The 34 Management Practices

In previous versions of ITIL, the framework heavily emphasized “processes.” ITIL 4 shifted this focus to Management Practices. A practice is defined as a set of organizational resources designed for performing work or accomplishing an objective. This change reflects the fact that delivering services requires more than just a process flow; it requires considering all Four Dimensions of Service Management (People, Information/Technology, Partners, and Value Streams/Processes).

The 34 ITIL management practices are grouped into three distinct categories:

1. General Management Practices (14): Practices that have been adopted and adapted for service management from general business management domains.
2. Service Management Practices (17): Practices that have been developed in service management and ITSM industries.
3. Technical Management Practices (3): Practices that have been adapted from technology management domains for service management purposes by expanding or shifting their focus from technology solutions to IT services.

While organizations may adopt any number of these 34 practices depending on their needs, the following are eight of the most universally implemented Service Management practices:

1. Risk Management link

• Purpose: To ensure that the organization understands and effectively handles risks. Managing risk is essential to ensuring the ongoing sustainability of an organization and co-creating value for its customers.
• Application: In ITIL, risk is defined as a possible event that could cause harm or loss, or make it more difficult to achieve objectives (though it can also refer to uncertainty of outcomes, including positive opportunities). This practice involves identifying, assessing, and treating risks systematically across the service value system, ensuring that risks are understood and managed at the strategic, portfolio, program, project, and operational levels.

2. Incident Management link

• Purpose: To minimize the negative impact of incidents by restoring normal service operation as quickly as possible. An incident is an unplanned interruption to a service or reduction in the quality of a service.
• Application: This involves logging, categorizing, prioritizing, and resolving incidents. Effective incident management relies heavily on good communication, knowledge management, and establishing clear targets for resolution times. It often involves different tiers of support (e.g., Level 1, Level 2, Level 3).

3. Problem Management link

• Purpose: To reduce the likelihood and impact of incidents by identifying actual and potential causes of incidents, and managing workarounds and known errors. A problem is a cause, or potential cause, of one or more incidents.
• Application: Problem management involves three distinct phases: problem identification, problem control, and error control. It focuses on finding the root cause of recurring incidents and developing permanent solutions or structural workarounds to prevent them from happening again or to minimize their impact if they do.

4. Change Enablement link

• Purpose: To maximize the number of successful service and product changes by ensuring that risks have been properly assessed, authorizing changes to proceed, and managing the change schedule.
• Application: Previously known as Change Management, this practice categorizes changes into Standard (pre-authorized, low risk), Normal (requires authorization based on risk), and Emergency (requires expedited assessment and authorization). It balances the need to make rapid, valuable changes against the need to protect the live environment from disruption.

5. Service Desk link

• Purpose: To capture demand for incident resolution and service requests. It should also be the entry point and single point of contact for the service provider with all of its users.
• Application: The Service Desk is the face of IT. It provides a clear path for users to report issues, make queries, and request new services. A well-functioning service desk significantly impacts user experience and satisfaction. Modern service desks heavily leverage automation, self-service portals, and AI-driven chatbots.

6. Service Level Management link

• Purpose: To set clear business-based targets for service levels, and to ensure that delivery of services is properly assessed, monitored, and managed against these targets.
• Application: This practice establishes Service Level Agreements (SLAs) between the service provider and the customer. It ensures that both parties have a shared understanding of the required service quality. Crucially, ITIL 4 emphasizes that SLAs must be based on business outcomes and user experience, not just technical metrics (e.g., measuring “customer satisfaction” rather than just “server uptime”).

7. Service Request Management link

• Purpose: To support the agreed quality of a service by handling all pre-defined, user-initiated service requests in an effective and user-friendly manner.
• Application: A service request is a request from a user that initiates a service action that has been agreed upon as a normal part of service delivery (e.g., requesting a new laptop, resetting a password, granting access to a folder). These are typically handled via standardized, automated workflows to ensure efficiency and consistency.

8. Continual Improvement link

• Purpose: To align the organization’s practices and services with changing business needs through the ongoing improvement of products, services, and practices, or any element involved in the management of products and services.
• Application: This practice applies to the entire Service Value System. It involves identifying improvement opportunities, logging them in a Continual Improvement Register (CIR), creating business cases for improvement initiatives, and implementing them. Everyone in the organization is responsible for continual improvement.

Summary Tables link

The following table summarizes all 34 ITIL 4 Management Practices categorized by their origin domain:

Table 1: The 34 ITIL 4 Management Practices