Beyond20: A ServiceNow Elite Partner focused on Changing Work Life Overview of the ITIL 4 Maturity Model and Assessment - Beyond20

An Overview of the ITIL 4 Maturity Model and Assessment (and why they're important)

Written by David Crouch

The ITIL 4 framework has introduced several new concepts, tools, and techniques that broadened the perspective on how we deliver innovative products and services to our customers, beyond solely looking at process improvement and, instead, focuses our teams on how the entire organization’s system can better work together to deliver value.  One of the things the ITIL 4 framework did not include, however, was a standardized, objective, and integrated way to assess where we are as an organization and determine whether we are making tangible progress on our service management efforts – until now! Enter the official ITIL 4 Maturity Model and Assessment.

Beyond20 is the first and only Elite Axelos Consulting Partner in the United States. To brag, we also have more certified ITIL 4 Maturity Model assessors than anyone else in the US.

This article gives an overview of the new ITIL Maturity Model, the first of its kind from Axelos, the creators of ITIL 4.  We will also include examples from our own consulting work and experience as an AXELOS Consulting Partner (ACP).  We examine the components of the model, the different types of assessments available, and how assessments are scored.  We will also provide details on related maturity models like the Capability Maturity Model Integration (CMMI), Gartner Maturity Model, International Standards Organization 20000 (ISO 20000), and the Digital Positioning Model, comparing them, and discussing when to consider each one.  Ultimately, we discuss what differentiates the ITIL Maturity Model and how it can help IT leaders improve how their teams work.

What is the ITIL 4 Maturity Model?

The ITIL Maturity Model, released in September, is an IT service management (ITSM) assessment instrument that can be used by teams at any point in their ITSM journey.  For example, we have several clients that have implemented ITIL v3 processes over the years and are using the ITIL Maturity Model to gain visibility into how their teams are working, identify both short- and long-term improvements, and more easily transition to an ITIL 4 mindset.

So, how is the ITIL Maturity Model different from other maturity models?  Over the last 15 years, our team has designed and delivered a wide range of assessments and maturity models for clients, ones that are more skills-based or leadership focused, ones that are more process-based, and others that look at how the wider organization is functioning.  We’ve developed our assessment methods over the years from helping our clients address their specific organizational challenges and goals.  With that said, the difference between the assessments we’ve traditional performed for clients and the new ITIL 4 Maturity Model is that, in addition to being able to leverage the collective expertise of a team of experienced consultants, the ITIL Maturity Model defines specific, objective, and standardized criteria by which to assess a team’s processes and practices as well as the larger ecosystem, making the entire assessment much less subjective in nature.

The ITIL Maturity Model does not evaluate an organization’s adoption of or adherence to ITIL guidance . . . it assesses an organization’s service management capabilities regardless of the ITSM guidance or best practices referenced.

Another key reason to use the ITIL Maturity Model is to support a team’s continual improvement efforts by identifying areas where the organization is weak and where improvements can yield the greatest benefit.  Additionally, leaders can leverage the model to track progress of existing improvement initiatives, benchmark their results against similar organizations, and receive a formal certification from Axelos on the organization’s maturity level.  For several of our clients, having an Axelos ITIL Maturity Model certificate is way to establish and/or deepen trust with their customers.

Although the ITIL Maturity Model is based on ITIL 4 concepts, it is important to note that the assessment does not specifically evaluate an organization’s adoption of or adherence to ITIL guidance.  As a collection of best practices, the ITIL framework does not provide a “playbook” or a strict set of standards.  What it does provide, however, is a way to look at our organization’s overall service management capabilities, understand how effectively we’re delivering great products and services to our customers, and come away with several actionable improvement ideas.

The ITIL Maturity Model Goes Beyond Individual Processes

The ITIL Maturity Model assesses much more than siloed processes or individual practices.  It aims to assess an organization’s entire service management ecosystem.  This comprehensive approach stands as one of the main differentiators between the ITIL model and other approaches.

Looking at All 4 Dimensions of Service Management

To provide this larger view, the ITIL maturity model uses the Four Dimensions of service management to look at how our organization is functioning as well as the interactions between our people, teams, toolsets, flow of information, and third parties (as shown in the figure here).

Four Dimensions of Service Management

ITIL 4 Four Dimensions of Service Management

Prior to the release of ITIL 4, most organizations documented common ITIL processes like Incident Management, Change Management (now called Change Enablement), and Request Fulfillment.  They made sure employees were following the documented processes and often automated them in an ITSM platform.  However, what we’ve seen over the years is that this approach to service management is too narrow to bring about transformative change across an organization and in the eyes of our customers.

Why Only Looking at Individual Processes is Too Narrow a Focus

While having documented and repeatable processes is beneficial, organizations with a shaky service management foundation are bound to hit a plateau and stagnate, or in the worst cases, degrade over time.  For example, if we don’t have well defined and understood guiding principles, the right mindset, or shared values in place, we tend to lack direction and have trouble ensuring the right behaviors day-to-day.  Even if our core processes are standardized, they may not be aligned with the right objectives or contribute to meaningful progress across the organization.  Similarly, if we have repeatable but siloed processes, we often suffer from excessive hand-offs, delays, and lack of knowledge being shared between processes.  For these reasons, taking the broader view that the ITIL Maturity Model provides is so important.

The Importance of Looking at the Entire Service Value System

Service Value System with Descriptions

ITIL 4 Service Value System

Even in cases where an organization is not specifically using ITIL guidance, the components of SVS are evaluated.  There is an implicit assumption that an effective and efficient organization must develop some level of each of these components to be successful.

The ITIL Maturity Model aims to assess an organization’s entire service management ecosystem . . . this stands as one of the main differentiators between the ITIL model and other approaches.

An Example of How a Myopic Focus on Process Falls Short

To put this comprehensive approach into context, consider one of my first consulting engagements with a major IT managed service provider (MSP).  The MSP hired us to assess several ITIL practices and associated processes, including how well their teams were handling incidents, requests, and changes.  Our analysis revealed that these practices were reasonably good – largely documented, repeatable, and staffed with skilled professionals.  Moreover, the organization had good governance in place and routinely improved their products and services.  Then why was the organization stagnating in terms of attracting new customers and, in fact, beginning to lose several strategic clients?

As it turns out, the MSP lacked guiding principles, and although employees at all levels believed they understood the values and direction of the organization, values were often in conflict with each other.  The weakest link in the organization related to its lack of effective value streams, particularly new customer onboarding and ideation-to-product development.  Although individual processes were solid, process interfaces were tenuous and hand-offs between teams were more common than cross-functional collaboration.  In short, it took a lot more than a simple process review or a more involved, CMMI-style assessment to uncover the root causes of the organizations challenges.

Types of ITIL Maturity Model Assessments

There are three types of ITIL Maturity Model assessments, which we will explore in more detail below:

  • Capability, which looks at one or more specific practices.
  • Maturity, which looks at some or all the components of the SVS and a few, select practices.
  • Comprehensive, which looks at all the components of the SVS and at least seven practices.

Although a comprehensive ITIL maturity assessment provides the most holistic view of the organization, the ITIL Maturity Model is flexible and recognizes that organizations and teams have different needs. To accommodate this, three types of assessments are available, depending on the scope and level of effort with which a team is comfortable.

Capability Assessment

At the most basic level, a Capability Assessment can be performed to evaluate one or more selected practices.  For example, if a team is experiencing an unusually high number of incidents related to failed changes, it may be interested in this type of assessment to dig deeper into the Change Enablement Practice.  In some cases, this type of focused assessment is spot on and directly addresses the issue. However, a review of the Change Enablement Practice could also reveal weaknesses with adjacent practices such as Service Configuration Management, IT Asset Management, Release Management, Deployment Management, Disaster Recovery, and even Incident Management.  So, when we think about the complexity of an organization and value streams that cross conventional process silos, an assessment of several practices can be much more helpful to get a more complete view of the situation.

A value stream is a series of steps an organization undertakes to create and deliver products and services to consumers.  Value streams often cross practice and process silos.

Maturity Assessment

A high-level Maturity Assessment offers a broader level of assessment.   In this case, a team can choose to assess its larger ecosystem at a high level with or without evaluating any specific practices.  For many teams, this is a good option since it provides the opportunity to gain an understanding of areas like Guiding Principles (our shared values), Governance (the guardrails in place), and the Service Value Chain (the key steps involved in getting work done), which are not reviewed in a conventional assessment; but also accommodates deeper analysis of one or more relevant practices.

Comprehensive Assessment

The most comprehensive version of the assessment is called – wait for it – the Comprehensive Assessment.  Not only are the Service Value System components analyzed, but teams also assess seven or more practices in-depth.  The Comprehensive Assessment – or as I like to call it, “the works,” – is geared towards organizations that have the wear-with-all to commit the time, energy, and focus to a comprehensive improvement regime.  What is superb about “the works” is that analyzing seven relevant and complementary practices allows an organization to develop what I call a “zone of confluence” – practices that help the organization to improve the overall customer experience and find operational efficiencies without sacrificing one for the other.

The table below compares the key characteristics of the three types of assessment:

Comparison of three assessment types

Assessment Type Comparison

General ITIL Maturity Model Approach and Evidence

After agreeing on the scope of the assessment, the assessor and client leaders determine a general approach.  An assessor has latitude in determining which techniques to use and which pieces of evidence best support an informed opinion.  Typically, a certified assessor uses some combination of document review, key stakeholder interviews, and systems and records review.  Other techniques, such as surveys and direct observation (for example, of the Service Desk team) are additional alternatives.

Evidence gathering is often iterative.  For example, an assessor may perform a document review, which includes incident reports, change records and policy documents.  Then, the assessor interviews key stakeholders only to learn about additional reports and documentation that would be useful in performing the assessment.  The assessor would then locate these documents and continue the review.  The table below provides additional detail about key types of evidence:

Assessment Evidence

Assessment Evidence

ITIL Maturity Model Scoring: Maturity and Capability

How, then, does the evidence contribute to a score?  There are two types of scoring, depending on the type of assessment performed.  A Maturity assessment evaluates the entire service value system on a scale from 1 to 5.  A Capability assessment only focuses on specific practices and also uses a scale from 1 to 5; and a Comprehensive assessment looks at both. Let’s take a closer look at how the assessments are scored.

Maturity Assessment Scoring

In a Maturity assessment, each component of the SVS is individually reviewed and assessed using the 4 Dimensions concept (People and Organization, Value Streams and Processes, Information and Technology, Partners and Suppliers) on a five-point scale.  Each component has specific criteria that define each maturity level.  This is important because the evaluation of specific criteria provides a more objective assessment than relying solely on the subjective and relative judgement of the assessor.

The five maturity levels are very similar to the CMMI Maturity levels (indeed, they are virtually identically named):

SVS Maturity Levels

Service Value System Maturity Levels from the ITIL Maturity Model Assessment Guide

In addition to rating overall SVS maturity, individual Practice capability can be assessed.  For each practice, practice success factors (PSFs) are identified along with capability criterion.  Additionally, each practice is evaluated along the Four Dimensions.  For example, consider a few lines from the Service Request Management Practice:

PSF and Capability Criterion Example

Service Request Management PSF and Capability Criterion Example from the ITIL Maturity Model Overview

As with the Maturity Assessment, a major benefit of the Capability assessment is that specific PSFs and detailed capability criteria are provided as part of the assessment process.  This approach provides an objective, evidence-based assessment rather than relying on the opinions of an assessor or inconsistent, changing criteria.  What’s more, concrete criteria help to uncover specific practice weaknesses, and thus, provide for more targeted and effective solutions.

Capability Assessment Scoring

The overall Capability levels that look at specific ITIL practices are detailed in the table below:

Practice Capability Levels from the ITIL Maturity Model Assessment Guide

Practice Capability Levels from the ITIL Maturity Model Assessment Guide

Depending on the type of report produced, it will often contain scores for each area assessed along with spider-diagrams and recommendations on actionable, short and mid-term improvements.  The figure below shows an example of the type of information that’s included in an assessment report.

ITIL Maturity Model Spider Diagram and Scoring Example

ITIL Maturity Model Spider Diagram and Scoring Example

Common Questions around ITIL Maturity Model Assessments

Who can Perform an ITIL Maturity Model Assessment?

An official ITIL Maturity, Capability, or Comprehensive Assessment can only be performed by a licensed Axelos Consulting Partner (ACP) and accredited assessor; and the vetting process required to perform these assessments provides confidence in the quality of both the assessor and their firm and ensures you’ll receive an assessment that’s objective and, most importantly, useful in improving your organization and its service management capabilities.  Assessors are required to show evidence of ITSM and consulting experience, pass a rigorous examination, and undergo a credentialing process.  Furthermore, only an ACP can certify maturity and capability scores.  ACPs must meet a set of stringent standards established by Axelos, including maintaining an assessment portfolio, retaining archival evidence of past assessments, providing annual assessment summary statistics, and having certified lead assessors who have passed an exam and demonstrate significant experiential requirements.

Currently there are over 100 ACPs globally, but only a handful are qualified to perform ITIL Maturity Assessments.  In fact, in North America, only two companies have qualified ITIL Maturity Assessors on staff (Beyond20 is one of them).

Do we Receive an Official ITIL Maturity Model Certificate?

If you’ve had a maturity assessment or practice capability assessment performed by an ACP and led by an accredited ITIL consultant, your organization can receive an official certification from Axelos.  Not only does it show evidence of maturity, it speaks to an organization’s commitment to quality and continual improvement and serves as a differentiator in the marketplace.  Assessments can be delivered with or without a certificate. It really depends on the needs of your team.

How Often Should We Get an ITIL Maturity Model Assessment Done?

Assessments can be done at any time and at any frequency.  We tend to see our clients perform reassessments annually, so they can see the level of progress that has been made and what has changed year over year.  An official certificate can be issued with each reassessment.

Are Benchmarking Reports for the ITIL Maturity Model Available?

Axelos and accredited ACPs worldwide are currently collecting this data for a variety of public and private sector organizations; and Axelos will make specific benchmarking reports available in the future.

How Does the ITIL Maturity Model Compare with Other Maturity Models?

The ITIL Maturity Model is not the first maturity model on the market, though it is the most comprehensive when it comes to ITSM.  Further, it is the first maturity model based on the ITIL 4 framework.  Outside of the Axelos model, the most well-known maturity models include CMMI and Gartner’s Maturity Model.  We will take a look at how the ITIL Maturity Model compares against each one.

One size does not fit all when it comes to maturity models.

CMMI was developed with collaborators from private industry, the Software Engineering Institute (SEI), and government at Carnegie Melon University.  Part of the goal of developing CMMI was to improve the usefulness of maturity frameworks by folding many maturity frameworks into one broadly applicable model.  Although the elegant model to end all models is appealing in theory, one size does not fit all when it comes to maturity models.  In fact, one author bluntly wonders, Is CMMI Dead Yet?  If Not, Can IT Be?  Although the ITIL Maturity Model borrows its levels from CMMI, the ITIL Model directly focuses on the Service Value System, essentially the business model of an organization, which makes it more relevant to Service Management.  The ITIL Model also provides concrete practice success factors and criteria, which is not included as part of CMMI.

Maturity Model Comparison

Maturity Model Comparison

The Gartner Model focuses on assessing the maturity of a variety of IT “functions” such as leadership, finance, and innovation, to name a few.  It also uses a maturity scale similar to CMMI.  Although the Gartner model addresses many of the key elements of IT, it does not specifically provide for assessment of practice maturity in the way that the ITIL model does.

In short, although the CMMI and Gartner Models as well as a number of other standards, such as ISO 20000, are reasonable and serve a purpose, the ITIL Maturity model is better suited to assess an organization’s Service Management efforts.

The beauty of the ITIL Maturity Model is that it sees both “the forest and the trees” as it has the capability and flexibility to look at both the organization as a whole and also delve into the specifics of critical practices.  The ITIL Maturity Model can help us understand and begin to solve our most pressing service management and business challenges, so we can focus on higher value work and deliver better services to our customers and users.

Interested in having your organization assessed?

Learn more about how we can help your team meet its organizational goals with an ITIL Maturity Assessment.
View our ITIL Maturity Assessment Offerings

Originally published November 11 2021, updated June 06 2023