What is ITIL?

What ITIL is

ITIL is a framework of recommended good practice for running IT services. It's owned and published by PeopleCert, the professional certification body that acquired the framework and now maintains and develops it. It's guidance - a structured set of ideas and practices - not a law, a regulation or a piece of software.

The framework originated in the UK in the late 1980s, when the government commissioned a set of best-practice guidance books for IT operations. It went through several major versions and is now on its fourth iteration, ITIL 4, published in 2019. Each version updated the guidance to reflect how IT and business had changed.

Organisations that follow ITIL aren't bound to implement every practice. Most pick the parts most relevant to their size and context, using the framework as a menu of proven approaches rather than a checklist to complete in full.

What ITIL is for

ITIL's core purpose is to give an IT team a consistent, reliable way to run services. Without a shared structure, different team members handle the same kinds of problem differently, communication breaks down and it's hard to tell whether things are improving or getting worse. ITIL solves this by providing named practices, clear roles and a shared vocabulary.

The practices it covers include incident management (how to respond when something breaks), change management (how to make updates without causing disruption) and continual improvement (how to systematically get better over time). These are the everyday situations that IT downtime and poor IT management create in businesses that lack a structured approach.

The result, when it's working well, is that the business experiences IT as reliable and responsive: problems get fixed consistently, changes don't cause unexpected outages and the team has a clear process for every routine situation it faces.

ITIL, ITSM and COBIT

ITIL is the leading framework for IT service management (ITSM) - the discipline of running IT as a managed service to the business. The two terms are related but distinct: ITSM is the goal, ITIL is the most widely used guidance for reaching it.

Alongside ITIL sits ISO/IEC 20000, the international standard for IT service management. Where ITIL is guidance that organisations follow voluntarily, ISO/IEC 20000 is a certifiable standard that a provider can be independently audited against. A supplier holding ISO/IEC 20000 certification has demonstrated their ITSM processes meet a defined international benchmark.

COBIT sits at a different level. It's a governance framework focused on how technology aligns with business goals and how risk and accountability are structured - which is why it connects closely to the broader subject of IT governance. ITIL answers "how do we run IT services well?"; COBIT answers "how do we direct and govern IT across the organisation?".

Why ITIL matters to a non-technical buyer

You won't implement ITIL yourself. But an IT provider that follows it is signalling something important: that they've built their operations around a mature, structured approach, with defined processes for the situations that affect you most.

When things go wrong - a server is down, a critical system is unavailable - you want to know your provider has a clear, rehearsed process for responding and communicating. ITIL's incident and problem management practices are exactly that: structured responses to the situations that cost businesses time and money.

Asking a prospective IT partner whether their team is ITIL-trained, or whether their service desk follows ITIL practices, is a reasonable and specific question. The answer tells you whether you're dealing with a provider who works to recognised professional standards or one making it up as they go.

Frequently asked questions