News Stay informed about the latest enterprise technology news and product updates.

University of Pennsylvania builds ITIL from the ground up

Donna Manley, IT Sr. Director, Computer Operations within Information Systems and Computing (ISC) at the University of Pennsylvania in Philadelphia filled the room at the recent AFCOM conference in Las Vegas. Manley's presentation dealt with her experience implementing ITIL from the ground up at the Ivy League institution. Manley moved to the University two and a half years ago from the financial industry and in that time she has brought the school's data center operations to the next level through ITIL discipline. caught up with Manley after the presentation to talk about her experience. This is an excerpt of that conversation.

Internal resistance to change is one of the biggest problems facing an organization implementing ITIL. How you would advise someone to tackle that problem?

More on ITIL:
ITIL in the data center: Organizing your IT processes

Controlling configuration and change management: IT process controls
You need to be honest about your organization and know that the people in it are going to be able to extend and evolve to the place they need to be to implement ITIL successfully. For instance at Penn, within ISC Computer Operations we evaluated staff skills to assist in determining where employees would attain their greatest success within the ITIL framework.

Also, get executives to buy in to push it from the top down, rather than trying to implement from grass roots. In my organization, I have had the strong support of both my manager and our Vice President. How did you re-architect your staff for ITIL?
You have people whose job is to execute a specific ITIL discipline. For the incident manager, for example, the person must focus on reviewing incidents, trending them, researching aged items, and in our case promoting RCAs (root cause analyses) as needed. They cannot have ancillary duties (for example, laying cable) as part of their role. We have a strong culture of change in ISC and Penn, and this helps to facilitate the necessary evolution of roles and responsibilities for implementing ITIL. What kind of ITIL training have you recommended for your staff?
I sent six of my staff members to get ITIL Foundations certification. The foundation gives them the broad bush of how these things work to together and how they are related at a high level. It is part of the IT service management program. Now, I can then take my incident manger who has taken the basic overview, and I can send her for a secondary certification specific to incident and problem management. The more we can educate and delve into a specific ITIL discipline, the greater the opportunity for ISC operational efficiency.

Measuring the payback for ITIL:
Donna Manley at U. Penn started implementing ITIL two years ago. How do you measure the return on investment on this type of project?  

Manley came up with an estimate through reverse engineering. After implementing ITIL, Manley and her staff reviewed every function performed during a shift change and found 17 tasks that were no longer required or could be performed systematically. Manley calculated the amount of time it took to execute the task, multiplied by the staff rate to get approximate dollars saved. "We wanted a basic method to calculate that benefit. Eventually we'll get to a more sophisticated ROI calculation or all-in method of calculation," Manley said.
Was ITIL training expensive?
It certainly can be a significant cost however, again, ISC has a strong commitment to training – we have multiple year training plans. I was in a position to host the activity at Penn and I sent all six of my team members-- they gave me a person's tuition for free for hosting the event. The approximate cost was between $1000 and $1500 for the four day program and certification test per person. What do organizations need to do to sustain ITIL?
You have to have the ground work of the separate disciplines and have people dedicated to those to keep ITIL whole. It is a big people investment to sustain it. But each time we look at this we find something we can improve. We find continuous improvement is the key. It's not something that stands still and at Penn we recognize the rising expectations for the performance of IT by our clients.

It's also important not to be too siloed, my incident manager is my change management backup. We have it structured so that we minimized potential gaps. Where are you in your adoption of ITIL?
We've been at this about 2 years now, we're probably 65% through and we're going to have to do the next 35% in the next 18 months. It's not something that has an end date on it, however. Once you embrace the methodology, you embrace a continuous improvement process. The expectations for even greater effectiveness are always present. Tools change, and all of this factors into it. Operational change needs to be as dynamic as the business environment. During your presentation, you mentioned the goal of automating all manual tasks in 24 months. Can you describe what that means?
The primary example-- in ISC's command center, individuals are getting batches submitted manually on paper, by email, and on the phone. Currently the staff is required to manually enter a work request into the system for each of these. We're looking to automate that through change control or incident request tools or possibly acquire a tool that allows the developers to stage their work and have the Command Center staff promote them to production. This effort will minimize errors that sometime occur related to translating information from paper form to system, streamline activity, provide a more holistic opportunity to capture data on MTTR (mean time to resolve), and again make additional resource time available for other services being introduced into the Command Center environment.

In our customer service, they receive a fax form when someone wants printer access. I want to eliminate the paper fax and have an e-Fax with an associated [BMC] Remedy request to get it processed; again, minimizing risk of paper getting lost or misplaced.

It saves paper, but also from an audit standpoint, I want to have everything bundled for the auditors (internal and external). Benefits from an audit standpoint for us are huge. Where internal, financial, or process auditors would normally receive stacks of paper documents to follow a process end to end, our goal is to provide the information they require in a succinct, structured, and automated manner. What's next?
Another milestone we're striving for: managing by exception. When you're used to looking at every different detail, it's a hard evolution to get someone to trust the system enough to tell them what the anomalies are and to trust that the baseline is working properly.

Donna Manley is President of the AFCOM Greater Philadelphia, New Jersey, and Delaware Chapter.

Dig Deeper on IT compliance and governance strategies

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.