By now you must have read numerous articles explaining that ITIL v3 is really just an extension of the previous version and that the underlying principles and processes have not really changed, but rather have been refined in places.
The same articles may have also stated that a primary rationale behind the refresh was that ITIL v2 was heavily process-focused. In contrast, ITIL v3 is centered on a service lifecycle approach to help IT departments focus on providing business value. However if you are like us, you may have finished reading those articles and still asked yourself, “What are the key differences between ITIL v2 and V3?” And, even more important, “How does the new version affect my ITIL implementation? Do I need to switch over to V3? How quickly?”
The simple answer is: Keep doing what you’re doing. If your organization is in the middle of an ITIL v2 implementation, you do not need to change. The expanded elements of ITIL v3 are, in many cases, best-practice activities your organization is already following even though they were not explicitly described in ITIL v2. However, if you have not yet started your ITIL journey, there is no reason not to start with the latest version. Finally, organizations that have already completed their ITIL v2 implementation, will find it useful to take advantage of the new version as they proceed with ongoing improvements to their IT service management approach.
That being said, for those interested in better understanding the differences between ITIL v2 and ITIL v3, below I’ve provided a detailed comparison.
Topics Realignment
The most obvious change is the format of the library itself. The ITIL v2 library was presented in seven core books: Service Support, Service Delivery, ICT Infrastructure Management, Planning to Implement Service Management, Application Management, The Business Perspective and Security Management. Most IT professionals focused on the first two books—which are sometimes referred to by their cover colors, as “the blue book” (Service Support) and “the red book” (Service Delivery).
The blue book deals with best-practice processes for day-to-day activities while the red book deals with best-practice processes for forward-looking activities. They offer guidance as to how organizations can improve their processes to work smarter, but do not particularly align the processes discussed with larger business requirements. The other five books touch rather lightly on a variety of ITIL process issues, and are considered somewhat esoteric even by ITIL experts.
In contrast, the ITIL v3 has been organized into five new books: Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement. These books follow a more practical order:
Expansion of Process Descriptions
In ITIL v3, the key concepts of Service Support and Service Delivery processes outlined in ITIL v2 have been preserved. They have, however, been augmented with 12 new processes. This can best be seen by looking at all 22 processes visually combined in the new structure. (Note: Processes covered in the ITIL v2 “blue book” (Service Support) are labeled (B) and processes discussed in ITIL v2 “red book” (Service Delivery) are labeled (R).
Service Strategy (Book 1)
Financial management – No material changes from V2.
Demand Management – ITIL v2 discussed concepts of Demand Management within the context of Capacity Management. However ITIL v3 introduces the process of Demand Management as a distinct process and as a strategic component of service management.
Service Portfolio Management – ITIL v2 only discussed Service Level Management. ITIL v3 represents a fundamental rethinking of services, recognizing the need to conceptualize and identify a portfolio of services before dealing with the specifics of levels of service.
Service Design (Book 2)
Service Level Management – No material changes from ITIL v2 in Service Design book. Also covered in Continuous Service Improvement (Book 5).
Availability Management, Capacity Management and IT Service Continuity Management – No material changes from V2.
Service Catalog Management - A new process that consolidates and formalizes the processes around ensuring that a service catalog is produced and maintained, and that it contains accurate information on all operational services and on those being prepared to be run operationally. In addition, V3 identifies the need for two interdependent parts of the service catalog, namely an “external” business catalog of (business) services as described and recognized by end-users, and an “internal” technical catalog of the tools, processes and procedures required to support those services.
In ITIL v2, the concept of a service catalog was mentioned, but no process was outlined for its creation or maintenance, nor was the distinction made between a business catalog and a technical catalog.
Supplier Management - A process for ensuring that all contracts and suppliers support the needs of the business and that they meet their contractual agreements. Supplier management was covered in ICT Infrastructure Management in ITIL v2.
Information Security Management - A comprehensive process designed to address the strategic direction for security activities and to ensure that objectives are achieved. It includes the confidentiality, integrity and availability of an organization's assets, information, data and IT services. Information security management was covered in very limited form in its own book in ITIL v2. ITIL v3 brings this topic up-to-date with current information security concerns and brings it into better alignment with related issues facing IT organizations.
Service Transition (Book 3)
Transition Planning and Support is a unified process for coordinating all the activities of Change Management, Configuration Management and Release Management described in ITIL v2. It has now been expanded and is presented alongside the related topics of Service Validation and Testing (i.e. testing a new change), Evaluation (managing risks associated with a new change) and Knowledge Management (gathering, analyzing, storing and sharing knowledge and information).
All seven process descriptions have been expanded. In ITIL v2, Knowledge Management was discussed separately, in the Application Management book.
Service Operation (Book 4)
Incident Management and Problem Management – No material changes from ITIL v2.
Event Management is a stand-alone process for detecting and managing events and alarms (which ITIL calls “exceptions”). In ITIL v2, Event Management was covered under Incident Management.
Request Fulfillment is a new process for managing the lifecycle of all customer- and user-generated service requests. These types of requests include facilities, moves and supplies as well as those specific to IT services. In the previous version of ITIL, this process was covered under Incident Management. A notable difference in ITIL v3 is it now recognizes the existence of service requests beyond merely “break/fix” restoration of service.
Access Management is a new process that provides rights and identity management related to granting authorized users the right to use a service, while restricting access to non-authorized users. In ITIL v2, Access Management was covered in the Security Management Book.
Continual Service Improvement (Book 5)
The ITIL v2 red book described a Service Improvement Program (SIP) within the context of Service Level Management, discussing best-practices for measuring, monitoring and reporting on services which ultimately provided the data for making improvements. ITIL v3 expands this into its own book, Continuous Service Improvement, and structures a seven step improvement process as follows:
1. Define what you should measure;
2. Define what you can measure;
3. Gather the data;
4. Process the data;
5. Analyze the data;
6. Presenting and using the data; and
7. Implement the corrective action.
Function Comparison
ITIL v2’s Service Support book identified the service desk as the lone function (group of people and the tools they use to carry out one or more processes or activities). ITIL v3 now identifies three other functions in addition to the service desk: Technology Management, IT Operations Management, and Application Management.
The Technology Management function provides the detailed technical skills and resources needed to support IT services and management, along with the ongoing operation of the IT Infrastructure. The IT Operations Management function is responsible for the daily operational activities needed to manage IT services and the IT Infrastructure. It includes IT Operations Control and Facilities Management. The Application Management function manages applications throughout their lifecycle.
Summary •
The key changes include: A consolidation of the library into five books; the addition of 12 new processes and three new functions; emphasis on service management through the entire service lifecycle; and emphasis on creating business value versus simply improving the execution of processes.
Supplemental material will be released over time. Whether now is the right time to introduce the new version into your organization or continue with the old depends on the current state of the organization. That said, since most of the changes to ITIL v3 clarify and augment the previous library, a good case can be made to start using the new and refreshed library.
The same articles may have also stated that a primary rationale behind the refresh was that ITIL v2 was heavily process-focused. In contrast, ITIL v3 is centered on a service lifecycle approach to help IT departments focus on providing business value. However if you are like us, you may have finished reading those articles and still asked yourself, “What are the key differences between ITIL v2 and V3?” And, even more important, “How does the new version affect my ITIL implementation? Do I need to switch over to V3? How quickly?”
The simple answer is: Keep doing what you’re doing. If your organization is in the middle of an ITIL v2 implementation, you do not need to change. The expanded elements of ITIL v3 are, in many cases, best-practice activities your organization is already following even though they were not explicitly described in ITIL v2. However, if you have not yet started your ITIL journey, there is no reason not to start with the latest version. Finally, organizations that have already completed their ITIL v2 implementation, will find it useful to take advantage of the new version as they proceed with ongoing improvements to their IT service management approach.
That being said, for those interested in better understanding the differences between ITIL v2 and ITIL v3, below I’ve provided a detailed comparison.
Topics Realignment
The most obvious change is the format of the library itself. The ITIL v2 library was presented in seven core books: Service Support, Service Delivery, ICT Infrastructure Management, Planning to Implement Service Management, Application Management, The Business Perspective and Security Management. Most IT professionals focused on the first two books—which are sometimes referred to by their cover colors, as “the blue book” (Service Support) and “the red book” (Service Delivery).
The blue book deals with best-practice processes for day-to-day activities while the red book deals with best-practice processes for forward-looking activities. They offer guidance as to how organizations can improve their processes to work smarter, but do not particularly align the processes discussed with larger business requirements. The other five books touch rather lightly on a variety of ITIL process issues, and are considered somewhat esoteric even by ITIL experts.
In contrast, the ITIL v3 has been organized into five new books: Service Strategy, Service Design, Service Transition, Service Operation and Continual Service Improvement. These books follow a more practical order:
Expansion of Process Descriptions
In ITIL v3, the key concepts of Service Support and Service Delivery processes outlined in ITIL v2 have been preserved. They have, however, been augmented with 12 new processes. This can best be seen by looking at all 22 processes visually combined in the new structure. (Note: Processes covered in the ITIL v2 “blue book” (Service Support) are labeled (B) and processes discussed in ITIL v2 “red book” (Service Delivery) are labeled (R).
Service Strategy (Book 1)
Financial management – No material changes from V2.
Demand Management – ITIL v2 discussed concepts of Demand Management within the context of Capacity Management. However ITIL v3 introduces the process of Demand Management as a distinct process and as a strategic component of service management.
Service Portfolio Management – ITIL v2 only discussed Service Level Management. ITIL v3 represents a fundamental rethinking of services, recognizing the need to conceptualize and identify a portfolio of services before dealing with the specifics of levels of service.
Service Design (Book 2)
Service Level Management – No material changes from ITIL v2 in Service Design book. Also covered in Continuous Service Improvement (Book 5).
Availability Management, Capacity Management and IT Service Continuity Management – No material changes from V2.
Service Catalog Management - A new process that consolidates and formalizes the processes around ensuring that a service catalog is produced and maintained, and that it contains accurate information on all operational services and on those being prepared to be run operationally. In addition, V3 identifies the need for two interdependent parts of the service catalog, namely an “external” business catalog of (business) services as described and recognized by end-users, and an “internal” technical catalog of the tools, processes and procedures required to support those services.
In ITIL v2, the concept of a service catalog was mentioned, but no process was outlined for its creation or maintenance, nor was the distinction made between a business catalog and a technical catalog.
Supplier Management - A process for ensuring that all contracts and suppliers support the needs of the business and that they meet their contractual agreements. Supplier management was covered in ICT Infrastructure Management in ITIL v2.
Information Security Management - A comprehensive process designed to address the strategic direction for security activities and to ensure that objectives are achieved. It includes the confidentiality, integrity and availability of an organization's assets, information, data and IT services. Information security management was covered in very limited form in its own book in ITIL v2. ITIL v3 brings this topic up-to-date with current information security concerns and brings it into better alignment with related issues facing IT organizations.
Service Transition (Book 3)
Transition Planning and Support is a unified process for coordinating all the activities of Change Management, Configuration Management and Release Management described in ITIL v2. It has now been expanded and is presented alongside the related topics of Service Validation and Testing (i.e. testing a new change), Evaluation (managing risks associated with a new change) and Knowledge Management (gathering, analyzing, storing and sharing knowledge and information).
All seven process descriptions have been expanded. In ITIL v2, Knowledge Management was discussed separately, in the Application Management book.
Service Operation (Book 4)
Incident Management and Problem Management – No material changes from ITIL v2.
Event Management is a stand-alone process for detecting and managing events and alarms (which ITIL calls “exceptions”). In ITIL v2, Event Management was covered under Incident Management.
Request Fulfillment is a new process for managing the lifecycle of all customer- and user-generated service requests. These types of requests include facilities, moves and supplies as well as those specific to IT services. In the previous version of ITIL, this process was covered under Incident Management. A notable difference in ITIL v3 is it now recognizes the existence of service requests beyond merely “break/fix” restoration of service.
Access Management is a new process that provides rights and identity management related to granting authorized users the right to use a service, while restricting access to non-authorized users. In ITIL v2, Access Management was covered in the Security Management Book.
Continual Service Improvement (Book 5)
The ITIL v2 red book described a Service Improvement Program (SIP) within the context of Service Level Management, discussing best-practices for measuring, monitoring and reporting on services which ultimately provided the data for making improvements. ITIL v3 expands this into its own book, Continuous Service Improvement, and structures a seven step improvement process as follows:
1. Define what you should measure;
2. Define what you can measure;
3. Gather the data;
4. Process the data;
5. Analyze the data;
6. Presenting and using the data; and
7. Implement the corrective action.
Function Comparison
ITIL v2’s Service Support book identified the service desk as the lone function (group of people and the tools they use to carry out one or more processes or activities). ITIL v3 now identifies three other functions in addition to the service desk: Technology Management, IT Operations Management, and Application Management.
The Technology Management function provides the detailed technical skills and resources needed to support IT services and management, along with the ongoing operation of the IT Infrastructure. The IT Operations Management function is responsible for the daily operational activities needed to manage IT services and the IT Infrastructure. It includes IT Operations Control and Facilities Management. The Application Management function manages applications throughout their lifecycle.
Summary •
The key changes include: A consolidation of the library into five books; the addition of 12 new processes and three new functions; emphasis on service management through the entire service lifecycle; and emphasis on creating business value versus simply improving the execution of processes.
Supplemental material will be released over time. Whether now is the right time to introduce the new version into your organization or continue with the old depends on the current state of the organization. That said, since most of the changes to ITIL v3 clarify and augment the previous library, a good case can be made to start using the new and refreshed library.
