspects of our relationship.
  • Managing our wider supplier network - including risk management, contingency planning, and overall visibility into our suppliers.

Portfolio management

Portfolio management is all about ensuring our IT team provides the right mix of services and other capabilities to meet the needs of the organization, while also handling the overall resource allocation relating to these.

There are three key kinds of portfolios we must deal with here:

  • Service portfolios - the services offered by the IT team.
  • Project portfolios - ongoing projects that have been authorized.
  • Customer portfolios - our service users and other stakeholders, as handled under the Relationship Management practice.

Service management

Next, we have ITIL processes that fall under the category of service management. There are 17 practices under this umbrella, dealing with the more granular needs of specific services.

These are:

Service design

Service design is the practice of devising services and products that meet the needs of end-users based on the available resources. This includes outlining the required technical capabilities, skills, staffing, finances, and workflows for delivering a service.

While cost-effectiveness is naturally a priority, ITIL service design places heavy emphasis on customer and user experiences, helping to ensure high adoption rates and compliance with internal processes.

Service desk management

Service desk management is at the core of how users access internal services. Service desks provide a single point of contact between service agents, especially for submitting information about incidents, issues, and service requests.

An effective service desk requires the skills, technical capabilities, and workflows to:

  • Collect information about requests, incidents, tickets, and other submissions.
  • Categorize, route, prioritize, and sort incoming requests and submissions.
  • Assign tasks to relevant service operatives based on requirements, business rules, and availability.
  • Workforce management, planning, and demand forecasting.
  • Logging outcomes and learnings.
  • Tracking resolution times and other relevant KPIs relating to service quality.

Service level management

Service level management relates to how we measure the quality of individual services. This requires us to define business-level targets against which our efforts can be measured. The goal is to provide end-to-end visibility into the success and value provided by our services.

Effective service level management requires:

  • Agreeing relevant targets that reflect the needs of service users.
  • Gathering, storing, and processing the required data to monitor service targets.
  • Reporting on performance against defined service metrics.
  • Ideating and identifying opportunities to improve performance.

Service request management

Service request management is the process of facilitating access to services. This means enabling users to submit requests to initiate defined service workflows. IT teams can then determine how to proceed based on requirements, business rules, and resource availability.

Service requests can relate to:

  • Provision of specific services, like support, training, or maintenance.
  • Access to resources and information, like documents or data sets.
  • Access to assets - including procuring new devices or renting existing ones.
  • Handling feedback and complaints.
  • Access to any other assets, assistance, or resources that don’t fall into one of these categories.

Service validation and testing

Service validation and testing are performed to confirm that new or altered processes and services meet their requirements. Validation verifies that the service in question is capable of providing the expected value to end users.

Testing can come in a number of forms, including:

  • Functional testing,
  • User experience testing,
  • Compliance testing,
  • Integration testing,
  • Security testing,
  • Operational testing,
  • Regression testing.

IT asset management

IT asset management comprises all of the workflows and tasks required to furnish our colleagues with the IT tools that they need to carry out their daily work. This includes laptops, desktops, phones, peripherals, software, data, network infrastructure, accessories, and more.

Asset management requires us to account for a wide range of workflows, including:

  • Planning and procurement,
  • Asset preparation and deployment,
  • Handling service and rental requests,
  • Asset tracking,
  • Lifecycle management,
  • Asset retirement and disposal,
  • Security,
  • Cost controls and financial management.

Monitoring and event management

Monitoring and event management involves proactively seeking to identify changes in our services ecosystem. IT teams define and set up monitoring for events, including triggering notifications and logging the details when an event occurs.

As such, event monitoring and management requires a combination of the following:

  • Identifying specific services, systems, or tools that require monitoring, as well as defining the specific kinds of events that relate to each.
  • Defining criteria for what constitutes an event, such as establishing thresholds for relevant metrics.
  • Creating processes and policies around how to handle specific kinds of events.
  • Providing the necessary capabilities for monitoring, including automations and listening tools.

Problem management

Problem management is the ITIL practice that’s concerned with preventing and mitigating the impact of incidents. A problem is anything that has caused or has the potential to cause an incident.

Problem Management requires both reactive and proactive initiatives, including:

  • Investigating and analyzing incidents to identify their route causes.
  • Providing IT colleagues, service users, and other stakeholders with a means to report problems.
  • Recording, categorizing, and prioritizing registered problems.
  • Defining workarounds for known errors.
  • Implementing long-term fixes to eliminate problems and reduce the potential impact of incidents.

Release management

Release management relates to how we implement new services and capabilities, or changes to existing ones. While releases are synonymous with software, we must also be cognizant of the procedural, infrastructure, training, and delivery aspects of new services.

Within ITIL, release management requires a holistic approach, including:

  • Defining the size, scope, and goals of particular releases, as well as the relevant timelines and release process.
  • Providing new training resources and documentation outlining the impact of new releases.
  • Put in place plans to respond to issues that might occur during a release.
  • Build reviews and monitoring into the release process to identify issues quickly.

Service catalog management

Service catalog management aims to provide a centralized, accessible repository of information surrounding our IT services and how users can access them. Specifically, catalog management means keeping this up to date with changes to our ITSM offering.

Importantly, different kinds of stakeholders might have distinct requirements in terms of specific services and the data exposure that’s appropriate for them. Therefore, we can consider providing distinct views for:

  • IT and service delivery colleagues,
  • Internal service users,
  • External service users or other stakeholders.

Service Configuration Management

Service configuration management handles information relating to configuration items (CIs). A CI is any element that’s required in order to deliver a service, including software tools, packages, and modules, as well as hardware, infrastructure, and devices.

Configuration management involves maintaining information relating to all CIs, as well as how these relate to one another within services. Typically, we’ll require rely on a dedicated configuration management database and admin tools to manage this.

Service continuity management

Continuity management aims to ensure that key capabilities remain in place in the event of major incidents or disasters. These can include cyberattacks, major damage, natural disasters, supply chain failures, geopolitical events, or other crises.

Managing continuity requires our IT team to:

  • Formulate plans for responding to specific events, major incidents, or disasters.
  • Define timelines for reestablishing services in the event of outages.
  • Establish the extent of restoration that is required for services to be viable.
  • Perform business impact analyses to establish the potential costs of various disasters.
  • Implement continuity requirements across all IT services, assets, and configuration items.
  • Document learnings from real and simulated disaster responses.

Availability management

Availability management refers to the process of ensuring that services deliver the agreed functionality and value to users. In this context, availability means providing defined functionality when required.

The specific process of managing availability includes:

  • Defining availability targets with service users and stakeholders,
  • Establishing the tools and processes that will provide the required availability,
  • Measuring, monitoring, and analyzing availability data,
  • Identifying opportunities to improve availability based on real-world outcomes.

Business analysis

Business analysis involves understanding the underlying pain points and problems that our IT services must solve in order to identify the appropriate solutions. In other words, this means taking an empirical approach to establishing how our ITSM efforts can provide value.

Therefore, business analysis typically includes:

  • Analyzing systems and processes, including paying attention to the contexts in which they exist.
  • Identifying areas where these processes and systems could be improved through changes to IT services.
  • Designing changes that will lead to the identified improvements, including in terms of technical capabilities as well as processes and people.
  • Translating this into requirements for new solutions and projects.

Capacity and performance management

Capacity and performance management is tasked with ensuring that our IT service delivery keeps pace with the demand for services. The goal is to cost-effectively deliver solutions at a scale that’s appropriate to the needs of the business.

To achieve this, the following actions are typically required:

  • Tracking and analyzing service performance metrics.
  • Modeling future demand for services and determining the required capacity requirements.
  • Planning future resource allocation based on demand forecasts.
  • Planning for the resources and capacity that will be required for future performance improvements.

Change control

Change control refers to the process of authorizing changes that will affect our IT services. This also comprises determining the risks and impact associated with changes and scheduling any required actions to implement them.

Change control is distinct from change management in that it deals with discrete services rather than wider organizational change. This can be clustered into:

  • Standard changes - These are routine changes that are usually pre-authorized. They might be implemented as part of a standard service request, such as a bug fix or patch.
  • Normal changes - These are changes that need to follow a defined authorization process. The specific steps here will vary depending on the determined risk level.
  • Emergency changes - Changes that are mission-critical and must therefore be made expeditiously. These will typically be prioritized and pushed through approval processes as quickly as possible.

Incident management

Incident management aims to minimize the impact on IT services and the wider business when incidents occur. We can define an incident as any unplanned event that interrupts or impacts the quality of services, such as data loss, server outages, cyber-attacks, or natural disasters.

Depending on the severity of the event, incident responses can take a variety of paths:

  • Minor incidents involving individual users can be resolved using self-service tools.
  • The majority of incidents will be reported to a help desk or the support team. These can then be escalated and routed to relevant stakeholders, including internal teams or vendors.
  • Major incidents and disasters will need to be routed to the appropriate teams, including initiating service continuity plans.
  • Incidents should be logged for analysis and problem management.

Technical management

Technical management processes within ITIL relate to specific technical capabilities. More specifically, the priority here is transitioning IT teams away from thinking in terms of technical solutions and toward framing these as IT services.

The three constituent practices here are as follows.

Deployment management

Deployment management deals with moving CIs to live environments. This could be hardware, software, documentation, new processes, or any other elements of our IT service delivery. The goal is to provide a smooth, incident-free transition when implementing changes.

A wide variety of strategies can be employed for managing deployments, such as:

  • Iterative deployments - Changes are released on a fixed, regular schedule.
  • Continuous deployment - Changes are deployed as and when they are ready.
  • Big-bang deployment - Changes are bundled into major versions.
  • Git-based deployment - Changes are handled using a controlled repository, allowing end users to determine when and if to pull updates.

Infrastructure and platform management

Infrastructure and platform management handles the organization’s network infrastructure, hardware, and wider IT environment. This comprises a range of monitoring, planning, maintenance, and other lifecycle management workflows.

This relates closely to capability and performance management, with organizational infrastructure playing a key role in facilitating the adoption of new technologies. For instance, machine learning, chat bots, cloud cloud computing, and more.

Software development and management

Software development and management is the practice of furnishing business teams with software tools that meet their requirements, as well as ensuring IT rules are adhered to across auditability, compliance, cost controls, maintainability, and integration.

This practice can comprise a huge range of activities and workflows, dealing with both custom and COTS software tools, such as:

  • Solutions design and architecture,
  • Software project management,
  • Development,
  • User experience and design tasks,
  • Testing and quality assurance,
  • Repository management and version control,
  • Maintenance and patch management.

Join 100,000 teams building apps and making work flow.