Stephen Mann – ITSM Tool Verification: A Good Or Bad Thing?

ITSM Tool Certifications - Good or Bad Thing? What is your view?

This article has been contributed by Stephen Mann, Senior Analyst at Forrester Research.

I recently stumbled upon the fact that Pink Elephant had introduced a new PinkVERIFY “version,” PinkVERIFY 2011, I assume to move into line with ITIL 2011.

It reminded me that I still owed the IT Service Management (ITSM) Community a blog on such ITSM tool verification or certification schemes based on my own thinking and some quick-and-dirty analysis I did at the start of 2012.

I ran two polls – one I pushed out to 20 ITSM tool vendors and the other I made available to ITSM tool customers via a Forrester blog (“How Do You Value IT Service Management Tool Verification Or Certification Schemes?”).

A Summary of Vendor Responses: 

Firstly, please be advised that this was an unscientific, quick-and-dirty ITSM tool vendor survey and the results should be treated as such. I am just trying to “paint a picture” rather than be precise with a certain degree of accuracy. Of the 13 ITSM tool vendor respondents (2 could not help, 5 didn’t reply):

  1. 10/13 either have, or are planning to get, the latest PinkVERIFY endorsement (this was 3.1 back then). The other 3 all have a previous version of PinkVERIFY and consider it adequate (for now).
  2. Most have seen an increase in RFPs asking for PinkVERIFY (or similar) endorsement, particularly in Europe and North America – the larger the prospect, the more chance there is that they will ask for PinkVERIFY or similar.
  3. In terms of not having PinkVERIFY (or an alternative) being a barrier to shortlist, the consensus was that not having it definitely doesn’t help (Of all the questions answered this was the most vague).
  4. 7/13 of the respondents felt the version of PinkVERIFY certification held to be irrelevant – that RFPs just ask if the product is endorsed and then move on.
  5. All vendors still see PinkVERIFY as the de facto certification/endorsement scheme; with the OGC scheme having greatest traction in the UK and consequently appearing most in UK RFPs.

Customer poll feedback

It was a low response rate (77 responses versus 2000+ blog reads after a month):

As you can see, only 8% would not consider an ITSM tool that does not have an independent verification. In my opinion I think this is great – I expected it to be much higher. Although, from the vendor feedback, most prospective customers still ask for independent verification of some sort in RFP/RFIs. Hopefully customers are not using the lack of it as a barrier to entry.

At the other extreme, 35% place little value in a tool having the “stamp of approval.” Perhaps this is biased by the type of people that generally read my blog? I imagine that if this poll had been publicized via more traditional means this would have been considerably lower.

However, the main headline for me is that ¾ of respondents (thankfully) perceive ITSM tool verification to be a “lesser element” of the overall tool selection process; with just ¼ seeing it as a key part or its absence a deal breaker.

And thus my conclusions …

Whether it is for the right or the wrong reasons, ITSM vendors think that some form of product verification is needed to put a proverbial “tick-in-the-box” to the RFP question around certification. I can’t help think that certification is seen as a “necessary evil” by some and as a good marketing investment by others. The verification itself is not evil – one would like to think that it is purely intended to help organizations with ITSM tool selection – but does it really help? Does certification help find the perfect tool for a not-so-perfect organization? I personally think not, at least not in its current guise (or the popular perception of its current guise).

Such certifications are merely an MOT test (Wikipedia: an annual test of automobile safety, roadworthiness aspects and exhaust emissions required for most vehicles over three years old used on public roads in the United Kingdom) for ITSM tools rather than a robust mechanism for ITSM tool selection. And if the vendor feedback is indicative it is merely the waving of a piece of mandatory paper rather than showing that a tool is “fit-for-purpose” as of right now.

To me the “popularity” of such schemes (and the way that they are currently used) raises a number of thoughts/questions:

  • I have to question what is driving the demand for verification in RFPs: is it ill-informed purchasing functions or ill-informed ITSMers? This definitely needs further analysis. The customer poll response says otherwise (again please note the perceived bias assumed on my part) but maybe it is a little too much of “no one was ever sacked for buying Microsoft/IBM/etc.”
  • Does anyone ever fail verification/certification? I hope that some do at least to give some semblance of reliability and credibility to such schemes. In the case of PinkVERIFY shouldn’t failed certifications also be listed on the Pink Elephant website? At least the OGC shows a few failures have happened BUT without naming names
  • Maybe the real value is in focusing on the differentiators? Is the number of processes verified an indicator of the tool’s capabilities or of the vendor’s marketing budget? Should it focus more on the uncommon processes? Or newer processes? At least some form of process differentiation (at a glance) would allow prospective buyers to step back from the fact that it is 10 verified processes to see which they really need to be supported. Customers should also be educated in the fact that more verified processes doesn’t mean it is a better tool (as the listing by process numbers suggests).
  • Ultimately, the ITSM community needs better educating in the value and use of, and the differences between, certification schemes such as PinkVERIFY and OGC endorsement. BUT, before this, there is still that bigger education need – that of understanding that the current method of creating RFPs and selecting vendors based on a cut-and-paste, ask-for-everything-possible-mentality is so, so flawed. I eventually hope to address this is in a formal piece of work, Forrester willing.

So that’s my 2 cents on ITSM tool verification. How about depositing yours with the Bank of ITSM Review?

This article has been contributed by Stephen Mann, Senior Analyst at Forrester Research.

12 thoughts on “Stephen Mann – ITSM Tool Verification: A Good Or Bad Thing?”

  1. A few years ago a customer of mine demoed their new tool and I asked about some simple, basic action. I think it was how standard changes were entered. The answer was that there was no option for it. When I said that there should be, I was told firmly, this is Pink Verified, so I shut up. I suppose that is the point 😉

  2. It is so funny this came out. I was just telling a colleague I was seriously considering creating a site that could evaluate tools based on usability. Unfortunately for those of us actually having to use the tools its: Does your tools support Change Management? “Yes”.
    Then you actually try to implement a RFC submission based on risk, impact, CI correlation, and the real stuff and it is all re-creating the wheel… nothing is out of the box.
    “Yes” it has the functionality…. but is it agile, easy to use, well thought out, friendly in design in user experience? a big fat “NO”. In fact it was a basterdized bolt-on to meet the verification criteria and not the consumers need for functionality.
    You have motivated me to get on this. Stay tuned for a User Experience based assessment eval…

    1. How do you measure user experience? is it not in the eye of the beholder? I like the idea though. Tripadvisor meets Enterprise Software.

    2. Matt, I think you are ripping into FootPrints Service Core for not having detailed configurations out of the box. I consider it a strength that the product is easy enough to develop your own.

      1. Gregory, when declaring support for a product it would be nice if you declared your allegiance. i.e. It is in your commercial interest to support BMC.

  3. Peter Brooks report on the OGC Software Scheme sums up what these checklists really are and are not.
    What the Scheme is not
    The OGC, APMG & SMCG all recognise that this scheme is not an ITIL certification scheme, and it is not intended to be. You can’t be ‘ITIL compliant’.
    ITIL is a framework, a set of ‘Best Practice’ guidelines. It is not a standard. Consequently no company, tool, project or person could be ‘certified ITIL compliant’.
    However, an individual process can be evaluated to establish if it has those characteristics listed in the ITIL core books as ‘must have’ requirements for the process.
    The Scheme does not rank tools. As an added value, a Licensed Software Assessor in the scheme could offer some type of ranking scheme – but it is not part of the ITIL Software Scheme. See later in this article for other possible add on services.
    The scheme does not offer a guarantee that using a certified piece of software will result in a working ITIL process. What is says is that the software ‘out of the box’ is certified to support the process., However, any toolset could be customized in such a way that it suits customer needs better but no longer complies with the ‘must have’ requirements described in the ITIL core books.

  4. In my experience as an Implementation Consultant for one of the major tool providers, I found customers “demanded” a number of product features they never actually intended to use in practice (such as integrated chat). It seems the ITSM tool market is sufficiently diverse and competitive that customers can get away with demanding features and verifications that are superfluous. However, I believe that reviewing so many functions across so many tools is so tedious for prospective buyers that some level of verification by an external party is a huge time-saver. There is value somewhere in reducing buyer evaluation costs.

  5. Nice article Stephen!

    And good comments from Gregory, Matt & Aale.

    I particularly relate to Brian Hollandsworth’s remarks about “compliance” etc. He’s really summed up a handful of key points about what tool certifications are trying to do.

    Unfortunately, there are way too many folks in ITSM (probably business generally) who expect everything to be handed to them on a plate. In this area of tool certifications they’ll say “But it doesn’t actually tell me which is the best product!” Really?! Come on (those) folks, life is not that simple. Trying to identify the “best” of anything is usually a futile exercise. Use what references resources you have available to narrow your focus – sure, but then finish the job off by considering the constraints or other special requirements you must keep in mind from your own circumstances.

    If it helps anyone to understand a bit more about PinkVERIFY I have written an entry on my own blog answering some Frequently Asked Questions. You can find it here:

    David Ratcliffe
    President, Pink Elephant

  6. I think having some sort of industry standard benchmark is valuable. This won’t tell you that “tool A” is better than “tool b” for your particular organization and needs but it can tell you that “tool A” at least went through the process of verifying it meets the industry standards for X (change, problem, catalog, what have you) while “tool B” did not.

    That alone cannot tell you though what tool is best for you. That is like saying I know what car is best for me based on 1 criteria…safety ratings. So I pick the car with the highest possible safety ratings. Meanwhile it cost a fortune and I am actually a really safe driver and I don’t commute very far. There was another car, much more economical that had lower safety ratings but still, very good. Maybe that would have been the “better” choice – but who knows…it is all about what you are trying to achieve, what your risk appetite is, and what your budget is.

    I have recommended NOT buying a tool because, while it had a ton of functionality/features it was also more expensive. I recommended to go with a tool that was less rich in functionality/feature but did meet all stated requirements and was cheaper. Why should I pay for options that I won’t use? Why add complexity that isn’t needed? Why add functions that my org is not ready to use in the next 3 to 5 years? This is a trap that a lot of “techies” fall for.

    As far as buying HP/IBM/Microsoft vs a smaller player – well, that is risk appetite isn’t it? We have a pretty good idea that HP will be around – I’m not as certain about smaller players. If the ITSM tool is important to me, why should I bet on a company that may disappear? What happens to my support? What about future development? Do they have enough developers? The upside though is you may be the bigger fish and so you can have more say on what is developed, when.

    Anyway, I imagine a lot of this will only become important to Service Providers – why should I worry about this stuff? I should just hire a company to provide me X service – let them figure out how to provision and maintain and use whatever tools they want to do so. My Service Desk is also outsourced – and again, I shouldn’t be concerned about what tool they pick/use. Not my problem. Just like I don’t care about what radio’s Police use – as long as they use them to show up when I need them.

Comments are closed.