The Definitive Guide to ITSM Frameworks

Sophie Danby April 14, 2023
- 18 min read

If your organization is looking for guidance on IT Service Management (ITSM), there are many possible sources of help. Though some approaches are more popular than others, several ITSM frameworks can be useful to organizations.

These procedures can be used alone or blended, so your organization can take what it needs from one or all of these ITSM best practice guidance bodies.

In this article, we’ll cover the six most popular Service Management methodologies, along with their goals, distinctive elements, and benefits. 

Let’s begin!

What is an ITSM framework?

An ITSM framework is a structured approach to implementing ITSM practices that provides guidance on managing IT services effectively and efficiently. 

Even though there are several well-known methodologies, at the end of the day, they all seek to help organizations to standardize their IT Service Management practices, improve the quality of their services, and align their IT services with the needs of their business and customers.

As you surely know, ITIL is, without a doubt, the most adopted guideline. However, it’s not the only one out there – nor is it exclusively used. As we mentioned above, you can either opt for just one guidance methodology or mix them up a bit and take whatever works best for your organization, according to the ITSM, governance, and even your regulatory needs.

The six ITSM frameworks we’ll cover below are:

  • ITIL - Described as “the most widely used guidance in the world on IT Service Management.”

  • COBIT – Described as “a framework for the governance and management of enterprise information and technology, aimed at the whole organization.” 

  • FitSM – Considered a free standard for “lightweight” ITSM.

  • ISO/IEC 20000 – Described as an international standard that shares the requirements organizations need to “establish, implement, maintain, and continually improve a Service Management system.”

  • IT4IT – Described as a “tool for aligning and managing a Digital Enterprise.” 

  • VeriSM – Described as “a Service Management approach for the digital age that helps service providers to create a flexible operating model to meet desired business outcomes.”

Benefits of ITSM framework adoption

An ITSM methodology can benefit your organization regardless of the chosen framework. Some of the benefits include:

  • Improved service quality - A structured approach to managing IT services ensures that they are aligned with business needs and customer requirements and delivered consistently and reliably.

  • Increased efficiency - ITSM frameworks also help organizations to streamline processes and reduce costs, thus increasing efficiency and productivity (and leading to better business outcomes).

  • Better Risk Management - These bodies of ITSM guidance usually include processes for managing risks and minimizing the impact of incidents and disruptions on IT services, helping to manage risks and maintain service continuity in the face of unexpected events.

  • Improved communication and collaboration - They also promote communication and cooperation between different teams and departments in delivering IT services, improving knowledge sharing and decision-making.

  • Compliance with standards and regulations - Abiding by a set of standards or guidelines helps you ensure that your company’s IT services are industry compliant, which can help them to avoid penalties and maintain a good reputation.

ITSM frameworks explained: the six main bodies of ITSM guidance

The six most relevant ITSM frameworks are: ITIL, COBIT, FitSM, ISO/IEC 20000, IT4IT, and VeriSM.


Formerly known as the Information Technology Infrastructure LibraryITIL is a widely adopted framework for ITSM. It provides a set of best practices for managing and delivering IT services effectively and efficiently. The framework is maintained by Axelos.

ITIL is based on a lifecycle approach, which consists of five stages:

  1. Service Strategy
  2. Service Design
  3. Service Transition
  4. Service Operation
  5. Continual Service Improvement

Read more: The Definitive Guide to ITIL


List of the six main benefits of implementing the ITIL framework.

ITIL adoption will have a positive impact on three main areas of your organization:

  • The use of ITSM thinking.
  • The use of specific ITIL best practices.
  • The use of ITIL-aligned ITSM tools.

It’s important to note that organizations can’t be certified since ITIL certifications are intended for individuals.

The key elements of ITIL

The components that make up the ITIL framework include:

  • ITIL service lifecycle - This is the core of ITIL, and it provides a lifecycle approach to IT Service Management.

  • ITIL processes - A set of processes for managing IT services, including Incident Management, Problem Management, Change Enablement, and Service Level Management.

  • ITIL functions - A set of functions for managing IT services. These functions include Service Desk, Technical Management, Application Management, and Operations Management.

  • ITIL roles - A set of roles for managing IT services, including Service Owner, Service Manager, IT Operations Manager, and many others.

  • ITIL Service Management practices - A set of best practices for managing IT services, including IT Governance, Service Portfolio Management, Financial Management for IT Services, and many others.

  • ITIL service providers - Internal Service Providers, Shared Service Providers, and External Service Providers.

  • ITIL Service Assets and Configuration Management - The process of managing the assets and configurations of IT services.


ISACA first created COBIT – previously an acronym for Control Objectives for Information and Related Technology – in 1996 to help with IT audits

Later, it expanded the COBIT framework for broader governance purposes, and it’s now used across multiple industries “for the governance and management of enterprise information and technology, aimed at the whole enterprise. COBIT defines the components and design factors to build and sustain a best-fit governance system.”

In late 2018, COBIT moved from COBIT 5 (updated in 2012) to COBIT 2019. 

Read more: COBIT Framework: A Different Take on Service Management

Why use COBIT?

The COBIT framework is designed to help organizations with a variety of needs, including:

  • Keeping IT running as needed.
  • Increasing business value and reducing business risk.
  • Effective cost management.
  • “Mastering complexity.”
  • Better aligning IT capabilities with business needs.
  • Meeting regulatory compliance needs.
  • Improving the maturity of other standards and best practices.
  • Benchmarking.

The key elements of COBIT

COBIT 2019 introduced new concepts that allow the framework to help organizations tailor a governance system that’s more aligned with business needs. It launched with four publications:

  1. COBIT 2019 Framework: Introduction and Methodology
  2. COBIT 2019 Framework: Governance and Management Objectives
  3. COBIT 2019 Design Guide: Designing an Information and Technology Governance Solution
  4. COBIT 2019 Implementation Guide: Implementing and Optimizing an Information and Technology Governance Solution.

The management objectives, in particular, will be helpful to organizations looking to adopt ITSM best practices. For example:

  • DSS02: Managed service requests and incidents – which is designed to help ensure that all service requests and IT incidents are resolved in an effective and timely manner 
  • BAI06: Managed IT changes – intended to help enable the fast and reliable delivery of changes to the business.

3. FitSM 

Unlike the other bodies of ITSM best practices listed here, FitSM was not created by an established “standards” organization. However, this “lightweight” ITSM best practice option provides training materials for free under a creative commons license. 

It was designed to help organizations deliver the ITSM their businesses need by keeping things “simple, clear, pragmatic, and lightweight.” FitSM is now managed by The IT Education Management Organization (ITEMO) but was initially developed by the FedSM Project and funded by the European Commission. 

The FitSM website shows the content as copyrighted in 2019.

Why use FitSM?

FitSM offers help to organizations without the budget for training courses related to ITSM best-practice guidance. The training materials are free to download and use, and the ITEMO is committed to maintaining this model. 

While FitSM will be attractive, cost-wise, to small organizations, its best practices are suitable for start-ups through to large enterprises. Importantly, the FitSM family of standards is not “a basic ITSM option.” The guidance is especially suited for any organization starting its ITSM best practice journey that doesn’t require the organizational-level certification of ISO/IEC 20000.

The key elements of FitSM

The FitSM standard and best practices are documented and shared across various parts – which can be downloaded from here:

  • FitSM-0 - An overview and vocabulary of the standard.
  • FitSM-1 - Auditable requirements for a Service Management system.
  • FitSM-2 - Objectives and activities.
  • FitSM-3 - Role model of the standard.
  • FitSM-4 - Templates and samples.
  • FitSM-5 - Published guides.
  • FitSM-6 - ITSM maturity assessment.

FitSM is similar to ISO/IEC 20000 Part 1 but far simpler and less detailed. In particular, it’s designed to “reduce the overhead of paperwork.” As with ITIL, it is not intended for organizations to prove conformance, but individuals can gain FitSM certification. 

The FitSM Foundation certificate is a one-day course and a 30-minute multiple-choice examination. There are two advanced certificates:

  1. The FitSM Advanced Service Operation and Control (SOC) is for those in roles related to the operation and control of IT services.
  2. The FitSM Advanced Service Planning and Delivery (SPD) is for those in roles related to planning and delivering IT services.

The FitSM Expert certification can be taken after successfully completing both advanced courses. 

4. ISO/IEC 20000

ISO/IEC 20000 (often called simply ISO 20000) is The International Organization for Standardization (ISO)’s standard for Service Management (not just ITSM). It’s important to appreciate that it’s a standard to be complied with rather than a framework or guidance. ISO/IEC 20000 also applies to both individuals and organizations.

The standard is based on BS 15000, the world’s first standard for Service Management. It was developed by the British Standards Institution (BSI) and retired in 2007. It’s intended to work alongside ITIL, but other bodies of ITSM guidance – such as COBIT 2019 – are also supported. ISO/IEC 20000 was created in 2005, updated in 2011, and updated to the current version in 2018. This version is known as ISO/IEC 20000: 2018.

The last ISO/IEC 20000 update recognized that the ITSM form of Service Management is extending beyond IT and being embraced by other parts of organizations. Also, organizations increasingly no longer use a single supplier but multiple suppliers.

Read more: What Does ISO 20000 Stand for?

Why ISO 20000?

The “why” of ISO 20000 can be viewed on two levels. First, the best practice allows organizations to improve their IT service delivery and support capabilities (and business operations and outcomes as a result). This benefit can also be extended to other business functions.

Second, the ISO/IEC 20000 certification helps businesses win new business. It might even be a mandated part of “doing business” in some industries or regions. As a minimum, the certification can be employed as a sales and marketing device to differentiate a supplier from others.

The key elements of ISO 20000

The ISO 20000 standard has two main parts. Part one, i.e., ISO/IEC 20000-1, provides organizations with the requirements for a Service Management system. Part two, i.e., ISO/IEC 20000-2, offers guidance on best practices for the application of Service Management systems (based on part one’s requirements)

In addition to organizations becoming ISO/IEC 20000 certified, individuals can too. This qualification journey starts with a multiple-choice foundation exam on the basics of the standard. The practitioner exam can then be sat once the ISO/IEC 20000 or ITIL foundation certificate has been achieved. The ISO/IEC 20000 Auditor exam is also available to individuals with three or more years of experience in an auditing environment.

5. IT4IT

The Open Group, “a global consortium that enables the achievement of business objectives through technology standards,” created the IT4IT standard. This is a prescriptive approach to ITSM practices, so it’s a standard, not a framework. It was released in 2015 to help organizations define, source, consume, and manage IT services. As with most ITSM best practice guidance, IT4IT is complementary to ITIL. The Open Group IT4IT Standard Version 3.0 was last updated in October 2022.

IT4IT comprises a “reference architecture” and a value-chain-based operating model that allows IT organizations to track the state of the services they deliver throughout the service lifecycle.

Read more: An Introduction to IT4IT and Its Benefits

Why use IT4IT?

The Open Group believes that IT4IT is a better approach for organizations struggling with complexity, governance, and value demonstration. As with all of these ITSM frameworks, methodologies, and standards, IT4IT delivers the benefits of ITSM per se and those specific to this approach. These benefits include:

  • A pan-IT view of technology enablement – the value streams and their performance.
  • Improved business alignment based on business demands and value.
  • Faster time-to-market for new service delivery.
  • Improved IT and business efficiency.
  • Increased cost-effectiveness and better IT financial stewardship.
  • Improved end-user experiences and empowerment.
  • Better governance and risk reduction.



The key elements of IT4IT

IT4IT uses an IT value chain. The Open Group explains this as “a series of activities that an organization performs in order to deliver something valuable, such as a product or service. Products pass through activities of a chain in order and, at each activity, the product gains some value.”

IT4IT splits the IT value chain into four value streams:

  1. Strategy to Portfolio
  2. Requirement to Deploy
  3. Request to Fulfill
  4. Detect to Correct

Unlike ISO/IEC 20000, IT4IT certification can only be achieved by individuals. There’s a single certification available – a foundation-level IT4IT certificate – based on a multiple-choice exam.

6. VeriSM

The International Foundation for Digital Competences (IFDC) developed VeriSM as a Service Management – rather than an ITSM – framework. It is described as “a holistic, business-oriented approach to Service Management, which helps you make sense of the growing landscape of best practices out there, and how you can best integrate them to add value to your business.”

VeriSM was always intended as a real-life approach. Consequently, it’s practical guidance that offers real examples and case studies, making it easier for adopters to understand and implement in their business.

The core VeriSM content was published in late 2017 and 2018 (ahead of the revised ITIL 4 content).  

Read more: An Introduction to VeriSM

Why use VeriSM?

VeriSM was designed to help organizations link the new and old worlds of Service Management together (including the bodies of ITSM best practice) to assist with both adaption and the extension of the status quo.

Hence, it plays two roles for organizations seeking to modernize their ITSM capabilities:

  1. Protecting existing ITSM investments and their value. 
  2. Helping organizations to understand, integrate, and exploit new thinking, methods, and technologies.

In short, the framework very much focuses on “not throwing the baby out with the bathwater.” 

The key elements of VeriSM

VeriSM combines a spectrum of Service-Management-related best practices and information to assist professionals with both traditional and newer challenges. This included the impact of digital transformation before the business need accelerated during the global pandemic.

The VeriSM model starts with governance needs and then Service Management principles with what it calls the “Management Mesh.” Importantly, it details how to adapt the model to your organization’s needs.

The included guidance offers detailed information and advice from other approaches such as Agile, DevOps, Service Integration and Management (SIAM), Lean, and customer and employee experience.

It offers four qualifications, via multiple-choice exams, to individuals:

  1. VeriSM Essentials - For professionals seeking to make a start in Service Management.
  2. VeriSM Plus - This focuses on progressive practices and new technologies. 
  3. VeriSM Foundation - Which combines the content of Essentials and Plus.
  4. VeriSM Professional - This covers the skills and knowledge required to apply VeriSM, including how to use the Management Mesh.

The bottom line

Overall, implementing an ITSM framework can bring many benefits to an organization, including improved service quality, increased efficiency, better risk management, improved communication and collaboration, and compliance with standards and regulations.

And the best part is that you don’t have to choose one over the rest. If you like (or need), you can mix them to match your organization’s needs.

FREE Enterprise Service Management Course

Elevate customer satisfaction and optimize organizational performance.

Enroll now for free

Read other articles like this : ITSM frameworks

Evaluate InvGate as Your ITSM Solution

30-day free trial - No credit card needed