Book review: "I Think Something is Missing From ITIL" by Ian Clayton, reviewed by the IT Skeptic

Recently the IT Skeptic was given a review copy of the book “I Think Something is Missing from ITIL” by the author, Ian Clayton. While the influence of Clayton’s ongoing scrap with the ITIL powers-that-be colours the book and gives personal or negative content too much space, it still forms a powerful critique of ITIL, and even more importantly a fascinating set of ideas for where ITIL should be.

Ian Clayton is President of the IT Service Management Institute (more of that in a later blog), President of Virtual Service Management Corporation, a co-founder of itSMF USA and still active in that organisation.

While Clayton goes way back with ITIL (his organisation holds ITIL trademark licence 001 from OGC) and remains an influence in the USA, it is fair to say he is not one of the ITIL Club, the inner circle of ITIL players that we will look at soon on this blog. Nor I suspect is he one of their favourite people. The situation will not be improved by this book. It tears ITIL and the itSMFI to shreds.

It opens with a cracking metaphor: comparing ITIL to the story of “stone soup”. Remember the story of the guy who says he can make soup from stones, then when no-one likes it he gets everyone to add a little something to improve the flavour and pretty soon they have soup? In Clayton’s telling, ITIL is the stones and everyone implementing has to add their own practices and resources to make a working soup. Brilliant: nailed it in one. [See for more]

Although it takes a hefty swipe at ITIL, the book’s greatest value is the section about what is to come in ITSM. In Clayton’s view it is Holistic Service Management (one of the claimed objectives of the ITIL Refresh) and his organisation provides a version, ‘Managing the Business of IT™ (MBIT™)’. I was particularly stimulated by the four roles of the Service Opportunity Board (p.51). (By the way, perhaps another name might be better. “I have to go present to those SOBs”.) The most powerful core concept is the “holistic” one: driving everything off the service, not treating the service as an emergent artefact from ten or thirteen or five loosely coupled disciplines. The resulting Service Provision Lifecycle™ is excellent. MBIT™ is good stuff. It really does point the way to the next generation of ITSM thinking. It rewards study. [See for more]

But then the book returns to ITIL-bashing with an itemised dissection of ITIL’s faults. No doubt it is (mostly) true, but even this ITIL skeptic found it heavy going: at times pedantic, occasionally harsh, even frustrated. Most of us know ITIL is flawed. Few of us want to read 501 itemised criticisms over 130 pages! This forms a valuable resource for those like Clayton who are developing the next big thing, (and would have been useful to those writing the Refresh if one thought for a moment they would have read it) but for the rest of us wrestling with the practicalities of ITIL it seems overkill.

In places this book has the slightly hysterical edge of one who has been a voice crying in the wilderness for so long. The tone gets stroppy: you can tell Clayton is a man on a mission, and riled. Like so many of the self-published books emerging these days, it also needs the firm hand of a professional editor to tighten up the structure and flow, weed out the personal, balance the content and tidy up a few errors.

For all that, Ian is clearly a deep and ground-breaking thinker about ITSM. So he should be with the likes of Edward van Schaik and other ITSM heavy hitters working with him.

I’m not sure this book will work for its intended purpose “to help any individual working within, or for an IT organization, to better understand the relevance and true value of the core IT Infrastructure Library (ITIL®) guidance to an IT Service Management (ITSM) strategy, and by doing so ensure they are more informed, and can better contribute to the direction and future of ITIL in and outside of their organization” – it may be too destructive.

But for those who make their living from ITIL and wish to seek a deeper understanding; and for those who venture onto this IT Skeptic blog - the philosophers and explorers of ITSM - I commend the book to you as a compendium of the faults of ITIL and as a beacon pointing the way forward in ITSM’s evolution.

And by golly he nails ITIL to the wall: “[ITIL version 2] failed to offer an operational model common to the support and delivery practices and explain how a service progresses from a business requirement to production and stays there in a quality and cost managed mode of operation” (p.35) …and he bloodies the itSMF: “The ownership of ITIL is not in doubt; it will remain with the OGC, but the closely held stewardship and vendor influence remains a growing concern amongst ITIL’s fan base, as the itSMF has failed to establish any governance scheme that encourages open contribution and dialogue amongst the ‘blue-collar’ ITSMers” (p.208)

Rollicking good stuff. The ITIL establishment will not enjoy it.


Is there interest in an updated book on whats missing from ITIL?


An update. The book is no longer available. I rescinded the publishing rights. I have an updated version in draft that inspects V3 to see what if any of the 500+ issues listed were addressed by the refresh. I have also tuned down and out direct criticisms that were borne out of frustration and the time of writing the original version. I have also added about 1200 simialr issues found within ITIL V3.

Given the recent OGC Mandate for Change project, I was wondering if there is interest in a refreshed version? If anyone is interested such a refresh of the original publication, it truly had use to protect consultants against over reaching customer expectations of ITIL, I might move it higher in my list of things to do....

The holistic service management and service lifecycle discussions are of course addressed in more detail in the Guide to the Universal Service Management Body of Knowledge (USMBOK) book I subsequently authored...

Any interest out there?

Three thoughts before the New Year


Since you posted this three thoughts have been rumbling away at the back of my mind with nmore force than usual. Let me stress that these are only thoughts and don't represent my view 100%, but they are the thoughts that I run through at 2am when my daughter's party is still keeping me awake.

1: Is there a basic mismatch between what the more vocal advocates of ITIL believe it should achieve and the requirements of the business? I'm asking the question from a practical perspective rather than a theoretic one in that most business clients I work with want ITIL to fix an IT service that is broken in many many, whereas it is the IT clients who talk about more about adding value to the business and contributing to strategy.

That isn't to say I disagree to the shift towards adding value, but I wonder if ITIL was most powerful as a tool when it had a clearer remit.

2: It is interesting to spot mistakes and omissions in ITIL, but is it more productive to consider why those omissions and mistakes have come about? Is it just lack of discipline and knowledge or is it symptomatic of bigger issues?

3: I live and work in an IT culture absolutley dominated by outsourcing, sub contracting and complex supply and value chains/networks. So why do I still feel our ITSM models do not reflect this? How do I relate the supplier management function badgering a supplier to meet their contractual requirements with both the customers' and the suppliers' CSI and problem management functions?


three responses

1) The path from broken to fixed should point towards adding value. All the things the business think of as "broken" are symptomatic of not being a value-add integrated part of the business. For ITIL to focus on its older internal-fix mindset would be to lose what little outward customer focus it has achieved so far. Rather than wanting ITIL to go back to some traditional roots, I think ITIL doesn't go far enough

2) I think it is symptomatic of a lack of rigour, a narrow contribution base (and yet perversely i think there is also a committee effect), that same inward focus we discussed in (1), and awful reviewing. I'd love to see the world apply the same level of scrutiny and analysis to the other IT frameworks: COBIT, ISO20000, and eSCM; and the generic SM frameworks CMMI-SVC and USMBOK. Would we find the sme level of errors and inconsistencies?

3) narrow contribution base, that same old-school inward focus we discussed in (1). IT has to 'come out' and ITIL is slow to help. For all the lip-service, four books of ITIL are written as if IT existed on an island and dealt with everyone else remotely.

Where is the lack of customer focus

The outsources have learned customer focus a long time a go, their customers are real paying customers and all staff known what it means to lose a customer. In their wold there is no lack of customer focus

On the other hand V3 has very little customer focus. The strategy and service lifecycle concepts are pretty internal with no role for business relationship management or sales.


Profit maximisation is not the same as customer focus


I would say my experience of outsourcers and customer focus is decidedly mixed. The customer focus is largely pre-sale and stops as soon as delivery commences.
Very few outsourcing deals seem to meet the customer's long term expectations. Customers have to bear some of the blame, for instance because they don't make their expectations clear, or because they rely on the personality of their best friend the account manager/salesman.

The idealist in me would love to think that there is a clear link between customer focus as we think of it and commercial success, but I'm not sure there is. What suppliers are usually good at is knowing the tolerance of their clients and the weaknesses in their systems of internal control.

In an odd sense this is where the cloud scores from a customer perspective. You might not get as good a service as buying a bespoke service, but you will at least get the service you are paying for and it will meet your (lowered) expectations.

I'm aware I've made some glib generalisations in this post, as I say my experiences have been mixed, and I know there are suppliers who struggle to provide the service that is in the best interest of their customers.

they know their customers well alright

Yes, I think for many outsourcers their business model is economies of scale, minimum variations between customers, and service at lowest possible cost. So they know their customers well alright: they know exactly how far they can bend them without breaking them, how far they can frustrate them without losing them, how much they can milk them without it being cheaper to back out of the deal.

That is the short term model

Ok, I'm not saying that outsourcers are perfect and I know that not all customers are happy. On the other hand, have you seen a movement back to insourcing?

What I'm saying is that those IT people I have met seem to be quite aware that they have customers and they are dependent on them. That does not mean that they will want to offer good service all the time. There is no reason to believe that internal IT people would any more willing to sacrifice for the good of their internal customer.

Usually people actually want to do a good job and awareness helps them to make better choices.


PS I'm doing a little survey on outsourcing satisfaction but do not have the results yet.



Insourcing has happened in the UK, and incumbent suppliers do get replaced. It is one of the things that keeps me in work. I'll dig out a study for you that was done a couple of years ago over here.. Sadly the mistakes that contribute to dissatisfaction with one contract are often repeated with the new one.

Here's one of my favourite stories about supplier awareness of the impact on their customers

Three counter responses

1) Chris Dancy recently tweeted on ITIL//ITSM as religion. Perhaps the mantra that IT, the sort of day to day IT most of us really do,"adds value" falls into that category. After all it is the job of the business to add value, The role of IT is to enable the business and not get in the way. From a 25 year career I'm struggling to think of cases where I could say the predominant role of operational IT has been to add value. Maybe that's why we struggle to prove ITIL ROI? On the other hand I find it all too easy to think of cases where IT has hampered the business, and quite a few cases where poor IT has deflected attention from an under performing business.

I'm not about to throw the baby out with the bath water. I remain 100% convinced that IT has to have customer focus rather than being about playing with new toys, defending old ways of working, and hiding behind suppliers. What I'm suggesting is that if most IT shops adopted something as simple as a combination of ISO 20000 and 38500 at a reasonable level of maturity then it would make a world of difference. Go back to 1995 and the BSI PD0005 Code of Practice for IT Service Management for an excellent basic guide to what matters in exactly 100 pages. It is better to adopt something simple successfully and in it s entirety, perhaps, than to aim for the moon but blow up on the launch pad.

2) Agree with all that, but is there something more psychological going on? Why do we see so many IT shops who are struggling with the basics suddenly claiming to be doing v3 ITIL? Why do we see so much strategy in v3 when, if the recent Linkedin debate is considered, it seems we haven't got an effective framework for problem management yet? And why does the ITIL world seem unable to apply ITIL to its own business?

3) There is nothing wrong with a marrow contribution base as along as it is the correct one. Since a common complaint about the contribution base is the predominance of suppliers surely that should encourage a bias towards ITIL in an outsourced environment?

OK to return to the religious analogy I am partly playing devil's advocate here. But only partly

three more

1) yes totally agree, "adding value" was the wrong phrase. I've said what I think about IT innovation - load of crap, rare as hens' teeth. i meant adding value as in being useful, packing in behind, contributing to what the business is doing, avoiding dragging the team down.

2) i'm intrigued. My own belief in the rightness of service management is entirely an act of faith based on my own anecdotal evidence. But that evidence is strong that this stuff is worth doing. Failures in its application come I think from running before we can walk, and failing to deal with people issues. I've blogged about this somewhere but I can't find it: technology is changing far too fast for the race to cope with and now process theory is changing too fast too. I don't think you can drag the world into a new generation of ITIL in a year or even five. And you can't build a V3 organisation in five years either.

3) The suppliers who contributed to ITIL are not outsourcing suppliers: they are suppliers of software and consulting and training. the more users of ITIL the better - outsourcing just shrinks their market.
I think most ISO standards committees seem to do a good job of canvassing enough knowledgeable people from a wide enough base, and COBIT didn't do a bad job either. it can be done. So why is there no KCS in ITIL? or ASL? Why does COBIT have whole sections that aren't in ITIL? Why has MOF got more on roles and accountabilities? it was all there...


There would be less mistakes in the above post if it hadn't been for the lack of sleep caused by the aforementioned daughter's party going on downstairs.

Very good questions

1) I think yes
2) This haunts me too. Why do we have all these discussions of some small put important practical details?
3) Me too (I thought it might be Finland only, that other countries still have these big internal IT departments)



Dear Skeptic - overall a fair and balanced review. I'd like to admit to being stroppy sometimes - thats true - the hysterical comment hmmmm - it was written on a Pacific Island in 36hrs on a delayed honeymoon whilst my wife (who was extremely sick at the time) was resting. So my grammar may have been both blunt, rushed, edgy and harsh. The editors decided to leave it all in. From the heart as they say.

My issue is not with ITIL - its a great initiative. It is with how it gets done and the relative lack of respect for other previous and as significant efforts. There is so much good practice out there. ITIL started out with a laudible goal - to be the overall framework around which our industry's body of knowledge could be wrapped.
It failed in that quest.

Its development is insular, slow, and now shrouded by secrecy. This book was written after years of pushing from my company's clients - those putting careers on the line and kids through college on the back of ITIL. The title of th ebook actually came from a customer - funny that as an acronym is spells ITSMI (Freudian?!)"

Finally, I have taken flak about it from many - all relatively good natured as we encourage any comment via our service desk web site (, I have been one of ITILs biggest supporters - its the governance that requires careful scrutiny.

My reason for the book was more to express the dangers of an ITIL only approach and to remind us all of what we are in IT for - to serve the end user and enterprise objectives. You read a lot about Deming's P-D-C-A cycle and its frustrating when you realize it was Deming's teacher Dr. Walter Shewhart who actually came up with the concept, and that Deming himself said a process-improvement only approach will fail - you need to bring management along for the ride. I hope ITIL V3 gets it right this time.

Now for a quick jab at ethics...Why do we still see ITIL Foundation class numbers rocket in the US when the certification scheme is likely to change? Folks who ring us are unaware ITIl is changing and noone is telling them whilst they call with a request for training.

Why are vendors NOT explaining this? Is it the money? Where are course provider ethics in all this? More hysteria from me???? Possibly... again thank you

Where is the "adult supervision" when you need it?

A few thoughts:

1. From the first time I was exposed to ITIL, I found it extremely odd that one of the key principles (continuous process improvement) isn't reflected in how the framework is managed/evolved! How in the world can anyone expect such a framework to grow and evolve properly with such a limited field of input. It's asinine. Personally, I expect v3 to be a disappointment in both quality and content. Especially if the latest business perspective book is any example.
2. In my opinion, the itSMF should have been appointed as the stewards of the framework. That the OGC appointed APM Group (a commercial firm) to take the lead on driving the new certification scheme in a vote of "no confidence" in the itSMF. Leads me to another point...
3. As a member of itSMF USA, I am profoundly disgusted with what passes for representation. I'll likely not renew my membership when it comes up. It seems to me that the organization has de-evolved into little more than the marketing arm of its platinum sponsors. I seem to get more advertisements than things related to being a member. The Local Interest Groups vary greatly in quality and are challenging to attend when you spend your time on the road. I guess that leaves me with one membership perk -- getting discounted admission to the annual meeting. Hmmmmm... let me think... nope, not quite good enough. I think itSMF has lots of potential, but seems to be hamstrung by vendors and international intrigue that it cannot change. I'm not convinced it can overcome this.

Growing up

If it is any consolation we had the same feelings about vendor domination of itSMF in the UK for a long time, and it needed a degree of positive discrimination to make things change. On the other hand it is the vendors who stay around in the long run, whilst most practitioner members only stay active for a short while. So perhaps the current state of itSMF US is just part of the growing pains of a newish organisation. Local groups also seem to take a while to find their feet.

OGC's use of commercial partners is a well established facet of how UK government bodies work. itSMF isn't set up to be an examination board, and APMG's involvement might come as a breath of fresh air after EXIN and ISEB, whose professionalism was sometimes a matter of debate (Two examples, ISEB students not getting their results until it was too late to book a place on the next exam, and EXIN Foundation papers with the same question appearing twice)

Stewardship and Openness

So, FWIW, I agree with you on both points... and I'll expand a little about what I meant. I have no objection to the APM Group running certification. If they can do it, so much the better. I never thought that itSMF should be doing that work.

The problem I see is openness in the evolution of the framework, hence my comment on stewardship. Nothing about the current construction is customer-centric, then again gov't agencies don't necessarily have strong track records in that regard.

APMG in administering the certification program by default becomes best positioned to influence the framework... not the individual content authors. After all, it's what you're tested on that gets you the certificate, not what's in the books. Some of what candidates are tested on now isn't necessarily in the Red/Blue books (depending upon version) today, eh?

I think that itSMF could have been a player in providing the connections to grassroots support and paving the way for how ITIL could have evolved. That's just not how it's unfolded. From what I can tell, I think it's highly unlikely that would ever happen. As a result, I'm betting that the U.S. support base is likely to come apart at high speed looking for something "that just works".

personally I agree about

personally I agree about APMG in as much as I didn't think it was itSMf's business to be going after the business. Although it was more appropriate than going after the other half of the CAR (the publishing bit) which was just crass commercial empire building. I'm glad we lost both: it allows itSMF to focus on what it is there for: representing the members and promoting professionalism in ITSM. (The certification side of CAR can be argued to be appropriate to "promoting professionalism" though personally I suspect the motivations for chasing it were more venal).

What is itSMF for again?

I'll give you the part about promoting professionalism, but I think that's on pretty shaky ground. It's not like holding a certification having to live up to a code of ethics to maintain that certification.

I don't buy the representation part. How does itSMF represent the members? To whom? For what?

In THEORY itSMF represents

In THEORY itSMF represents the interests of members to "harness global resources to strengthen IT Service Management, support its growth into new markets, direct its expansion into new models and protect its integrity.

HP needs to back off in the USA

The vendor issue is not universal in all countries (e.g. mine) but I sure hear it a lot about the USA. HP needs to back off, but if their software product marketing and selling is as crappy there as here, itSMF is their only hope of momentum, so don't expect to see it any time soon.

Likewise the "intrigue". The existing powerbase is in the UK. The USA outguns the rest of the world in money and people numbers. The power shift is inevitable, and won't be pretty.

ITIL v3 and training

I think you'll find that ITIL 3 will take into account that "a process improvement only approach will fail", but what I'm not at all sure about is whether it will provide the additionnal insight into service management that people doing it for real need, or lots of fluffy conceptual stuff. I find the secrecy extremely worrying, especially having written an article in ServiceTalk at the very start of the refresh to try and spark off a public debate. This secrecy also has a knock on impact on the training market, especially when combined with a change in the examining bodies. I think the question I'm asked most frequently at the moment is "Should I bother doing my training now, or hang on until ITIL 3 and the new exams are in place?"

What answer do you think the

What answer do you think the training providers are giving to that question?

Some of the points in the

Some of the points in the sample e-book are no more than differences of opinion while others are just nit-picking and are surely there to make up the numbers. He does make several valid and new (to me) criticisms though. It will be interesting to see how many of the 501 are addressed with version 3.

His criticsm of the anglo-centric language used in the books is mirrored by my annoyance of his use of the word "leverage".

quite a lot that is debatable

Yes there is some nitpicking and quite a lot that is debatable. It is too much for the average reader but it would provide an interesting QA resource. My point in the review is don't let it distract from the solid criticisms and the really intresting HSM concepts. The claim is that this holistic stuff is supposed to be the basis of the Refresh... we shall see. Comments form anyone who has reviewed R3?


The new version takes a systemic approach though not quite what process acolytes are expecting. The influences from product management, industrial engineering and system dynamics are clearly felt.

All in all, a big leap forward from the Deming-flavored V2. Process is a means not the end. Some well established tenets are either evolved or overturned. The cycle begins and ends with the service.


Hmm, what I've seen so far isn't what I would consider a great leap forward. I agree with the basic changes, such as the admission that a process view doesn't solve all your problems, but I'm not getting the feeling that the new books have been written by people who have been there and done it, at least not in the last five years. I agree ITIL3 is more holistic as it stands, but the downside is that the core advice has got relegated to the sidelines.


I can only comment on the one book I've reviewed. I came away with the impression that the authors not only had a deep understanding of the topic, but intentionally sought to balance theory and practice. IMHO, a heavy skew toward practical is as detrimental as a skew towards theory. Teach me to fish, as well as provide a map to the pond.

Will this work for all audiences? Not likely. I, however, found it a welcome relief from the bullet-point inputs/outputs "practical" approach.

Service Management is far more than SS and SD. I welcomed the focus/clarity on this thing called a service. V2 sort of took it for granted that any "non-material good" thrown into an SLA could be a service. That was just plain nonsense. V3 is much more disciplined. I found two new terms to be jarring at first. Now a few weeks later I found myself using them in practice and growing to better appreciate them: Utility and Warranty.

There are areas I wish could have been more fully developed, such as governance and SOA. The "core advice" from V2 was starting to look more like commodity/good practice rather than best-practice or innovation. So I can't say I'm disappointed it won't all be re-packaged and re-sold at the new ITIL prices.

There is one thing for sure that no one has called out. V3 turned out to be far more than a refresh.

As I pondered further on the

As I pondered further on the new version, I was struck by a thought.

V3 brings IT to the service industry, rather than bringing the service industry to IT. ITSM is full of artificial distinctions (ITSM, IT Service, BITA). The draft I reviewed made an effort to remove these distinctions, treating IT as another sector in the service industry. This will probably be jarring for those who psychologically identify themselves as ITSM practitioners rather than SM practitioners. Another artificial distinction.

Some might object, saying IT has special challenges. I'm not convinced. Don't all services have challenges on availability, capacity, and so on?

The more I digest the material, the more it grows on me.

the itSMF may one day regret their choice of name

Very interesting points. I've said before that the itSMF may one day regret their choice of name. That was in a slightly different context, where I've seen IT taking SM skills to the business, e.g. HR asks IT to set up service desk processes for them

It probably would not have been appropriate for the IT Skeptic

It probably would not have been appropriate for the IT Skeptic to sign up as a V3 reviewer but I kinda wish I had now. All these second and third hand reports... My gut instinct (with which I am well endowed) tells me the hype is far exceeding the reality with V3. Not long now until we know...

Stone soup

Oh dear, the stone soup parable has a flavour of truth doesn't it? (Or did we just add that flavour in ourselves?). Too many people taking up ITIL as the latest holy grail over the last few years, instead of critically using the best features? How many more holy grails will IT discover (this week)?
Love your review, Skeptic. .....Ken.

The book can be found here

The book can be found here

Syndicate content