Cross-Reference ITIL® V3 and MOF 4.0 White Paper
- White Paper
- Methods & frameworks
- Information management
- IT Services
- Service management
February 20, 2009 |
39 min read
- White Paper
- Methods & frameworks
- Information management
- IT Services
- Service management
Learn more about the context of IT Service Management, the latest versions of ITIL and MOF, and the similarities and differences between both frameworks.
'The fastest cars have the best brakes …’
IT organizations are continuously being challenged to deliver better IT services at lower cost in a turbulent environment. Several management frameworks have been developed to cope with this challenge, one of the best-known being the IT Infrastructure Library (ITIL); see Figure 1.
Figure 1 ITIL Core Publications
Microsoft Operations Framework (MOF) is Microsoft’s structured approach to the same goal (see Figure 2). In this White Paper, the main similarities and differences between both frameworks are described.
The analysis follows a number of management paradigms that have proven to be essential to IT Service Management:
- Process, People and Technology (PPT)
- Strategy, Tactics and Operations (STO)
- Separation of Duties (SoD)
- Strategic Alignment Model Enhanced (SAME)
- Deming’s Plan-Do-Check-Act (PDCA) Management Cycle..
At the highest level, both frameworks follow a lifecycle approach, but these lifecycles are somewhat different. ITIL uses five elements for its lifecycle: Strategy, Design, Transition, Operation, and Continual Improvement, which brings it close to the PDCA model. MOF’s lifecycle core consists of only three phases: Plan, Deliver, and Operate, with one underlying layer (Manage) covering the components that apply to all lifecycle phases.
Both ITIL and MOF use processes and functions as building blocks, although the emphasis differs significantly. ITIL labels most of its components as processes and activities (ITIL has 26 processes and four functions), while MOF is almost entirely based on Service Management Functions (SMFs), each SMF having a set of key processes, and each process having a set of key activities. This rigid structure supports consistency throughout the framework.
In both frameworks, control of the lifecycle progress runs through a number of transition milestones. These milestones have been made very explicit in MOF’s Management Reviews (MRs).
Both frameworks apply the PDCA improvement approach throughout the lifecycle.
MOF, like ITIL, offers best practice guidance that can be followed in full but also in part, to address a subset of local problems.
The ‘ITSM language’ is quite consistent between both frameworks, with only minor differences.
But there are also significant differences between the two frameworks. A remarkable difference is the way customer calls are handled: ITIL separates Incident calls from operational service requests and Requests for Change, and MOF combines several customer request types in a single Customer Service SMF.
ITIL and MOF also use very different role sets and role titles. This is largely due to the difference in starting points: ITIL works from the best practices documented in each phase, whereas MOF starts from a structured organization perspective.
Another area of significant difference can be found in the approach the two frameworks take to technology.
A key feature of ITIL is that it is both vendor- and solution-neutral. That means the practices encouraged by ITIL can be applied across the board regardless of the underlying technology. The result is that ITIL focuses on the management structure that makes IT successful, rather than on the technology.
Distinctly different, MOF provides a common management framework for Microsoft’s platform products, although it can easily be used for other platforms.
Another difference is that ITIL is available in five core publications that are sold through various channels, while MOF is available free on the internet, offering very practical guidance in various formats. As a consequence, ITIL copyright is highly protected, whereas Microsoft has made MOF content available under the Creative Commons Attribution License, which makes it freely accessible for commercial reuse.
Finally, ITIL offers a comprehensive certification scheme for professionals, while Microsoft currently limits its certification for MOF to just one MOF Foundation examination. Plans for further certifications are under consideration, but no final decisions have been made.
The ITIL certification scheme is much more extensive, and, in effect, offers a qualification structure that can offer a potential career path for IT professionals.
Both frameworks show plenty of similarities and can be used interchangeably in practice. Both also have some specific features that may be of good use in a specific case. The main focus of ITIL is on the ‘what’, whereas MOF concentrates on the practical side of the ‘what’ and the ‘how’.
The new technology does not yet have a single established name. We shall call it information technology.’
Leavitt and Whisler in Harvard Business Review, 1958
Awareness of the importance of IT services has grown fast in the last decade. As a consequence, several management frameworks have been developed to cope with the challenges of providing adequate services. Since the late 1980s the field of IT Service Management has been dominated by ITIL, owned by the UK Office of Government Commerce (OGC). Several other organizations have also developed and practised their own management frameworks to support the quality of their services. Most of these frameworks provide similar guidance as documented in ITIL, but none has taken a flight as high as ITIL.
To understand how these other frameworks relate to ITIL, a number of alignment papers have been published. Papers published so far cover alignment of ITIL with COBIT, ASL and ISO/IEC 20000. This paper describes the relationship between V4 of MOF and V3 of ITIL. It is intended to support chief information officers, IT managers and IT professionals in understanding the main characteristics of MOF 4.0 and how it aligns to ITIL V3. The paper presents a short background analysis on the context of IT Service Management, a short summary of the latest versions of ITIL and MOF, and a detailed analysis of the similarities and differences between both frameworks.
Background to IT Service Management
‘I kept six honest serving men, (They taught me all I knew); Their names are What and Why and When and How and Where and Who.’
IT Service Management is the management of all people, processes and technology that cooperate to ensure the quality of live IT services, according to the levels of service agreed with the customer. It is based on functions such as systems management, network management, application development and on process domains such as Change Management, Service Level Management and Problem Management.
The essential concept here is ‘IT service’: the delivery of information processing capabilities to a defined quality (for example, capacity, performance, security, availability, etc.), using a combination of hardware, software, networks, people, documentation and facilities. In practice, we use the term ‘IT service’ at many different levels: not only for the ultimate end user-facing information processing function, but often also for infrastructural components of that service. Think of ‘network access’, or ‘workstation’. Full IT services can be subdivided into many contributing components and all of these can be the subject of a specific service organization. But in the end, the only thing that matters is how the integrated functionality is made available to the end user.
To be able to deliver the IT service to the end user, all components need to be managed. This is the raison d’être of many functions and processes in the IT service organization. ITIL and MOF are two of the frameworks available to the IT service organization or department aiming for the highest quality at the lowest cost in a turbulent environment. Ultimately IT Service Management can become a business enabler.
When analysing management frameworks, we can compare various characteristics, as addressed by GM Wijers in his paper Analyzing the Structure of IS Development Methods: a Framework of Understanding. SERC and Delft University of Technology, 1992. First of all the approach is important: the way the framework perceives reality, the elements that are taken into perspective and their coherence. Second, the modelling technique is of interest: the way reality is described in tangible structures (i.e. IDEF0 schemes, process flows, practice documentation). Another important consideration is the activation and implementation of the framework: the way the framework is deployed, i.e. adopt or adapt, incremental, phased, step-by-step, big-bang. Finally, the support structure is of interest; the automated instruments available to support the method, such as schemes, tools, documents, templates etc.
Paradigms that matter
A number of management paradigms have proven to be essential to IT Service Management. These paradigms are used in the comparison of ITIL and MOF.
People – Process – Technology
A widely accepted paradigm for defining the core focus areas in managing organizational improvement is Process – People – Technology (PPT) (see Figure 3). When using IT Service Management frameworks for organizational improvement, each of these three areas should be addressed.
An important consequence of applying this paradigm is the separation of functions from processes.
The ITIL Glossary defines a process as “a structured set of activities designed to accomplish a specific objective. A process takes one or more defined inputs and turns them into defined outputs. A process may include any of the roles, responsibilities, tools and management controls required to reliably deliver the outputs. A process may define policies, standards, guidelines, activities, and work instructions if they are needed.”
MOF defines a process as interrelated tasks that, taken together, produce a defined, desired result. A function according to ITIL is “team or group of people and the tools they use to carry out one or more processes or activities. For example the Service Desk.” So a function is an organizational capability, a combination of people, processes (activities) and technology, specialized in fulfilling a specific type of work, and responsible for specific end results. Functions use processes.
MOF does not offer a definition for function alone, but rather defines the term service management function (SMF) as a core part of MOF that provides operational guidance for Microsoft technologies employed in computing environments for information technology applications. SMFs help organizations to achieve mission-critical system reliability, availability, supportability, and manageability of IT solutions.
Strategy – Tactics – Operations
A second important and widely applied approach to the management of organizations is the paradigm of Strategy – Tactics – Operations (STO); see Figure 4. At a strategic level an organization manages its long-term objectives in terms of identity, value, relations, choices and preconditions. At the tactical level these objectives are translated into specific goals that are directed and controlled. At the operational level these goals are then translated into action plans and realized.
Separation of Duties
Information processing systems have only one goal: to support the primary business processes of the customer organization. Applying the widely accepted control mechanism of Separation of Duties (SoD; see Figure 5), also known as Separation of Control (SoC), we find a domain where information system functionality is specified (Information Management), and another domain where these specifications are realized (Technology Management). The output realized by the Technology Management domain is the operational IT service used by the customer in the business domain.
The Strategic Alignment Model Enhanced
The combination of STO and SoD delivers a very practical blueprint of responsibility domains for the management of organizations: the Strategic Alignment Model Enhanced (SAME; Van der Hoven, Hegger and Van Bon, 1998; Van Bon and Hoving, 2007; Van Bon 2008); see Figure 6.
This blueprint provides excellent services in comparing the positions of management frameworks, and in supporting discussions on the allocation of responsibilities; for example, in discussions on outsourcing. It is used by a growing number of universities, consultants and practitioners.
Since IT services are recognized as strategic business assets, organizations need to continually improve the contribution of IT services to business functions, in terms of better results at lower cost.
A widely accepted approach to continual improvement is Deming’s Plan-Do-Check-Act Management Cycle (see Figure 7). This implies a repeating pattern of improvement efforts with varying levels of intensity. The cycle is often pictured rolling up a slope of quality improvement, touching it in the order of P-D-C-A, with quality assurance preventing it from rolling back down.
Introduction to ITIL and MOF
‘In theory there is no difference between theory and practice. In practice there is.’
What is ITIL?
ITIL offers a broad approach to the delivery of quality IT services. ITIL was initially developed in the 1980s and 1990s by the then Central Computer and Telecommunications Agency (CCTA), now the Office of Government Commerce (OGC), under contract to the UK Government. Since then, ITIL has provided not only a best practice-based framework, but also an approach and philosophy shared by the people who work with it in practice.
Main structure: the Service Lifecycle
ITIL V3 (2007) approaches Service Management from the lifecycle of a service. The Service Lifecycle is an organization model providing insight into the way service management is structured, and the way the various lifecycle components are linked to each other and to the entire lifecycle system (see Figure 8).
The Service Lifecycle consists of five components. Each volume of the ITIL V3 core publications describes one of the following stages:
- Service Strategy
- Service Design
- Service Transition
- Service Operation
- Continual Service Improvement.
Service Strategy is the axis of the Service Lifecycle that defines all other stages; it is the stage of policymaking and objectives. The stages Service Design, Service Transition and Service Operation implement this strategy; their continual theme is adjustment and change. The Continual Service Improvement stage stands for learning and improving, and embraces all life cycle stages. This stage initiates improvement programmes and projects, and prioritizes them based on the strategic objectives of the organization.
Each stage is run by a system of processes, activities and functions that describe how things should be done. The subsystems of the five stages are interrelated and most processes overlap with another stage.
What is Microsoft Operations Framework?
First released in 1999, Microsoft Operations Framework (MOF) is Microsoft’s structured approach to helping its customers achieve operational excellence across the entire IT Service Lifecycle. MOF was originally created to give IT professionals the knowledge and processes required to align their work in managing Microsoft platforms cost-effectively and to achieve high reliability and security. The new version, MOF 4.0, was built to respond to the new challenges for IT: demonstrating IT’s business value, responding to regulatory requirements and improving organizational capability. It also integrates best practices from Microsoft Solutions Framework (MSF).
MOF offers practical guidance for everyday tasks and activities, and, last but not least, its entire documentation is free for use, and even for reuse under the Creative Commons Attribution License.
Main structure: IT Service Lifecycle
The IT Service Lifecycle describes the life of an IT service, from planning and optimizing the IT service, aligning it with the business strategy, through the design and delivery of the IT service in conformance with customer requirements, to its ongoing operation and support, delivering it to the user community. Underlying all of this is a foundation of IT governance, risk management, compliance, team organization, and change management.
The IT Service Lifecycle of MOF (see Figure 9) is composed of three ongoing phases and one foundational layer that operates throughout all of the other phases:
- Plan phase: plan and optimize an IT service strategy in order to support business goals and objectives.
- Deliver phase: ensure that IT services are developed effectively, deployed successfully, and ready for Operations.
- Operate phase: ensure that IT services are operated, maintained and supported in a way that meets business needs and expectations.
- Manage layer: the foundation of the IT Service Lifecycle. This layer is concerned with IT governance, risk, compliance, roles and responsibilities, change management, and configuration. Processes in this layer apply to all phases of the lifecycle.
Each phase of the IT Service Lifecycle contains Service Management Functions (SMFs) that define and structure the processes, people, and activities required to align IT services to the requirements of the business. The SMFs are grouped together in phases that mirror the IT Service Lifecycle. Each SMF is anchored within a lifecycle phase and contains a unique set of goals and outcomes supporting the objectives of that phase.
Each SMF has three to six key processes. Each SMF process has one to six key activities.
For each phase in the lifecycle, Management Reviews (MRs) serve to bring together information and people to determine the status of IT services and to establish readiness to move forward in the lifecycle. MRs are internal controls that provide management validation checks, ensuring that goals are being achieved in an appropriate fashion and that business value is considered throughout the IT Service Lifecycle.
Alignment of ITIL and MOF
‘People never have enough time to do work properly, but they always have enough time to do it over.’
In terms of the approach, both frameworks use a lifecycle structure at the highest level of design. Furthermore, both use processes and functions, although the emphasis differs significantly: ITIL describes many components in terms of processes and activities, with only a few functions, while MOF is almost entirely based on SMFs.
ITIL follows a lifecycle approach, the lifecycle is broken down into 5 phases and most of the components described in one phase also apply more or less to other phases. The control of the MOF lifecycle is much more discrete, using specific milestones that mark the progress through the various stages in the lifecycle. MOF components that apply to more than one of these three lifecycle phases are separated from the lifecycle phases and described in an underlying management layer.
Both frameworks are best characterized as ‘practice frameworks’ and not ‘process frameworks’. The main difference is that ITIL focuses more on the ‘what’, but MOF covers both the ‘what’ and the ‘how’.
The modelling techniques of ITIL and MOF are not that much different at first sight: both frameworks use extensive text descriptions, supported by flowcharts and schemes. ITIL documents its best practices by presenting processes, activities and functions per phase of its lifecycle. MOF components have a rigid structure: each SMF has key processes, each process has key activities, and documentation on SMFs and MRs is structured in a very concise format, covering inputs, outputs, key questions and best practices for each component. This rigid structure supports consistency throughout the framework, and supports the user in applying a selection of MOF components for the most urgent local problems.
The activation and implementation of ITIL and MOF are not really part of the framework documentation. ITIL has been advocating the ‘adopt and adapt’ approach. Supporting structures such as organizational roles and skills are described for each phase, but implementation guidance is not documented. MOF, like ITIL, offers best practice guidance that can be followed in full but also in part, to address a subset of local problems. Both frameworks speak of ‘guidance’, leaving the actual decisions on how to apply it to the practitioner.
Support structures for ITIL are not really part of the core documents: although a huge range of products claim compatibility with ITIL, and several unofficial accreditation systems exist in the field, the core publications stay far from commercial products and from product certification, due to a desire to remain vendor-neutral. MOF compatibility, on the other hand, is substantially established. Microsoft aligns a broad set of tools from its platform with the MOF framework. And although MOF is not exclusively applicable for these Microsoft management products, the documentation at Microsoft’s TechNet website provides detailed information on the use of specific products from the Microsoft platform.
Although ITIL and MOF share many values, the two frameworks also show some significant differences.
- Cost – ITIL is available in five core publications that are sold through various channels, but MOF is available free on the internet. As a consequence, ITIL copyright is highly protected, while Microsoft made MOF content available under the Creative Commons Attribution License, which makes it freely available for commercial reuse.
- Development – in the latest versions, both ITIL and MOF spent considerable energy on documenting the development of new services and the adjustment of existing services. In addition ITIL is constantly reviewed via the Change Control Log where issues and improvements are suggested and then reviewed by a panel of experts who sit on the Change Advisory Board. The ITIL Service Design phase concentrates on service design principles, where the Deliver phase in MOF concentrates on the actual development of services. The approach taken in MOF is heavily based on project management principles, emphasizing the project nature of this lifecycle phase.
- Reporting – ITIL has a specific entity that describes reporting, in the Continual Service Improvement phase, while MOF has integrated reporting as a standard activity in SMFs.
- Call handling – ITIL V2 showed a combined handling of incidents and service requests in one process, but in ITIL V3 incident restoration and service request fulfilment were turned into two separately treated practices. MOF, on the other hand, stays much closer to the ITIL V2 practice, combining several customer requests in one activity flow, for incident restoration requests, information requests, service fulfilment requests and new service requests. If the request involves a new or non-standard service, a separate change process can be triggered.
- Lifecycle construction – Most elements of ITIL are documented in only one of the five core publications, but it is then explained they actually cover various phases of the ITIL lifecycle. ITIL uses five elements for its lifecycle: Strategy, Design, Transition, Operation, and Continual Improvement, which brings it close to the PDCA model. MOF’s lifecycle comprises only three phases: Plan, Deliver, Operate, with one underlying layer covering the components that apply to all lifecycle phases. As a consequence, a number of practices are applied all over the MOF lifecycle, but in ITIL these are mostly described in one or a few lifecycle phases. For example, risk management is part of the Manage layer in MOF, but in ITIL it is mainly restricted to Strategy and Continual Improvement. The same goes for change and configuration management: throughout the MOF lifecycle but in ITIL these are concentrated in the Transition phase.
- Organization – ITIL describes roles and organizational structures in each lifecycle phase. MOF supports best practices for organizational structures by applying the MSF approach: throughout the MOF lifecycle responsibilities are documented and accountability is made explicit, and general rules are allocated to the underlying Manage layer.
- Governance – Both frameworks illustrate the difference between governance and management. ITIL describes governance theory and practice in the Strategy phase and in the CSI phase of its lifecycle, and refers to governance requirements in most other phases. MOF explicitly documents accountability and responsibility in all of its lifecycle phases and in the Manage layer, identifying decision makers and stakeholders, and addressing performance evaluation. MOF specifically addresses risk management and compliance in the Manage layer, supporting governance throughout the lifecycle. Explicit Management Reviews are used throughout the MOF framework as control mechanisms.
This section will show how ITIL and MOF are positioned in the main paradigms, as discussed before. Appendix A shows the differences in more detail.
On a high level, the lifecycles of ITIL and MOF appear to be rather similar, although the phases cannot be referenced completely on a one-on-one base; see Figure 10.
Comparing the lifecycles
There are some major differences between ITIL and MOF lifecycles:
- ITIL lifecycle phases contain processes, activities and • functions that also apply to other phases. In MOF, the SMFs that apply to more than one phase have been filtered out and grouped in the Manage layer, supporting the entire MOF lifecycle.
- MOF lifecycle phase transitions are managed through several • Management Reviews (MRs). These MRs serve to determine the status of IT services and to establish readiness to move forward in the lifecycle. ITIL also uses a number of readiness tests for progress control in the lifecycle phases, but these are not implicit.
People – Process – Technology
‘Eighty per cent of unplanned downtime is caused by people and process issues, including poor change management practices, while the remainder is caused by technology failures and disasters.’
Donna Scott, Gartner, Inc., 2003
Both ITIL and MOF have a strong focus on processes. Both frameworks document the activities that need to be performed to cope with everyday problems and tasks in service organizations. Both frameworks also use the same formal definition of ‘process’, based on widely accepted ISO standards. However, in both cases the framework documentation is largely presented in a mix of process, people and some technology and therefore in the format of procedures, work instructions and functions. This is for good reason, because it addresses the actual perception of what people experience in their daily practice. Readers looking for ‘pure process descriptions or process models’ will not find these in ITIL nor in MOF. And although ITIL uses the term ‘process’ for many of its components, most of these components are actually functions. MOF uses the term ‘Service Management Function’ throughout the framework.
Organizational structures are documented quite differently in both frameworks. Individual ITIL roles and MOF roles show some overlap, but both frameworks contain a long list of unique roles. This is largely based on the difference in viewpoint: ITIL works from its practices towards a detailed roles spectrum and MOF works from a number of basic accountabilities: Support, Operations, Service, Compliance, Architecture, Solutions, and Management. MOF applies the MSF framework as a reference system for these organizational structures, supporting the performance of the organization. In larger organizations the MOF roles can be refined into more detailed structures, but in most organizations the roles are sufficient. The team SMF of MOF is explicitly focused on the management of IT staff.
Technology is only covered at an abstract level in ITIL: the framework stays far from commercial products and only describes some basic requirements. MOF, on the other hand, is deeply interwoven with technology solutions. Although MOF has been defined in such a way that it is not technology-specific, the Microsoft technology platform highly aligns with the practices documented in MOF. The MOF website is embedded in the rest of the TechNet documentation on Microsoft products.
STO and SoD, in SAME
Strategic levels are covered in both frameworks. ITIL documents its best practices on long-term decisions in the Strategy phase. MOF does the very same in the Plan phase, and supports this in the Manage layer.
Tactical levels are covered in a similar way: ITIL concentrates these in the Service Design and CSI phase, and MOF describes its tactical guidance in the Deliver phase, in the Manage layer and in the Operate phase (Problem Management).
Operational levels are covered mainly in a single phase in both frameworks; ITIL has its Service Operation phase, and MOF has its Operate phase.
The ITIL lifecycle phases are positioned mainly in the Technology Management domain, emphasizing that ITIL explicitly supports the organizations that deliver IT services. The activities that relate to the specification of the service requirements and the management of enterprise data architectures are typically found in the middle column of the 3 x 3 SAME matrix.
This also applies to MOF. The MOF Plan phase is largely positioned at the Strategy level, but also concentrates on the Technology Management domain. The Deliver phase is positioned similarly, but on tactical and operational levels. The Operate phase clearly works at the operational level of the Technology Management domain, except for the very tactical practice of Problem Management (see Figure 11).
The Manage layer in MOF relates to all three management levels, but also concentrates in the Technology Management domain (see Figure 12).
As a consequence, both frameworks require that elements from additional frameworks such as TOGAF, ISO 27001, CobiT, M_o_R®, BiSL, FSM and MSP™ are applied for managing the rest of the overarching Information Support domain.
ITIL explicitly follows Deming’s Plan-Do-Check-Act (PDCA) management improvement cycle, for implementing the CSI phase, for implementing the Information Security function in the Service Design phase and for the continual improvement of services, processes and functions throughout the Service Lifecycle.
MOF does not explicitly list PDCA as a mechanism, but it follows its principles throughout the lifecycle, in all SMFs. Plan-Do-Check is elementary to the implementation of all SMFs, and various Check-Act points can be found in the very explicit Management Reviews throughout the MOF framework.
Terminology and definitions
The ‘ITSM language’ is quite consistent between both frameworks, with only minor differences. For example, where ITIL uses the term Change Schedule, MOF uses Forward Schedule of Change. Such small differences should not be a problem in practice.
Of course both frameworks use some typical terminology that illustrates some of their unique characteristics:
- The ITIL core terms utility and warranty, fit for purpose and fit for use are not used in MOF, and neither are terms like service package – although MOF speaks of ‘packaged products’ in general terms.
- Likewise, some explicit MOF terms, like customer service management, stabilize, and issue-tracking, are not – or differently – used in ITIL.
Both frameworks use the term ‘process’ in a rather loose context. Many components in ITIL and MOF, labelled as a process, are in fact not described in process formats, but rather as functions, procedures, steps in a process, or activities.
More detailed information on the alignment between ITIL and MOF can be found in Appendix B.
Training and certification
‘Cauliflower is nothing but a cabbage with a college education.’ Mark Twain
In 2007 OGC appointed the APM Group (APMG) as the official accreditor for ITIL certification, to run an accreditation, examination and certification scheme. APMG launched a new certification scheme for ITIL, based on ITIL V3. The existing scheme on ITIL V2 will be maintained for a transition period.
The system of qualifications for ITIL V3 has four qualification levels (see Figure 13):
- Foundation Level
- Intermediate Level (Lifecycle Stream, Capability Stream, and • Managing Across the Lifecycle
- ITIL Expert
- ITIL Master.
The scheme is supported by a Foundation Bridging Course, to bring practitioners from ITIL V2 to ITIL V3.
Professional qualifications based on ITIL are offered by Examination Institutes, accredited by APM Group through the ITIL Qualifications Board. Examination Institutes are permitted to operate an ITIL examination scheme through a network of Accredited Training Organizations, and Accredited Trainers with Accredited materials.
For more information about the ITIL V3 Qualification Scheme, see www.itil-officialsite.com/qualifications.
Microsoft currently limits its certification on MOF to one MOF Foundation examination. The ongoing thinking and work about what an advanced certification might include is still at an early stage.
The Foundation level MOF training is currently available through MOF training partners, through some MS gold partners, and through Microsoft Services. A Foundation level certification is available through EXIN Exams; see www.exin-exams.com
Applying MOF and ITIL in practice
‘So much of what we call management consists in making it difficult for people to work.’
Peter F Drucker
Both ITIL and MOF advocate the use of elements of the framework if the full set is too much for an organization.
Training on ITIL starts with a focus on the lifecycle, then zooms in to the framework components. MOF offers all of its guidance on the TechNet website, offering access to the framework at any level required.
In practice, very few organizations apply the full guidance of either framework. Most often, organizations start out with those components that address the biggest problems. This is no different for ITIL or MOF. Among the most popular content we find the guidance on change and configuration, on Incident restoration/customer service support, on Service Level Management/business-IT alignment, and on Problem Management.
Published case material that proves the value of implementing ITIL or MOF is extremely rare. Business cases mostly involve factors such as quality improvement – a rather intangible factor. Nevertheless, implementations of framework components can often be based on a Business Case approach. Measuring initial state performance metrics and comparing these to the situation after implementation can then support the adoption of additional components of the framework.
Both ITIL and MOF are reference frameworks and not implementation models. The documented best practices can be used within the local approach of an organization, provided they have developed their own process model to support their organization and technology dimensions. An organization can develop its own model or use an out-of-the-box model available in the market.
When redesigning an organization, using ITIL or MOF and following the People – Process – Technology paradigm, a process model would most likely be the start of the project: organizations should first decide on what they want to do, then decide on who they need for the job, and then equip the organization with adequate technology to achieve these goals (the how).
Although you would expect processes to be standard throughout the IT services industry, standardized pure process models are rarely available in the market. In most organizations, the people dimension is unique, just like the technology dimension: most organizations differ in structure, culture, behaviour and history, and the supporting technology comes in many forms. This way, each implementation project is influenced by a unique combination of local factors, and on top of that we rarely find any greenfield situations.
Given this situation, MOF supports implementation projects by making the framework components available in standardized structures, allowing implementation managers to pick the required components and add these to the scope of their specific project. The structure of the framework furthermore aligns firmly to common project management standards, allowing for an easy fit.
Implementing MOF is supported by ongoing evolution of MOF guidance, and by the support of the online MOF community at the TechNet website.
Microsoft, Microsoft Operations Framework, 2008
OGC, Service Strategy, 2007
OGC, Service Design, 2007
OGC, Service Transition, 2007
OGC, Service Operation, 2007
OGC, Continual Service Improvement, 2007
Van Bon J. ‘This is NOT IT Governance’ in: UPGRADE, The European Journal for the Informatics professional, Vol. IX, No. 1, February 2008.
Van Bon J and Hoving W. SAME – the Strategic Alignment Model Enhanced. ITSM PORTAL, 2007.
Van der Hoven DJ, Hegger G, van Bon J. ‘BII: Beheer van de interne informatievoorziening’. In: IT Beheer Jaarboek 1998, Ten Hagen and Stam, 1998.
Wijers G, Seligmann PS and Sol HG. The Structure of IS Development Methods: a Framework of Understanding. SERC and Delft University of Technology, 1992.
On ITIL: APMG, TSO and OGC manage the information on ITIL at www.itil-officialsite.com
On ITIL certification: see www.itil-officialsite.com/qualifications.
On MOF: Extensive documentation on MOF, and detailed guidance on the use of Microsoft platform products can be found at www.microsoft.com/mof
On MOF certification: see www.exin-exams.com
Jan van Bon, the chief editor of numerous ITSM titles and CEO of Inform-IT, has been deeply involved with the development of the IT Service Management discipline, ITIL and other management frameworks since 1990. Since 1996 he has constantly worked for itSMF, as a project manager for several of itSMF’s activities, as content manager for dozens of itSMF events, and as a professional managing editor for most of the itSMF publications. He has produced around 70 publications on IT Service Management in up to 13 languages; in addition he has been the driving force behind several websites for the ITSM international community of practice.
Jerry Dyer is a Senior Programme Manager at Microsoft. Dyer was the content architect for MOF 4.0, which was released in April 2008.
This paper was reviewed by a number of well-known experts in IT Service Management, with deep knowledge of ITIL and MOF. We thank Rolf Akker (ICT Strategist at Gasunie and co-author of the MOF V2 pocket guide), Malcolm Fry (Independent Service Management Analyst at FRY-Consultants), Wim Hoving (CEO at BHVB), Paul Leenards (Principal Consultant and Practice Lead Service Strategy and Transformation at Getronics Consulting), and Gary Roos (Principal Operations Consultant at Microsoft) for their support.
Appendix A: Detailed cross-reference
This appendix contains a more detailed discussion of MOF versus ITIL, along the paradigms.
ITIL and MOF use different role sets and role titles. This is largely due to the difference in starting points: ITIL works from the best practices documented in each phase, whereas MOF starts from the organization perspective. For example, ITIL defines a Finance Manager as the person responsible for the Financial Management process, while MOF has financial managers who in fact are the financial experts active in managing finances.
MOF also incorporates the results of the Microsoft Solutions Framework (MSF), covering extensive guidance on how to organize people and projects to plan, build, and deploy successful IT solutions.
A number of elementary roles are used in both frameworks, for example, process-based roles such as Service Level Manager, Supplier Manager, Portfolio Manager, Change Manager, Change Advisory Board (CAB), Release Manager, Configuration Manager/Administrator, Incident Manager/Resolver, Problem Manager, Operations Manager; activity-based roles such as Architect, Developer, Test Manager, Operator, User, Customer.
Other ITIL roles are not explicitly found in MOF; for example, Service Catalogue Manager, Service Design Manager, Availability Manager.
Like ITIL, MOF uses some typical roles, determined by specific and unique MOF content; for example, IT Policy Manager, Risk and Compliance Manager, Reliability Manager, Internal Control Manager, Customer Services Representative, Tester, Product Manager, User Experience, Solution Manager, Administrator, Technology Area Manager, Monitoring Manager, Scheduling Manager, etc.
Some roles are truly different; for example, ITIL uses the ‘Project Manager’ role for the leader of a project, whereas MOF defines a project manager as someone who has project management skills, but is not necessarily the leader of a project.
Sometimes the difference is simply a matter of chosen words; for example, where ITIL uses Business Relationship Manager and MOF uses Account Manager.
ITIL and MOF follow the same definition of ‘process’:
- ITIL: a structured set of activities designed to accomplish a • specific objective
- MOF: interrelated tasks that, taken together, produce a • defined, desired result.
This definition is derived from a common ISO definition that can at best be taken as: ‘A sequence of interrelated or interacting activities designed to accomplish a defined objective in a measurable and repeatable manner, transforming inputs into outputs.’ Both frameworks apply this definition in a very loose context: many practices, activities and functions are labelled ‘process’, but not documented as such. Instead these framework components are often constructed as organizational capabilities, composed from People, Process and Technology elements.
Therefore, comparing ITIL ‘processes’ with MOF ‘processes’ is not very useful. Addressing all components as ‘practices’ leaves the reader with a much better reference framework for comparing the two. This cross-reference, based on practices, is offered in Appendix B.
Technology can take different forms, ranging from workflow support systems and system management tools to framework-typical supporting structures such as a CMS or a Service Catalogue.
ITIL does not provide much detail on supporting technology and tools. It offers chapters on technology considerations, but these are restricted to high-level considerations of the ‘what’.
Distinctly different, MOF provides a common management framework for Microsoft’s platform products. And although MOF can easily be used for other platforms, the integration between Microsoft products and the MOF management framework is a core development target.
Like the practices in both frameworks, the framework-typical structures do not seem to differ much. Both frameworks use structures such as Service Level Agreements (SLAs), Operational Level Agreements (OLAs), Underpinning Contracts (UCs), Configuration Items (CIs), Configuration Management Systems (CMSs) and Configuration Management Databases (CMDBs), Definitive Software Libraries (DSLs), a Change Schedule (CS in ITIL) or a Forward Schedule of Change (FSC in MOF), Known Error Databases (KEDs), Service Catalogues (SCs) and Service Portfolios (SPs), Business Continuity Plans (BCPs), Business Impact Analyses (BIAs), Post-Implementation Reviews (PIRs), Standard Operating Procedures (SOPs in ITIL) or Operations Guides (OGs in MOF), RACI and use cases.
Of course, some structures are mentioned specifically in one framework and not in the other: ITIL uses a Capacity Management Information System (CMIS), an Information Security Management System (ISMS), and MOF uses an Issue-Tracking Database.
Strategy, tactics, operations
ITIL offers extensive guidance on Service Strategy, providing a theoretical base for strategic decisions, explaining the ‘what’, but apart from the information in the first of the five ITIL core publications, most of the other publications focus at a tactical or operational level. MOF follows the same pattern, and focuses more on the practical everyday tasks and activities in service organizations. Most strategic components of both frameworks also have a tactical ‘load’. Tables 1 and 2 show the elements at Strategic/Tactical and at Operational levels.
When growing in maturity, organizations tend to start getting in control of the operational level before they master the tactical or strategic levels. Similarly, organizations tend to start working their way up from the Technology Management domain to the Information Management domain. This is illustrated in the development paths of ITIL and MOF during their subsequent versions (see Figure 14).
Both frameworks started out at the lower right side of the 3 x 3 SAME matrix, and are now stretching into the Information Management domain. Both now present more detailed guidance on managing business requests, on demand management, on requirements engineering, on use cases, and on handling functionality information requests. ITIL now also goes into details on sourcing strategies and Patterns of Business Activity (PBAs). But although both ITIL and MOF now look into data management and functionality, the focus is still clearly on the service delivery organization.
Continual improvement is an underlying paradigm in both ITIL and MOF. At the highest level, both lifecycles are illustrations of the concept. Plan-Do-Check can easily be recognized in the structures of these lifecycles. The Act step is very explicit in ITIL, in the Continual Service Improvement phase, while MOF covers it more deeply in the system.
Several functions and processes in ITIL clearly follow the PDCA model in their documentation; for example, Security Management, Application Management, and the 7-Step Improvement Process are very explicitly expressed as PDCA cycles. MOF does the very same in the process flow of the Reliability SMF, the Policy SMF, the Operations SMF, the Service Monitoring and Control SMF, and in processes like Establish IT Governance, Assess/Monitor/Control Risks, and Comply with Directives.
PDCA cycles are often applied in the implementation of specific functions. Organizations plan a function at a certain stage of their development; they then implement the function in their organization, and finally they check the results at various points to feed improvement initiatives. Continual improvement is elementary in service organizations that need to provide better services at lower cost all the time, in fast-changing environments.
Both frameworks make good use of the valuable principles in this management paradigm.
Appendix B: Mapping of processes, activities, functions and other elements
Table 3 presents the mapping of MOF V4 versus ITIL V3. The first section of the table shows the ITIL components and explains where these can be found in MOF. The second section shows the components that are exclusive to MOF, and illustrates where these can be found in ITIL.