
The Information Technology Infrastructure Library (ITIL) has long been the global standard for IT service management (ITSM). The evolution to ITIL 4, and specifically the ITIL 5 Foundation (a common colloquial reference to the latest ITIL 4 Foundation certification, often mistakenly called "ITIL 5") represents a significant shift from a process-centric framework to a holistic, value-driven approach. At the heart of this modern framework are the ITIL Practices. But what exactly are they? In the context of ITIL 4, Practices are sets of organizational resources designed for performing work or accomplishing an objective. They replace the more rigid "processes" of earlier ITIL versions, offering a more flexible and adaptable model that includes not just processes, but also people, partners, information, and technology. This broader definition acknowledges that successful service management requires more than just documented procedures; it demands the right culture, skills, and tools working in concert.
Practices are the fundamental building blocks of the ITIL Service Value System (SVS). The SVS describes how all the components and activities of an organization work together as a system to enable value creation through IT-enabled services. Practices contribute to this system by providing the specific, actionable "how-to" for various aspects of service management. For instance, while the SVS provides the overarching vision and guiding principles, it is the Incident Management practice that details how to restore normal service operation after an interruption. Each practice is connected to the Service Value Chain, the central operating model of the SVS, which outlines the key activities required to respond to demand and facilitate value creation. By effectively implementing and integrating these practices, organizations can ensure their SVS is not just a theoretical model but a practical, living system that drives efficiency, resilience, and business alignment. Understanding these practices is therefore the first critical step for anyone pursuing the ITIL 5 Foundation certification, as they form the actionable core of the entire framework.
The Service Desk practice is the single point of contact between the service provider and its users. Its primary purpose is to capture demand for incident resolution and service requests, acting as the nerve center for user communication. Key activities include logging, categorizing, prioritizing, and escalating incidents and service requests. Modern service desks, especially in tech-forward regions like Hong Kong, have evolved beyond simple call centers. They now utilize chatbots, AI-driven self-service portals, and omnichannel support (phone, email, chat, social media) to enhance user experience. For example, a 2023 survey by the Hong Kong Computer Society indicated that over 65% of major enterprises in Hong Kong have implemented AI-assisted service desk solutions to handle routine queries, freeing up human agents for complex issues.
Key metrics for measuring the effectiveness of the Service Desk practice include:
The Incident Management practice aims to restore normal service operation as quickly as possible and minimize the adverse impact on business operations. An "incident" is defined as an unplanned interruption or reduction in the quality of an IT service. The activities follow a structured workflow: identification, logging, categorization, prioritization (often based on impact and urgency), diagnosis, escalation if necessary, resolution, and closure. A critical modern aspect is major incident management, which involves a dedicated procedure with a separate communication plan for high-impact outages.
To gauge performance, this practice relies on specific metrics. These are crucial for demonstrating value and identifying areas for improvement, a core tenet of the ITIL framework.
| Metric | Description | Target Example |
|---|---|---|
| Mean Time to Acknowledge (MTTA) | Average time from incident creation to first response. | < 15 minutes |
| Mean Time to Resolve (MTTR) | Average time taken to resolve incidents. | Varies by priority (e.g., P1: < 2 hours) |
| Incident Resolution SLA Compliance | Percentage of incidents resolved within agreed SLA targets. | > 95% |
| Number of Recurring Incidents | Indicates potential underlying problems. | Trending downwards |
While Incident Management is reactive, Problem Management is proactive and reactive. Its purpose is to reduce the likelihood and impact of incidents by identifying the root causes of one or more incidents and managing workarounds and known errors. It consists of two main sub-practices: Reactive Problem Management (triggered by major or recurring incidents) and Proactive Problem Management (which analyzes data to identify potential problems before incidents occur). Activities include problem identification, logging, root cause analysis (using techniques like 5 Whys, Ishikawa diagrams, or Kepner-Tregoe), creating known error records, and initiating change requests for permanent fixes.
Key metrics for Problem Management focus on long-term service health:
The Change Management practice ensures that changes to services, applications, infrastructure, and processes are delivered in a standardized, efficient, and risk-controlled manner. The purpose is to maximize the number of successful service changes by assessing risks, authorizing changes, and managing the change schedule. Key activities involve creating and assessing Requests for Change (RFCs), planning changes, obtaining approval (often from a Change Advisory Board or CAB), coordinating implementation, and conducting post-implementation reviews. The practice defines different change types (Standard, Normal, Emergency) with corresponding authorization workflows.
Metrics for Change Management are critical for balancing agility with stability:
| Metric | Description | Goal |
|---|---|---|
| Change Success Rate | Percentage of changes that do not cause incidents or require remediation. | > 98% for Standard, > 95% for Normal |
| Change Lead Time | Average time from RFC creation to implementation. | Reduce over time |
| Emergency Change Rate | Percentage of changes executed as emergencies. | Keep low (e.g., < 5%) |
| CAB Meeting Efficiency | Ratio of approved/rejected/deferred changes. | Ensure timely decisions |
Release Management works in close conjunction with Change Management. Its purpose is to make new and changed services and features available for use in a controlled manner. It focuses on the planning, scheduling, controlling, and deployment of releases into the live environment. Activities include release planning, build and configuration management, testing in a staging environment, deployment planning (considering techniques like blue-green deployments or canary releases), and communication. With the rise of DevOps and continuous delivery, this practice has evolved to manage more frequent, smaller releases.
Key metrics for Release Management include:
The Service Level Management (SLM) practice is the strategic interface between the service provider and the customer. Its purpose is to set clear, business-based targets for service performance (Service Level Targets - SLTs) and ensure that all service management activities are aligned to meet them. The core activity is the negotiation, agreement, and ongoing management of Service Level Agreements (SLAs) with customers, supported by Operational Level Agreements (OLAs) with internal teams and Underpinning Contracts (UCs) with external suppliers. Regular service reviews and service reporting are vital components.
Metrics for SLM are focused on alignment and performance:
| Metric | Description |
|---|---|
| SLA Achievement Rate | Percentage of SLAs meeting their targets over a period. |
| Number of Service Reviews Held vs. Planned | Measures governance and communication consistency. |
| Customer Satisfaction with Services | Overall perception of service quality, often tied to SLAs. |
| Cost of Service vs. Delivered Value | Ensures services remain cost-justified. |
The Continual Improvement practice is the engine of the ITIL SVS, embedded in every other practice and activity. Its purpose is to align the organization's practices and services with changing business needs through the ongoing identification and improvement of services, service components, practices, and any element involved in service management. ITIL 4 provides a structured model for this: the Continual Improvement Model. Key activities include identifying improvement opportunities (using methods like SWOT analysis or customer feedback), defining measurable goals, planning and implementing improvements, and evaluating results.
Key metrics for Continual Improvement are meta-metrics that track the improvement process itself:
The true power of ITIL Practices is realized when they are seamlessly integrated into the Service Value Chain (SVC). The SVC is an operating model with six core activities: Plan, Improve, Engage, Design & Transition, Obtain/Build, and Deliver & Support. Practices are not siloed; they provide capabilities that feed into multiple value chain activities. For example, the Service Desk practice primarily supports the "Engage" and "Deliver & Support" activities by handling user communication and incident resolution. Change and Release Management are central to the "Design & Transition" activity, ensuring safe movement of changes to production. Problem Management and Continual Improvement are deeply woven into the "Improve" activity.
Consider a scenario: A user reports a slow application (Incident Management via Service Desk). The incident is resolved with a workaround, but it triggers a problem record (Problem Management). The root cause is identified as an inefficient database query. A change is requested (Change Management) to optimize the query, which is then developed, tested, and packaged into a release (Release Management). Throughout this, SLAs are monitored (Service Level Management), and after deployment, the team reviews whether the change reduced incident volume, logging the outcome as an improvement (Continual Improvement). This end-to-end flow, facilitated by interconnected practices, moves a demand (the incident) through the SVC to create value (a more stable, performant service). Understanding this interconnectedness is a critical outcome of the ITIL 5 Foundation certification, moving practitioners from a view of isolated processes to a holistic view of value co-creation.
Successfully implementing ITIL Practices requires more than just adopting the terminology. It starts with understanding the organization's specific context, goals, and culture. A common pitfall is attempting to implement all practices at once; a phased, value-driven approach is recommended. Begin with foundational practices like Incident and Service Request Management to address immediate pain points and demonstrate quick wins. Then, layer on Problem and Change Management to instill stability and control. Practices like Service Level Management and Continual Improvement require a higher degree of organizational maturity and should be developed over time.
Utilization is about integration and adaptation. Leverage the ITIL Guiding Principles, such as "Start where you are" and "Keep it simple and practical," to tailor practices to your environment. Invest in training and certification, like the ITIL 5 Foundation, to build a common language and understanding across teams. Use technology wisely—a modern ITSM tool can automate workflows, enforce policies, and provide the data needed for metrics and improvement. Crucially, foster a culture of collaboration and continuous learning, where practices are seen as enablers of value, not bureaucratic overhead. By viewing practices as dynamic components of a larger Service Value System, organizations can build resilient, agile, and business-aligned IT services capable of thriving in the digital age.