CobiT, ITIL v3, ISO 27002: Benefits and risks
By the beginning of the 1990’s an increasing number of IT departments started using process oriented models like ITIL, ISO/IEC 9000 and CMM(i). Later on substituted by CobiT, ISO/IEC 27002, ASL, BiSL, ISO/IEC 20000 and many more. That these models helped professionalize IT and transform themselves from a technology playground to a more business and service oriented procession is without a doubt. A survey among 503 companies on the benefits of ITIL shows that with the increased maturity of the IT function, also the realized benefits increased, while the perception of implementation challenges decreases ( 2010 [FZ1] ). From a strategic standpoint is the added value however limited as ITIL implementations can be easily imitated by competitors, leveling the playing field again. Furthermore is there a considerable risk implementations will end up in a swamp due to over-engineered procedures, templates, PPI and KPI reports and lack of fundamental understanding of the concept behind ITIL. A r