White Paper

HEAD OFFICE
Level 4,
60 Albert Road
South Melbourne VIC 3205
www.proactiveservices.com.au

WHITE PAPER

Baselining
IT Service Management

Alan White
ProActive Services
March 2006

BUSINESS DRIVEN IT SERVICE MANAGEMENT

Baselining ITSM

Table of Contents
Preface ........................................................................................ 3
Summary ..................................................................................... 5
Why Conduct A Baseline? .............................................................. 7
Potential Frameworks .................................................................... 8
CMM / CMMI / SPICE ................................................................. 8
CobiT........................................................................................ 9
OGC Maturity Matrices.............................................................. 10
ISO 20000 .............................................................................. 11
PMF........................................................................................ 13
Extended PMF ......................................................................... 15
Conducting a Baseline ................................................................. 17
Basic steps.............................................................................. 17
Business Perceptions................................................................ 18
Organisational Review.............................................................. 19
Cultural Assessment................................................................. 19
Conclusion.................................................................................. 20

ProActive Services

Page 1 of 20

Baselining ITSM

Preface
The purpose of this paper is to provide the reader with an
introduction to the concept of baselining the maturity of IT Service
Management processes.

The paper looks at the rationale for

conducting a baseline and raises the question Is it really worth the

effort?
A number of approaches are discussed. Some are relevant to IT
Service Management and some are more relevant to Software
Engineering but have been included as part of the discussion since
they have the capability to confuse and cloud the issue. By clarifying
what is not relevant, we can focus the discussion on the more suitable
approaches.
The primary focus of this paper is on the two approaches adopted by
ProActive Services. The first deals with accreditation to the ISO
20000-1 standard and the second aligns maturity to the ITIL Process
Maturity Framework (PMF) which has been extended considerably to
ensure consistency and repeatability of the baselining process.
This paper also discusses the overall baselining process, from the
initial kick-off through to the final report.
It ends with a discussion on additional criteria which may be included
in a baselining exercise, such as gathering customer perceptions,
together with the rationale for including these steps.
Your comments and feedback on this paper are welcomed and can be
emailed to the author at: info@proactiveservices.com.au.

ProActive Services

Page 3 of 20

Baselining ITSM

Summary
Baselining is an essential element of any Continuous Service
Improvement Program (CSIP). It identifies what works, as well as
what doesnt work. It gains consensus from all parties involved in the
CSIP and provides a means to measure progress. It should be
considered high risk to embark on a CSIP without first baselining the
processes.
ISO 20000 is an important framework for measuring organisational
capability and will become more prevalent in the next few years as
many organisations seek to achieve certification. However, it is not
designed to measure process maturity.
The ITIL Process Maturity Framework (PMF) is the emerging
framework for maturity baselining. It is complementary to ISO 20000
and the two frameworks can easily be used in parallel. Its major
drawback is that it is too generic in its current form.
ProActive extended the existing PMF to overcome this weakness and
to provide an approach which is truly consistent and repeatable.

ProActive Services

Page 5 of 20

Baselining ITSM

Why Conduct A Baseline?

The first issue to consider is the rationale for conducting a baseline.
Typical arguments include:

Is it really worth the effort?

We know our processes dont work well, so why bother
spending valuable time (and money) to prove something is
broken?
We dont really want a poor scorecard since it will just
demoralize everyone.
Lets just get on and fix it.
All of these arguments ignore the main reasons for conducting a
baseline:
Understanding what does work
In most cases, an IT organisation with relatively immature IT Service

It is important to

Management (ITSM) processes will be delivering reasonable quality

understand what needs

services, or else the business would not be operating today. How is

to be retained, or can be

this possible? Well, there may be a few bits of processes here and

built on.

there which work and there are almost certainly some very capable IT
staff compensating for the lack of formal processes. This situation can
be successful in the short term but tends to lead to inconsistency of
results and is a major exposure if there is staff turnover.
Hence the importance of understanding what needs to be retained or
built on, as well as what needs to be captured and formalised,
BEFORE embarking on a process improvement initiative.
Getting internal agreement
A Continuous Service Improvement Program (CSIP) is a team effort,
almost certainly bringing together many people from many different
departments.
The initial reaction from many participants is defensive on the basis
that they genuinely believe they are doing a good job. In most cases
they are performing very well individually, but it is not easy to
separate the people and process aspects.
The other common reaction is territorially based Yes, but Change
Management works well in our team. Again, the lack of a big picture
view clouds critical issues such as the ability of the processes to work
across departmental boundaries.

ProActive Services

Page 7 of 20

Baselining ITSM

A baseline provides an
agreed starting point for
the CSIP.

well

conducted

baseline

ensures

common

and

agreed

understanding of the starting point for a CSIP. Everyone begins on the

same page. Everyone also has the same understanding of the IT
organisations strengths and weaknesses from a process perspective,
which is essential to any joint planning exercise on where to focus the
process improvement effort.
Measuring progress
If the objective is to reach an agreed target maturity for any one
process within an agreed timeframe (e.g. a maturity level of 4 in
Capacity Management within 2 years), how will you know six or
twelve months down the track whether you are making genuine
progress? Measuring maturity is one method but the real benefit lies
in linking process performance measures to maturity levels.
The ability to measure progress has two major advantages. Firstly, it
allows management to manage. Without measurement, management
is extremely difficult. Secondly, it allows everyone involved in the

Maturity levels, linked to

process improvement activities to see that progress is being made.

performance metrics,

This includes all of the IT Service Management staff involved in

allow progress to be

carrying out the improved processes from consultants on the

measured.

Service Desk to desktop support, server support and other IT staff.

Conclusion
Baselining is definitely worth the effort. In fact, it should be
considered high risk to embark on a CSIP without first baselining the
processes within the scope of the CSIP.

Potential Frameworks
Now we have decided to conduct a baseline, the next major issue is
to pick a framework. Typical comments are:

Cant we standardise on CMM the developers use that?

Cant we use CobiT the auditors use that?
How about ISO 20000 the new international standard?
The following is a discussion on the more commonly suggested
approaches, together with their strengths and weaknesses.

CMM / CMMI / SPICE

The Capability Maturity Model Integration (CMMI) is a process
improvement approach that provides organisations with the essential
elements of effective processes. It has been developed by the
Carnegie Mellon Software Engineering Institute.

Page 8 of 20

ProActive Services

Baselining ITSM

CMMI is built on multiple process models: Software CMM, Systems

Engineering CMM, IPD CMM, ISO 15504, EIA 731, People CMM,

CMM and SPICE are

Software Acquisition CMM and Systems Security Engineering CMM.

designed to measure

Software Process Improvement and Capability dEtermination (SPICE)

Application

is a major international initiative to support the development of an

Development, not IT

International Standard for Software Process Assessment.

Service Management.

Strengths and weaknesses

CMMI is a relatively mature and very widely used model. However, it
has been designed and developed for Software Engineering (i.e.
Applications Development) and has very little relevance to IT Service
Management. It also takes a holistic view of Software Engineering and
measures maturity at the organisational rather than process level.
Similarly, the focus of SPICE is software processes rather than ITSM
processes.
These are not appropriate frameworks for measuring ITSM process
maturity.

CobiT
Control Objectives for Information and Related Technology (CobiT) is
an IT governance, control framework and maturity model. It defines
34 significant processes and links 318 recommended detailed control
objectives to provide an internal control framework.
CobiT can be used by business or IT management, but its origins are
as an auditors tool. It was developed by the Information Systems
Audit and Control Association, and is published by the IT Governance
Institute (ITGI). See http://www.itgi.org for further details on CobiT.
CobiT is built on established frameworks such as CMM, ISO 9000 and
ITIL. However, CobiT does not include control guidelines or practices,
which are the next level of detail. It does not include process steps
and tasks.
Strengths and weaknesses

CobiT is a control
framework rather than a
process framework, and
is regularly used by
auditors.

CobiT is a control framework rather than a process framework. It

focuses on what needs to be done, not how it needs to be done. Its
target audience is auditors and senior management.
CobiT and ITIL are not mutually exclusive and can be combined, but
the development of the two frameworks is not linked and the
frameworks require effort to be used in parallel.
Unless CobiT is already widely used within the organisation, it is not
recommended as an appropriate framework for baselining ITSM
process maturity.

ProActive Services

Page 9 of 20

Baselining ITSM

OGC Maturity Matrices

In 1997, the OGC (then known as CCTA) introduced a five-level
process maturity model, based on similar models that had been
developed for software engineering (e.g. CMM and SPICE).
The five levels were:
1. Organisational commitment
2. Performance ability
3. Actual activity
4. Measurement & analysis
5. Verification of the actual process
This was later revised by OGC and intermediate levels added to create
nine levels of increasing maturity ranging from prerequisites to
customer interface as shown in Figure 1.

Level 5: Customer Interface

Level 4.5: External Integration
Level 4: Management Information

Figure 1: OGCs ITSM

Maturity Model

Level 3.5: Quality Control

Level 3: Products
Level 2.5: Internal Integration
Level 2: Process Capability
Level 1.5: Management Intent
Level 1: Prerequisites

In conjunction with this model, the OGC developed two selfThe OGC maturity

assessment questionnaires that can be of assistance in determining an

matrices are good for

organisation's current level of ITSM implementation. Copies of the

showing what is

questionnaires may be obtained free of charge from the itSMF website

currently in place,

at http://www.itsmf.com/bestpractice/selfassessment.asp

but less suitable for

planning what to do
next.

Questionnaires are available for all of the processes within the scope
of IT Service Management i.e. those in the ITIL Service Support and
Service Delivery publications.
Strengths and weaknesses
The questionnaires are relatively simple to use, and can be carried out
as a self-assessment.

Page 10 of 20

ProActive Services

Baselining ITSM

They have several major weaknesses. Firstly, there is more emphasis

on form and less on the content of individual processes. Secondly, the
structure appears granular but is very much the opposite. It is not
uncommon for an organisation to meet criteria at the 3 to 5 maturity
level while missing mandatory elements at the lowest levels. In the
same way, any process improvement initiatives which simply look to
climb this maturity ladder from 1 to 1.5, to 2, etc. are at serious risk
of failure.
The implications are that the OGC Maturity Matrices can be used to
show what is currently in place, but are not the most appropriate for
planning what to do next. They also do not align well with ISO 20000.

ISO 20000
ISO 20000 is the international standard for IT Service Management.
The standard comprises two parts: ISO/IEC 20000-1 and ISO/IEC
20000-2.
ISO 20000 has been fast-tracked as an international standard based
on the original BS15000 standard.
ISO 20000-1 is the first part of the standard, and is the Specification
for Service Management. If an organisation meets all of the criteria
listed in ISO 20000-1 it will have achieved certification and can get
a plaque on the wall.
Certification against ISO 20000-1 is binary you either meet all of the
criteria or you do not meet all of the criteria.
A trend is already emerging whereby major service providers (such as
the larger outsourcers) are being asked to prove their ITSM
capabilities by achieving certification. This trend is expected to
increase significantly in the next few years.
A second major driver for ISO 20000-1 certification is legislation such
as Sarbanes Oxley (SOX) which requires organisations to prove that
appropriate governance processes are in place.
ISO 20000-2 is the second part of the standard, and is the Code of
Practice for Service Management. It describes best practices within
each of the process areas, building on the compliance criteria in ISO
20000-1.
ISO 20000 covers the 10 ITIL processes within IT Service
Management with some minor variations, as well as the processes
involved in managing internal customers, external suppliers and
information security. It also includes three categories focusing on
management capability and intent.

ProActive Services

Page 11 of 20

Baselining ITSM

The process areas covered by ISO 20000 are shown below:

Management responsibility
Documentation requirements
Competences, awareness & training

Management System

Figure 2: ISO 20000

Process Areas

Planning & Implementing

Plan, Implement, Monitor & Improve

(Plan, Do, Check, Act)

Planning New Services

Planning & implementing new or changed

services

Service Delivery Processes

Capacity Management
Service Continuity &
Availability Management

Service Level Management

Service Reporting

Information Security Mgt

Budgeting & Accounting
for IT Services

Control Processes
Configuration Management
Change Management

Release Processes

Resolution Processes

Release Management

Incident Management
Problem Management

Relationship Processes
Business Relationship Mgt
Supplier Management

Further details on ISO 20000 can be found on the ISO 20000 Central
website http://20000.fwtk.org/index.htm
Adoption of ISO
20000 will become
widespread, but it is
not an appropriate
framework for

Strengths and weaknesses

The adoption of ISO 20000 will become widespread in the next few
years. Many service providers will be required to achieve certification
as a prerequisite to doing business in the field IT Service
Management.

measuring process

However, ISO 20000 is not an appropriate framework for measuring

maturity.

ongoing process maturity. Meeting the criteria in ISO 20000-1 is

binary, which means that an organisation is either compliant or noncompliant. It is possible to calculate (rough) percentage compliance
but this means nothing in relation to the standard. It can also be
misleading if it is the only measure used. An 80% compliance to ISO
20000-1 doesnt show whether the initial 20% or the last 20% is
missing. It tells you nothing about the maturity of the process as this
relates to efficiency or effectiveness.
There is also no concept of meeting the criteria in ISO 20000-2, which
is the collection of best practices. In reality, there are some you may
choose to meet and others you may choose to ignore.

Page 12 of 20

ProActive Services

Baselining ITSM

PMF
The Process Maturity Framework (PMF) comes from the ITIL book
Best Practice for Planning to Implement IT Service Management which
was published by the OGC in 2002.
When instigating a service improvement program, the IT department
must be aware of the maturity or growth stages of IT organisations as
a whole, and where they currently stand in relationship to their own

PMF comes from

the ITIL Planning
to Implement
book.

business. This Organisational Growth Model consists of five stages

ranging from Technology (stage 1) where the focus is primarily
internal through to Value Chain (stage 5) where IT is tightly
integrated with the business and is a significant enabler to the success
of the business.
Each growth stage represents a transformation for the IT organisation
and requires careful leadership, planning and coordination. A need to
grow more than two stages in one improvement effort has a
considerable high risk of failure and may have a serious impact on
staff motivation and morale, and on customer satisfaction.
Not all organisations have to be at the highest level (stage 5). The
required maturity is dependent on the business requirements of the
role that IT fulfils or needs to fulfil for the business.
The Process Maturity Framework (PMF) has been adapted by the OGC
from the Organisation Growth Model. The five stages in the growth
model have been translated into:
5
Optimised
4
Managed
3
Defined

Figure 3: PMF Maturity

Levels

2
Repeatable
1
Initial

Initial: the process has been recognised but there is little or no

process management activity, and it is allocated no importance,
resources or focus within the organisation. The level can be
described as ad-hoc or occasionally even chaotic.

PMF measures the

maturity of
individual
processes, based

Repeatable: this process has been recognised and is allocated

on a five-tier

some importance, resources and focus. However, general

model.

activities related to the process are uncoordinated, irregular and

without direction. They rely heavily on individuals.

ProActive Services

Page 13 of 20

Baselining ITSM

Defined: the process has been recognised and is documented,

and to some extent has become institutionalised. Activities are
now more regular and planned, and the outcomes are much more

PMF measures

reliable. Less reliant on a few key individuals. Greater emphasis

maturity across five

dimensions this
gives a deeper insight

on services and customers.

Managed: fully recognised and accepted throughout IT and the

business. Service focused with objectives and targets based on

into the strengths

business objectives and goals. Process is fully defined, managed

and weaknesses of an

and has become proactive. It also integrates with all other ITSM

individual process.

processes.

Optimising: process is now fully recognised and has strategic

objectives and goals aligned with overall strategic business and IT
goals. The process also has inbuilt mechanisms to ensure
continuous improvement.

As stated above, a transition from one stage to the next involves

more than simply implementing or installing ITIL processes and
procedures with supporting technology. Each stage requires that a
combination of elements be changed in order to succeed in the
transformation. These elements can be categorised as:

Vision and Steering: this encompasses the mission and

objectives for the process as a whole. It considers the extent to
which these have been translated into making adequate
resourcing available, conducting regular reviews and appointing
process owners.

Process: the activities and procedures required to achieve the

mission and objectives.

People: the skills and abilities needed to perform the process. It

includes the allocation of roles and responsibilities, as well as the
setting of objectives at the individual or team levels.

Culture: the behaviours and attitudes required to successfully

achieve the desired outcomes. Does the IT department function
as one team with a strong focus on achieving the desired
outcomes for the customer, or does everyone operate within
narrow technology silos?

ISO 20000 and PMF

align closely and can
be used in parallel.

Technology: the supporting infrastructure and tools required to

achieve successful outcomes from the process.

Strengths and weaknesses

PMF has been developed by the OGC and aligns closely with ISO
20000 at the process level. The matrices are sufficiently generic to be
applied to all 13 processes within ISO 20000.

Page 14 of 20

ProActive Services

d
g
i
s
w

Baselining ITSM

The five different dimensions can help to better understand specific

strengths and weaknesses e.g. people and culture may be strong but
technology

support

could

be

weak

and

the

process

poorly

documented. It can also help to identify where process improvement

activities should be focused.
The generic nature of the matrices is also a potential weakness, since
it places emphasis on form rather than on substance. For example,
the Process dimension at a maturity level of 3 should be (see page
189 from Planning to Implement Service Management):

Clearly defined and well publicised processes and procedures

Regular planned activities

Good documentation

Occasionally proactive process

The major
weakness with
PMF is that the
criteria for
measuring
maturity is generic
and is open to
interpretation.

However, what does this mean for Change Management? At this level
of maturity, would you expect to be carrying out risk assessments;
conducting Change Advisory Boards; ensuring business participation;
requiring backout plans for changes; conducting reviews following
successful as well as failed changes?
If organisations at equivalent levels of maturity are evaluated by two
equally experienced ITIL professionals the results could vary
significantly. Much is left open to interpretation.

Extended PMF
On the basis that PMF offered the best available building blocks,
ProActive Services has extended the PMF matrices significantly into

Extended PMF has

what we believe is now a consistent and repeatable process.

been developed by

The first major task was to extend the descriptions of all 10 ITSM

ProActive to

processes, across all five dimensions for all five maturity levels. We
brought together the combined (and extensive) experience of all of
our consultants. The concept was to write down what we would

overcome the
weakness in the
OGC version.

typically expect to find for a process such as Change Management for

an organisation at each maturity level e.g. process activities at a
maturity level of 3 for Change Management would typically look like:
There is good enforcement of entry criteria with some Requests For
Changes (RFCs) rejected early.
Evaluation criteria regularly include risk assessment. Lead times are
defined but not always enforced. RFCs are sent out electronically for
Change Advisory Board (CAB) review.
Standard change models are more common, with some analysis of

The assessment
criteria for all five
dimensions of all
processes has been
extended with process
specific details.

effectiveness. More likely to focus on changes delegated to the

Service Desk or Desktop Support.

ProActive Services

Page 15 of 20

Baselining ITSM

There may be some business involvement. Likely form would be one

business representative sitting in on the CAB and forming part of the
approving group.
Interfaces has
been added as a
sixth dimension
since process
interaction is a key
factor in maturity.

The next task was to add the other three processes covered by ISO
20000,

namely

Business

Relationship

Management,

Supplier

Management and Information Security Management.

There was still one major element not covered by PMF the degree
of interaction between the processes. As an organisation moves up
through the levels of maturity, interaction between processes should
increase. ProActive decided that interaction is an element of maturity
(not a result of maturity) so we decided to add interfaces as a sixth
dimension.
Interfaces: recognising the high degree of interaction within ITIL
processes, this area considers the extent to which any one process
integrates with associated ITSM processes.
We can now assess each process across all six dimensions.
Incident Management
Vision & Steering

5
4
Interfaces

Process

3
2

Figure 4: PMF Incident

Management example
Technology

Culture

Overall Maturity
By Sub-area
People

We can also show the maturity for all 13 processes:

Maturity Summary

Process Maturity

Security
Supplier
Business Relationship
Financial

Figure 5: PMF Maturity

Summary example

IT Service Continuity
Capacity
Availability
Service Level
Release
Configuration
Change
Problem
Incident
1.00

Page 16 of 20

1.50

2.00

2.50

3.00

3.50

4.00

4.50

5.00

ProActive Services

Baselining ITSM

Strengths and weaknesses

ProActives extended PMF provides a consistent and repeatable

Extended PMF

approach. It does not depend on which consultant conducts the initial

provides a consistent

maturity baseline. It also does not depend on whether the same

and repeatable

consultant conducts the next baseline in 12 or 24 months time.

approach and can

It encompasses the most important dimension of each process,

easily be used in

including interfaces. These give a deeper insight into particular areas

parallel with an ISO

of strengths and weaknesses and allow improvement initiatives to be

20000 compliance

more carefully targeted.

assessment.

It covers the 13 processes within ISO 20000, including the

management of business relationships, suppliers and information
security. It maps very closely to the combined ISO 20000 (ISO 200001 plus ISO 20000-2). This means we can apply PMF in parallel with an
ISO 20000-1 assessment.

Conducting a Baseline
So, youve decided to conduct a baseline, youve selected your
preferred approach and youre ready to start. This section looks at the
process involved in conducting a baseline and discusses some
additional elements considered integral to the success (or failure) of
baselining.

Basic steps
Kickoff presentation: A typical baseline involves interviewing a
reasonable number of people to gain a sound understanding of how
each process is carried out. Most people want to understand whats
going to happen in the interviews. Some may even want to
understand whats going to happen after the interviews (e.g. does this
mean I can lose my job?).

An initial kickoff
can save time and
confusion, and can
flush out any
major concerns.

The objective of the kickoff is to bring as many of these people

together as possible to explain why the baseline is being conducted
and how it will be conducted. It saves considerable time at the start of
each interview, avoids unnecessary confusion and can flush out any
serious concerns.
Interviews: These need to be held on a process by process basis.
Depending on the maturity of each process, it may be desirable to
build as-is process models / flows as a basis for clarification and as a
starting point for any process improvement initiatives.

Interviews should

Each interview is like a mini-workshop. It brings together a cross

section of support staff involved in the execution of any one process
e.g. the Incident Management workshop may involve first, second
and third tier representatives from the service desk, desktop, server
and UNIX support teams.

determine how the

ProActive Services

bring together a
good cross section
of people to
process is carried
out today.

Page 17 of 20

Baselining ITSM

The objective of each interview is to determine how things are done

today not how they should be done, and not to pass judgement.
Customer interviews should be handled differently see Business
Perceptions below.
Other forms of data gathering: These can vary significantly. Any
potential reports should be reviewed e.g. monthly reporting can give
insights into several processes, and may also form part of Service
Level Management. Significant meetings should be observed e.g. a
CAB or even a weekly Service Management review held at 8am on
Monday mornings. Where tools exist, the data held in the tools and
the way in which they have been implemented needs to be
understood.
Analysis and reporting: Much of this will be driven by the overall
objective for the baseline, but an important principle should be to
verify with a few key individuals that the data captured in the earlier
steps through interviews, reports or observations is accurate.

Business Perceptions
If all of the key customer-facing processes are at a very high level of
maturity, the likelihood is that IT and the business will be aligned.
There will be complete agreement on the quality of services delivered,
and IT will have a thorough understanding of the business needs.
Business
perceptions of
service quality are
important,
especially where
there are some
disconnects
between IT and
the business.

This situation is fairly uncommon. Generally there are some

disconnects. IT often thinks it is doing a good job without knowing how
that links to service quality. A process can look good on paper but can
also be delivering poor results from the business perspective.
This step provides the IT department with an understanding of the
business managements perception of the issues related to the
delivery of IT service. This is typically carried out through a focus
group meeting with nominated Business Unit managers or key users,
or by one-on-one interviews. A focus group meeting should take no
more than one hour, while individual interviews should be limited to 30
minutes. Alternatively, it can be run as a web-based customer
satisfaction survey.
The objective is to gain a customer perception on service quality. For
the critical services, does the IT department deliver acceptable quality
to enable the business to achieve its objectives? Has the quality
improved or deteriorated in the last 12 or 24 months? What are the
strengths and weaknesses of IT from a service perspective?

Page 18 of 20

ProActive Services

Baselining ITSM

Organisational Review
This involves a summary appraisal of the IT organisational structure to
assess its alignment with the objectives of the CSIP and cost effective
end-to-end services delivery. It is conducted as a series of one on
one interviews and/or focus group meetings, with the CIO and key
direct reports and where necessary, key business managers.
The Organisational review will identify possible structural issues that
could predicate against the cost effective delivery of end-to-end IT
services. The commonly used IT organisation structure, based on
technology silos, tends to inhibit the effective delivery of end-to-end
services.

An organisational
review can identify
structural issues
such as technology
silos.

Cultural Assessment
Another area which has been widely misunderstood is the cultural
aspect of the CSIP, in particular the readiness of the organisation to
embrace change. It is not uncommon for significant cultural issues to
become apparent during the staff interviews, especially where these
interviews are being conducted by an external consultant.
Besides people being the key to the success of a CSIP they can also
be the biggest barrier! It is important that there is some measure of
how customer focused your organisation is and how open they are to
change. These issues pose a risk to the CSIP if not managed
adequately.

ProActive Services

Cultural issues
need to be
understood as
these can be major
inhibitors to
change.

Page 19 of 20

Baselining ITSM

Conclusion
Baselining is an essential element of any Continuous Service
Improvement Program (CSIP). It identifies what works as well as what
doesnt work. It gains consensus from all parties involved in the CSIP
and provides a means to measure progress. It should be considered
high risk to embark on a CSIP without first baselining processes.

Baselining should
be an essential
element of any
CSIP.

ISO 20000 is an important framework for measuring capability and will

become more prevalent in the next few years as many organisations
seek to achieve certification. However, it is not designed to measure
process maturity. Only a pass or fail is recorded.
The ITIL Process Maturity Framework (PMF) is the emerging
framework for maturity baselining. It is complementary to ISO 20000
and the two frameworks can easily be used in parallel. Its major
drawback is that it is too generic in its current form.
ProActive extended the existing ITIL Process Maturity Framework to
overcome this weakness and provide an approach which is truly
consistent and repeatable.
Other approaches such as CMM/CMMI/SPICE, CobiT or the OGC
self-assessment matrices are either unsuitable or not as appropriate.

ISO 20000-1
measures
compliance and
PMF measures
maturity they
easily work in
parallel.

ProActive has adopted ISO 20000-1 and the extended PMF. These
have differing objectives but can easily work in parallel. ISO 20000-1
is used to determine if an organisation complies with the standard i.e.
if it can be certified. PMF is used to determine process maturity. A
process currently at a maturity level of 1 looking to satisfy the
certification criteria may need to jump as much as 2 to 3 levels on the
PMF scale, which requires careful planning and implementation.
Although it is not a precise measurement, a fully ISO 20000-1
compliant process will generally be around a maturity level of 3 to 4 on
the PMF scale. This varies by process.
The basic steps involved in baselining are: kickoff, interviews, data
gathering, analysis and reporting. A kickoff presentation is essential to
ensure all participants understand whats going to happen and to
ensure the context for the baseline is understood.
Business Perceptions are important. If the baseline and subsequent
CSIP is too inwardly focused, it is possible to build some excellent
processes which do not align with the business. The focus here is to
gain a perspective from the business on service quality.
An Organisational Review and Cultural Assessment may also be
relevant. They can identify potential barriers to planned CSIPs e.g.
there may be strong technology silos or there may be a history of
management rewarding hero cultures.

Page 20 of 20

ProActive Services