1 Introduction

Throughout history IT has played a very important role. Recently through automation and computerization of its management, IT has become an indispensable tool and a key to organizations, companies and public institutions.

IT service management (ITSM) is a process-based practice intended to align the delivery of information technology (IT) services (Galup et al. 2007) with the needs of the enterprise, emphasizing benefits to customers. ITSM (Bardhan et al. 2010) involves a paradigm shift from managing IT as stacks of individual components to focusing on the delivery of end-to-end services using best practice process models. Information Technology Infrastructure Library (ITIL) is a globally recognized collection of best practices for IT service management (Betz 2006).

Information is one of the main sources of business in the world; business generates large amounts of information. Its right use is important and strategic importance and should not be considered as one tool among many others.

Not so long time ago, the IT infrastructure simply provided support services primarily to databases, telephony, telecommunications and management applications, and sometimes they could be compared with office supplies, something important and essential for the proper functioning of the organization, but nothing else.

However, today this has changed and the IT services usually represent a key to the processes of the organization (Duffy 2002a).

The objectives of good management of IT services must be to:

  • Provide adequate quality management

  • Increase efficiency

  • Align organizational processes and IT infrastructure

  • Reduce the risks associated with IT services

  • Fulfil the objectives outlined in the organization

Today it is necessary to measure, evaluate and more importantly ensure and improve the quality of IT services. In this context, principles and quality management practices can be useful to meet these needs (Peterson 2003).

The organizations are often very dependent on their IT services and expect that these services not only support the organization but also provide new options for achieving its objectives (Van Der Zee and De Jong 1999). The provision of IT services involves the total management of IT infrastructure; it allows IT service providers wash one hands of the technology and can focus more on the relationship with its customers and the services they offer.

If we were talking about company’s processes, ITIL aims through effective management of it that the product resulting from the production will have a more consistent quality for consumer satisfaction.

The quality of a service or product is evaluated once it is provided. The quality can be defined as the ability to achieve the desired operational objectives.

Therefore, the purpose of the quality is to provide to the customer a suitable offer with controlled processes while ensuring that this improvement does not result in additional costs. It is possible to improve a large number of problems at a low cost. However, when the perfection is closer, the costs are higher.

2 Adding Quality in IT Service Management Models

Under the premise taken today by organizations that IT can help substantially to achieve the goals set by the business, the challenge is to carry out a proper management of ITs within the organization in order, firstly, to measure and know in which level improvements occur in the objectives of the business through IT and, secondly, to direct them properly towards an alignment IT ← → business objectives that they allow to obtain the best results. In this context, it emerges the concept of government of IT as the framework more general and abstract to be working today, and under it will be placed a proper management of ITs.

However, as a general rule, these aspects are not addressed in models of existing IT governance, which are based on the principle that it requires a satisfactory answer to these questions, understanding that it is no sense to address it in opposite way: if the governing bodies believe that ITs do not add value, they are not strategic or they are not valued in the organization, then, why would be they governed? Some authors, as (Weill and Ross 2004a, b), have done studies on how to govern IT in organizations with large and scattered sets which are available to get a view of reality, although we must be careful not to extrapolate these studies to any organization because the profile of those included in such studies is very particular and restricted to organizations with a high degree of implementation of IT.

An appropriate model requires a holistic recognition of their complex and dynamic nature (Duffy 2002a, b; Patel 2003; Peterson 2003); a set of interrelated factors is necessary to address adequately the problem. In this sense, some authors (Peterson 2003; Van Grembergen et al. 2004; Weill and Woodham 2002) propose that the government of IT can be addressed using a mixture of structures, processes and relational mechanisms (components) interconnected correctly. A lower level would be a definition of an exact set of mechanisms that vary depending on many factors in each organization; there is no single model or standard (Patel 2003; Ribbers et al. 2002).

In the rest of this chapter, we will analyse the main existing approaches to governance and management of IT.

2.1 Action Frameworks

There are various action frameworks, models, methodologies, standards and guidelines of good practices that can be used to address good governance and a good management of IT. The question is to decide which and for what. In the next lines, we will use the term framework to refer to all of them in order to unify, independently if some are methodologies, other standards, and so on.

In summary, the following can be listed as advantages of standard applications (Oud 2005):

  • It avoids reinventing the wheel again and again.

  • It is a low cost of adopt it instead of making the development of a methodology.

  • It facilitates the services outsourcing, enabling a common environment between the organization and the organization that is outsourced.

  • It provides audit and control.

  • It allows the use of universal indicators for evaluations across organizations.

About the first question (which), we must consider a frameset referenced in the literature: COBIT, ITIL, ISO/IEC 38500 and ISO 20000 and others less known: EFQM (which will be the one in which we will base our study), CMM, MOF or BS 15000. The second question (for what) is necessary to be tackled in terms of governance or management, so we must select the appropriate frameworks and develop appropriate IT governance or management. This is not a simple issue, since many of these frameworks can be used to address both domains, for example, COBIT. We are going to describe each of them:

  • COBIT: This is a framework internationally accepted as good practice for information control, IT and related risks.

  • ITIL: It will be described later (see Sect. 2.1.1).

  • ISO 20000: It describes an integrated set of processes that can deliver in an effective way IT services to organizations and their customers.

  • ISO/IEC 38500: It provides a service framework for the management of organizations using them to evaluate, manage and monitor the use of IT.

  • EFQM: It will be described later (see Sect. 2.1.2).

The trend is the integration of the action frameworks which allow their use efficiently, as is the case of the four mentioned above (Fig. 23.1).

Fig. 23.1
figure 00231

COBIT/ISO 38500, ITIL/ISO 20000 and EFQM

Full size image

It is important that there is no single answer to the selection of frameworks to be used at any time. In principle we can say that there is no approach that covers everything, from the government of IT to the implementation of specific processes such as security, but, rather, a set of approaches that complement each other to cover the whole scenario.

There are other action frameworks that we could enumerate them (Fig. 23.2), although the consideration of the previous four models, they amply cover most of the claims concerning government and IT governance in an organization. The important thing in any case is to do a good selection of these and know with which of them one should start to work.

Fig. 23.2
figure 00232

Action frameworks

Full size image

2.1.1 ITIL Overview

ITIL was created by the UK’s Office of Government Commerce (OGC) to organize IT management in the public sector. ITIL is now managed by the Information Technology Service Management Forum (ITSMF). ITIL is in its third edition, called ITIL V3, released in 2007. One of the main goals of ITIL is to transform IT departments into service-oriented organizations (Fig. 23.3).

Fig. 23.3
figure 00233

ITIL’s service management: service strategy, service design, service transition, service operation and continual service improvement

Full size image

Service management is a set of specialized organizational capabilities for providing value to customers in the form of services (Office of Government Commerce 2007).

ITIL doesn’t include mechanisms to evaluate the reference quality levels or measurement of quality improvement, so it could be interesting to use ITIL with one of the models of excellence in management, as proposed by the European Foundation for Quality Management EFQM. In the same way, the Six Sigma program and the revised version of ISO 9001:2001 bet to generalize this organizational orientation.

Service providers are more and more focusing on the quality of services; while they adopt an increased focus on business and the customer, they are approaching service delivery and cost optimization. To ensure a complete services management, operational and functional requirements can be expensive and even wrong in an organization.

The quality of a service is the ability it has to meet the needs and expectations of the client, taking into account the effort and cost required to achieve it.

Since the quality of a service is to meet the real needs of customers, it becomes necessary to manage the expectations of them. These should be translated into requirements to develop a system to meet those requirements in a predictable manner, to establish a methodology for action to achieve zero defects at work and to have a measurement procedure for monitoring customer satisfaction.

For the measurement of quality, there are different models. These quality models identify key elements of any organization and provide evaluation mechanisms for improvement. Some of these models are:

  • EFQM: Described in Sect. 2.1.2.

  • ISO 9000: Is a set of rules and they set up a model for the quality assurance in design, development, production, installation and after-sales service. This standard develops and implements a system of quality management in a company.

  • ISO 20000: It describes an integrated set of processes that can effectively deliver IT services to organizations and their customers.

  • CMM: A model for improving development processes that provides guidance for designing effective processes (time and cost) in different domains (development of products and services, acquisitions and maintenance), within the scope of an organization whose main premise is:

    The quality of a product is determined largely by the quality of the process used to develop it and maintain it.

2.1.2 EFQM Model Approach

Once the different models for measuring quality have been described in this chapter, we have focused on EFQM because it is one of the most popular models today. EFQM is the model excellence assessment currently most widely used by European organizations.

An important advantage of the EFQM self-assessment is the quantitative character that it has; in other words, it can be compared against other organizations, and it can be compared to previous assessments of the same organization or between different business units within the same organization.

The EFQM Excellence Model is an instrument to do self-assessment and management. It is used to know in what position is one organization, to guide its management in accordance with the principles of quality management.

The model recognizes that the excellence in everything related to results and performance of an organization can be achieved through different approaches, based on that:

The excellent results regarding the performance of the organization, customers, people and society in which it operates are achieved through leadership that directs and drives the Policy and Strategy, which will be realized through people of the organization, partnerships and resources and processes.

The EFQM Excellence Model (see Fig. 23.4) consists of nine criteria which are divided in two groups: enablers criteria and the results criteria. The first criteria deals with what the organization does and they refer to causal factors whose effects take the form of that in the second criteria. The criteria referred to as results are about what the organization achieves. The results are the result of enablers and enablers are improved using feedback from results (Urbaniak 2004). Also this figure shows the weighting applied to the allocation of points to each of the criteria according to the model, since not all criteria have equal weights in the final score.

Fig. 23.4
figure 00234

The excellence model framework

Full size image

The criteria are interrelated not only within each group but within the whole model. Each criterion is composed by 32 different subcomponents, and these are deployed too, on different elements to consider.

In the previous figure, the arrows highlight the dynamic nature of the model, showing that innovation and learning enhance the work of enabler agents resulting in improved performance.

The nine boxes of the model represented above show the criteria for assessing an organization’s progress towards excellence. The term excellence is used because the model focuses on what an organization does, or could do, to provide an excellent service or product to its customers, service users or stakeholders (Karkoszka and Roszak 2005; Lancucki 2001).

3 Implementing EFQ_TIL Model

Once ITIL and EFQM have been briefly described, in this section we will see the possible relationships that may exist between ITIL processes and criteria/sub-criteria that EFQM defines.

Both ITIL and EFQM models have as one of its basic principles and requirements study and analysis of processes. Both include and promote the process approach as an important element for obtaining efficient results because it allows and requires its measurement and improvement.

With the EFQM model line-up, the enablers of Leadership, People, Policy and Strategy and Partnerships and Resources and with ITIL, which bets by the best management, process to achieve the best quality results of IT services to customers, people and society in general.

The innovative aspect of ITIL is that it focuses on the processes of the EFQM Excellence Model in quality from the perspective of the life cycle of IT services (Strategy, Design, Transition, Operation and Continual Service Improvement).

In the first analysis, we can see that there are some ITIL processes that could be related to the criteria of EFQM; we list them below.

3.1 Criterion 2: Policy and Strategy

Sub-criterion 2.a. The policy and strategy are based on the needs and expectations of current and future stakeholders; they include what the organization does:

  • To collect and analyse information to help define the market and market segment in which the organization operates both now and in the future

  • To understand and to anticipate the needs and expectations of customers, employees, partners, shareholders and society in general

The correspondence of this sub-criterion could be in service design, defined by the process service catalogue management, which provides a single source of information for all products provided by a company. It is a subset of services available from the catalogue of services (defined in the service strategy).

3.2 Criterion 4: Partnerships and Resources

In this sub-criterion 4.b economical and financial resources management, they include what the organization does:

  • Managing the economic and financial resources to support policy and strategy

  • Developing and implementing strategies and economic and financial processes

  • Evaluating investments in tangibles and intangibles

  • Employing mechanisms and economic and financial parameters to ensure a structure for effective and efficient resources

  • Managing the risks of economic and financial resources

This sub-criterion has its correspondence in ITIL in service strategy, within financial management process, which is responsible for evaluating and controlling the costs associated with IT services to provide a quality service to customers with an efficient use of IT resources.

In the sub-criterion 4.e. information and knowledge management, you can include what the organization does:

  • To collect, to organize and to manage the information and knowledge to support policy and strategy

  • To enable internal and external users an appropriate access to information and relevant knowledge

  • To ensure and improve the validity, integrity and security of information.

  • To grow, to develop and to protect intellectual property that only the organization has, to maximize its value for the customer

  • Try to acquire, increase and use the knowledge effectively

  • Build in the organization a climate of innovation and creativity through the use of relevant information resources and knowledge

This sub-criterion has its correspondence in ITIL in service transition, defined by the process knowledge management, which is responsible for collecting, analysing, archiving and sharing knowledge and information within an organization. The primary purpose of this effort is to improve efficiency by reducing the need to rediscover knowledge.

3.3 Criterion 5: Process

Criterion 5 describes how to design, manage and improve organizational processes to support policy and strategy and to satisfy fully, generating increasing value, its customers and other stakeholders.

Since ITIL is composed by different processes, these processes must be well documented and optimized (processes and procedures manuals, service catalogue, etc.); therefore, this criterion of EFQM should get one of the highest scores.

4 Results

The EFQM Model total score ranges from 0 to 1,000 points. In the following figure (Fig. 23.5), we can see, depending on the score, the various surveys carried out by the EFQM through its local partner in Spain which is the Excellence in Club Management (http://www.clubexcelencia.org). This figure tries to show the different levels of score.

Fig. 23.5
figure 00235

EFQM scores

Full size image

The first external recognition (seal of quality, equivalent to a certificate if we spoke of rules) called Commitment to Excellence is awarded to entities applying between 20 and 30 % of the model, while the top prize European Excellence 500+ is awarded to entities applying for more than 50 % of the model, putting on shows how demanding it is.

In this situation we must remember that entities with scores above 350 points are considered important and organizations with a significant development. In turn, organizations that are starting with the implementation of the model and have some degree of development of its management (some about planning, some HR management, performance of certain measurements, etc.) could be around 100 points; it means using about 10 % of what sets the model.

During our study, we worked out the questionnaire with nine criteria of the EFQM model, which were used to measure the quality in ITIL processes. The scale in this questionnaire is from 1 (the worst) to 10 (the best) defining the degree of fulfilment through the concrete criterion in the process.

For instance, for Criterion 5 (Processes), whose maximum score could be 500 (100 points for each sub-criterion), we found some questions of EFQM related to all Criteria 5x that were covered by some processes of ITIL, so finally we assigned 60 points to each criterion 5a, 5b, 5c, 5d and 5e. We proceeded in the same way for the rest of the criteria.

Once we finished applying EFQM questionnaire to main ITIL processes, all received points in the questionnaire were multiplied by the weights of each criterion given in the EFQM model (e.g. processes must be applied a 1.4 weight). Adding all these final scores of each criterion, we obtained a final score 117.6 (Fig. 23.6):

Fig. 23.6
figure 00236

EFQM punctuation calculated in our model

Full size image

As can be seen in the previous figure (Fig. 23.6), with a very basic analysis, we could say we have a score of 117.6. So, hopefully, doing a more thorough analysis, we can achieve some level of those proposed by EFQM.

5 Conclusions

The main goal of the researchers has stated as deployment of a comprehensive integrate model to measure the quality of processes in the implementation of ITIL in an organization using the EFQM model, in order to, first, make a proper correlation of ITIL processes and criteria EFQM and, second, explore possible deployment scenarios that maximize the results of evaluations conducted by EFQM. We called this model in our study as EFQ_TIL.

After performing this first analysis, there is some relationship between ITIL and EFQM. Thus, we could say that if an organization implements ITIL, met in a way, some questions that EFQM model raises to obtain EFQM excellence.

As future work, it should specify in greater detail what criteria are covered in full and which are not covered by ITIL, and we should use other methodologies, standards such as ISO 9000 and ISO/IEC 38500.