Service Management Blog

Maturity Models for ITIL Processes and Functions

4 minute read
Muhammad Raza

A maturity model is an instrument that evaluates the current position, strengths, weaknesses, and opportunities of certain aspects in your company. Maturity models can provide objectivity, particularly around:

To ensure that your proposed improvements actually align with business needs, you need capability assessment is required. That’s where the maturity model comes in. In this article, we’ll look at maturity models in general and then look at the ITIL maturity model.

Download Now: ITIL 4 Best Practice e-Books

These all-new for 2020 ITIL e-books highlight important elements of ITIL 4 best practices. Quickly understand key changes and actionable concepts, written by ITIL 4 contributors.

(This article is part of our ITIL 4 Guide. Use the right-hand menu to navigate.)

ITSM maturity models

ITSM frameworks incorporate a range of maturity models. These support the goal of continuous improvement. While each maturity model works differently, a common design methodology is shared. These models evaluate factors such as:

  • Organizational goals
  • External requirements
  • Functional capacity
  • Other factors that determine a company’s positioning relative to ITSM capabilities and quality of IT services delivered to end users

The characteristics of the organization are identified at multiple maturity levels based on specific criteria. These levels are sequential and range from lowest IT capability to high maturity in leveraging appropriate IT functions.

In this article, we’ll review the maturity model per ITIL as it’s the most widely-adopted best-practices framework, then explore best practices for maturing modeling.

The ITIL maturity model

ITIL service lifecycle documents guidelines for various ITSM processes and functions. According to ITIL, Process is any structured set of activities designed to accomplish certain tasks. Examples of Processes include change management and problem management. IT functions, then, are defined as the teams, tools, and resources used to perform activities within those processes.

In ITIL maturity model assessment consists of a questionnaire about the demographics, attributes, inputs, interfaces, and outputs related to ITIL processes and functions. The maturity level of each process and function is then determined according to the following five levels.

Level 1: Initial

The first maturity level finds that the processes and functions are disorganized, suggesting potential issues that must be identified and addressed to improve ITSM capability. Resource allocation is performed on a case-by-case basis and activities don’t follow pre-defined best practices. The processes and functions involved are not vital to the core business.

Successful execution of these activities may depend on the skillset and expertise of individuals who take the initiative, not on any overarching support or structure.

Level 2: Repeatable

You’ve adopted an intuitive project-based approach to effectively provide services for specific ITIL processes and functions. You determine the stakeholders and project objectives beforehand, with the goal of obtaining high customer satisfaction.

Though activities are pre-defined, successful implementation depends on the individuals involved. Providing informal training ensures individuals are responsible for following a regular pattern to execute the activities. The lack of coordination and support also leads to human errors, irregularities, and inefficiencies during the implementation process.

Level 3: Defined

In the Defined level, you’ll likely see a qualitative approach for managing IT service processes:

  • You’ve documented and standardized processes.
  • Corporate knowledge and external requirements shape and enforce ITSM policies.
  • You adopt appropriate measures to ensure efficient process execution.
  • Regular training and adequate resources are available as individuals are compelled to follow a proactive approach to perform the ITSM activities.

At this stage, the capability outlook of the organization is characterized by higher quality and productivity and lower risks.

Level 4: Managed

A Managed maturity level means that you manage the functions and processes in line with a quantitative approach:

  • IT departments recognize appropriate activities and set specific targets to align IT with your company’s business strategy.
  • Monitoring of appropriate metrics ensures continuous improvement of the organization’s IT capability.
  • Automation tools are widely adopted.
  • Cross-functional collaboration and knowledge sharing is facilitated.

During this stage, processes are robust, and the risk of failure is low. Additional funding is commonly available to serve additional requirements or prevent failures.

Level 5: Optimized

The highest level of the maturity model is achieved when all process activities are subject to strong governance controls:

  • Automation tools and monitoring coordinate tasks and improvements across the service lifecycle.
  • A feedback loop ensures iterative and continuous improvements.
  • Consistent governance controls across the organization and all ITSM process activities are integrated with the business objectives.

Best practices for maturity modeling

By evaluating the maturity level, organizations can identify an appropriate starting point for their ITIL implementation strategies. The challenge is not necessarily about knowing which processes and functions lack the necessary resources, policies, and management oversight. Instead, it is often unclear how to implement ITIL best-practices in complex enterprise IT environments, where processes are tightly integrated. Any proposed improvements will require careful strategic planning and prioritization across all processes. Contextual information is necessary to evaluate the resulting impact.

As part of an IT governance strategy, the following ITIL guiding principles should be adopted to improve ITSM maturity capability:

  • Focus on value. Measure the impact of process improvement initiatives. Focus on activities that yield gradual but continuous improvement in ITSM maturity
  • Start where you are. Your workforce and resource capacity may be inadequate to perform significant jumps. Take advantage of past improvements by re-using existing services from the current state.
  • Progress iteratively with feedback. Apply iterative improvements to the processes and evaluate the impact. Evaluate the service lifecycle to identify potential improvements, risks and opportunities.
  • Collaborate and promote visibility. Identify all stakeholders relevant to the processes and functions that need improvements. Understand their contributions and make decisions using appropriate metrics.
  • Think and work holistically. Consider the integrations and dependencies between processes. End-to-end visibility may be critical to make the right decisions from the perspective of a complete service lifecycle. Leverage automation tools to reduce the requirements on manual efforts and the error risk.
  • Keep it simple and practical. Focus on frequent and measurable outcomes that will lift your ITSM maturity level. Improvements in ITSM capabilities should translate into tangible business value and customer satisfaction.
  • Optimize and automate. This is an ongoing process, since the current state of ITSM maturity capability may in inadequate for the changing business needs in the future.

With any approach, there are some limitations. Any ITSM maturity model is a tool, and it may not always evaluate all attributes that define the true ITSM capability. The cost and complexity involved in conducting a holistic and insightful self-assessment may also outweigh your company’s resources. Capability maturity alone may not provide complete information if it is not adequately benchmarked against similar organizational and ITSM environments.

Many organizations may be inclined to using multiple frameworks for different IT service areas—therefore, multiple maturity models may be required to understand a true and holistic ITSM maturity capability of the organization.

Related reading

ITIL 4 Best Practice e-books

These all-new ITIL e-books highlight important elements of ITIL 4 best practices so that you can quickly understand key changes and actionable concepts. Download now for free!

These postings are my own and do not necessarily represent BMC's position, strategies, or opinion.

See an error or have a suggestion? Please let us know by emailing

BMC Brings the A-Game

BMC works with 86% of the Forbes Global 50 and customers and partners around the world to create their future. With our history of innovation, industry-leading automation, operations, and service management solutions, combined with unmatched flexibility, we help organizations free up time and space to become an Autonomous Digital Enterprise that conquers the opportunities ahead.
Learn more about BMC ›

About the author

Muhammad Raza

Muhammad Raza is a Stockholm-based technology consultant working with leading startups and Fortune 500 firms on thought leadership branding projects across DevOps, Cloud, Security and IoT.