IT4IT is a new standard and you can now get an IT4IT certificate by answering 40 questions in one hour. I.e. being an expert seems to require that you need to learn it by heart. While I don’t like this type of certifications, the main problem is that the standard is not ready.
The standard is a curious mix of a meta model for an IT ERP systems and best practices. The model shows the application components and the data interfaces. The best practices thinking appears in the CSF’s and KPI’s
There is good thinking behind the model. It has some clear definitions and a defined description language. At some other parts, it looks like the model construction has taken over the model content. The service customer, consumer or user has been treated a hot potato. According to Charles Betz, the concept of the customer does not belong to this description level. I can understand the idea. It is possible to describe the working of some high level system leaving out the connections to the outside world, but this is not the case with IT4IT. The customer links are there. Customer has Requirements, there is an ”Engagement Experience Portal” and the Detect-component should ”understand user issues”.
While user issues are not important enough to have a component, events are. Surprisingly events have even a lifecycle. This is strange. An event is a notification of something that has happened. For example, a user may have entered a wrong password or one disc unit may have failed. In both cases the event is not significant alone, hundreds of users make mistakes everyday and the disc system is built for redundancy. Events need to be analyzed but they do not have a lifecycle.
CSF and KPI
A critical success factor (CSF) for the Detect to Correct value stream is Achieve Operational Excellence. It looks like the IT4IT has misunderstood the term CSF. According to Wikipedia:
Critical success factors should not be confused with success criteria; the latter are outcomes of a project or achievements of an organization that are needed to consider the project a success or to esteem the organization successful.
The key performance indicators are strange too. These are KPI’s for event management.
Increase in breadth and depth of monitoring endpoints, reduction of escalated events (via filtering/correlation/ automated resolution), reduction of false positives, and reduction of the number of security events that cause business disruption.
How do you measure ”breadth and depth of monitoring endpoints” and why would it be good to reduce escalations? Why do they assume that ”false positives” are an issue generally, why not false negatives? It is quite difficult to see how these would indicate good performance.
The next CSF is ”Improve Customer Satisfaction”. Again this is clearly the outcome, not a factor. As a KPI there is ”Increase rate of first call resolution”. The IT4IT architects live still in the era of telephone support.
There is value in IT4IT but it is far from ready.