For financial services company Sallie Mae Inc., compliance efforts provided an initial entry to ITIL
"After Sarbanes-Oxley, we had to adopt some rigorous change control standards across the organization," says JoLee Hayes, vice president of enterprise technologies at the Reston, Va.-based company. While Sallie Mae established controls, there were no consistent processes in place, so in 2005, the organization turned to ITIL to standardize on processes for incident, change and release management.
"We started out meeting with individual teams," Hayes says. "We educated them about what we wanted to do, and launched pilot projects by platform."
Hayes also says that any ITIL implementation needs the engagement of the most senior IT staff in order to be successful. In Sallie Mae's case, that meant getting buy-in and participation from senior IT personnel in the data center, application development and architecture groups.
As for benefits, Hayes says that standardizing on processes has simplified audit tracking, and maintaining documentation code in a single repository—as prescribed by ITIL—enables Sallie Mae to tie changes in applications to all components in the environment. "ITIL is one of the frameworks within our IT strategy," Hayes says. (Demand management and portfolio management are other facets of Sallie Mae's IT strategy.) Eventually, Salle Mae aims to achieve a broader IT strategy encompassing the entire IT lifecycle from project management on the front end to incorporating customer experience feedback that loops back into future IT offerings.