WHAT GOOD ITSM LOOKS LIKE

Guide  ·  Operating Model Signals and Control Points

ITSM GUIDE

Customer

People know where to go, what to expect, and how quickly they will hear back.

Stability

Fewer repeat failures, faster restoration, and recovery plans that are actually practiced.

Flow

Work is triaged, aged, and completed with minimal queue waste and fewer handoffs.

Control

Risk is visible, standard change is frictionless, and exceptions are explicit.

Insight

Leaders can see service health, dependency risk, backlog stress, and ownership gaps.

Learning

Problems get removed, knowledge gets reused, and measures change behaviour.

Service Portfolio & Governance
  • Named ownership: every live service has a service owner, support model, business criticality, and a clear decision path.
  • Useful catalogue: services and requests are written in customer language with eligibility, lead time, and support boundaries visible.
  • Minimum viable control: policy sets guardrails for security, continuity, data, and supplier risk without forcing every request through the same gate.
  • Lifecycle discipline: new services, major changes, and retirements all have entry criteria, readiness checks, and accountable sign-off.
Demand, Request & Access
  • One front door: portal, chat, phone, and email converge into the same triage logic and service language.
  • Automation where it helps: standard fulfilment, approvals, and joiner-mover-leaver flows are automated before more headcount is added.
  • Requests do not masquerade as incidents: urgency, demand, and failure are separated so teams can manage flow properly.
  • Knowledge-first resolution: self-service and analyst guidance are maintained because they reduce avoidable contacts.
Service Desk & Collaboration
  • Strong triage: analysts capture impact, symptoms, recent change, and affected service instead of writing vague tickets.
  • Swarm early: teams pull expertise to the issue instead of bouncing work through resolver queues.
  • Case ownership holds: one person keeps the customer narrative intact until resolution or handback is complete.
  • Shift-left is selective: work only moves closer to the front line when tools, authority, and knowledge move with it.
Incident & Major Incident
  • Impact-based severity: priority reflects business consequence, not ticket volume or who is shouting.
  • Separate command from execution: one lead runs the bridge, another owns comms, and specialists focus on diagnosis and restore.
  • Restore first, explain clearly: technical detail supports decisions, while stakeholders receive concise updates with time, impact, and next step.
  • Major incident is rehearsed: on-call roles, comms templates, and supplier escalation paths are tested before the real event.

Healthy Signal

Updates are timely, ownership is visible, and workstreams are coordinated without duplicate effort.

Weak Signal

Priority changes repeatedly, the bridge turns into troubleshooting theatre, and nobody owns the customer message.

Problem, Knowledge & Learning
  • Problems are selected economically: repeat incidents, material risk, toil, and avoidable cost drive attention.
  • Known errors are usable: workarounds are easy to find during live support, not buried in PIR documents.
  • RCA is proportionate: focus on system conditions, control gaps, and recovery weakness rather than blame.
  • Learning closes the loop: corrective actions land in backlogs with owners, dates, and outcome measures.
Change Enablement & Release
  • Standard change is genuinely standard: pre-authorised, low-risk work should move at speed with evidence, not meetings.
  • Risk-based assessment: higher-risk change considers blast radius, reversibility, timing, dependency exposure, and implementation maturity.
  • Release and change align: deployment tooling, testing evidence, freeze rules, and communication plans tell one coherent story.
  • Change success is honest: failed, backed-out, and degraded changes are counted because hidden pain erodes trust.
Configuration, Asset & Supplier Control
  • Decision-grade CMDB: track the services, assets, integrations, and dependencies needed to assess impact and risk, not an imaginary perfect universe.
  • Asset hygiene: ownership, lifecycle state, supportability, warranty, and risk posture are visible for material assets.
  • Supplier clarity: underpinning contracts, support windows, OLAs, and escalation points are known before they are needed.
  • Continuity is practical: recovery targets, failover assumptions, and critical third-party dependencies are validated periodically.
Measures That Matter
Experience Contact ease, response clarity, expectation met, and complaint themes, not just CSAT averages.
Stability Availability, degraded time, repeat incidents, and time to restore by service, not one blended figure.
Flow Backlog age, first-time resolution, reopen rate, handoffs, and request lead time.
Risk Emergency change rate, change success, unpatched exposure, supplier concentration, and continuity gaps.
Learning Problems closed, knowledge reuse, automation adoption, and benefits realised from improvement work.
Operating Cadence & Leadership
  • Daily: service health, ageing work, escalations, and blockers.
  • Weekly: risk, change horizon, supplier issues, and improvement progress.
  • Monthly: service review, trend analysis, and investment decisions.
  • Leaders ask: what is repeating, ageing, risky, or unclear?
  • Leaders avoid: rewarding ticket closure while ignoring quality, rework, or customer effort.
  • Teams feel: safe to escalate early, challenge weak data, and retire failing process.
What Good ITSM Looks Like · v1.0 guides.matstrange.net