As ITSM practitioners, we often get wrapped up in frameworks, standards, models, and best practices. But it doesn’t have to be that complicated. At its core, process maturity is simply good management: define what you do, make sure it’s done consistently, and improve it over time.
And in today’s environment, where organizations are increasingly exposed to outages, security incidents, and operational risk, this kind of discipline does more than improve efficiency — it directly supports operational resilience.
I am a big believer in process. When implemented correctly, processes standardize work, improve communication, support training and onboarding, and increase both effectiveness and efficiency.
Just as importantly, they reduce variability — and variability is where operational risk lives.
Skeptics often argue that processes are bureaucratic and question their value. To them I ask: do you really think Amazon could deliver tens of millions of packages a day, or Toyota consistently rank #1 in quality, without well-defined processes?
Process maturity is not an academic exercise — it is simply what good managers do.
Processes are never perfect out of the gate. They require ongoing management: define what you do, do it, and make it better over time. It’s that simple.
Strip away the terminology and scoring models, and process maturity really comes down to a simple management cycle.
And when that cycle is consistently applied, organizations become more predictable, more stable, and better able to respond when something goes wrong.
Before improving the maturity of your processes, it’s a good idea to establish a baseline.
As an ITSM practitioner, I’ve done my fair share of maturity assessments using models such as the Capability Maturity Model, ISO/IEC 33020, and the COBIT Process Capability Model.
These models can get fairly “nerdy,” with lots of jargon around maturity levels, process attributes, and capabilities.
But simply put, they all examine the same fundamentals: how well you perform the basic steps, how well the process is documented and deployed, whether the right skills are in place, and whether the process is being actively managed, measured, and improved over time.
When approached the right way, process assessments are more than just a score on a chart.
They create an opportunity to engage your team, listen to their frustrations, and build a practical roadmap for improvement.
They also help uncover where processes are breaking down in practice — which is often where the greatest operational risk exists.
To learn more, check out our webinar:
Level Up Your ITSM Program with an ITSM Process Maturity Assessment.
Processes should never be designed in a vacuum. You need to start by Understanding Your Processes Through Process Discovery and Identification.
Taking the time to understand the current state is an essential part of process management. It establishes the baseline from which to improve.
Once you understand the current state, you need to engage stakeholders in collaborative process design.
Check out our webinar:
Business Process Mapping Workshop: Master the Art of Creating Clear and Well-Designed Processes
I remember being on a panel discussion at a Pink Elephant ITSM conference where someone shared that they had built more than a dozen processes based on best practices — all in a conference room, isolated from the actual stakeholders.
Sure, it was faster. But failing to engage the people who actually perform the work often results in a classic “not invented here” reaction and poor adoption.
This is why the design phase matters so much. When the people who actually perform the work help shape the process, they bring practical insight into what will and won’t work in the real world. Just as importantly, they develop a sense of ownership — which dramatically improves adoption when the process is rolled out.
This is where the rubber meets the road. It’s not enough to simply define a process.
- Does it align with your process automation platform?
- Have people been trained?
- Is it consistently executed across the organization?
- Are you measuring it?
- Are you addressing defects?
- And are you taking the time to improve it?
Because in the end, this is what determines whether a process delivers value — or creates risk.
Want to learn more? Check out my: 7 Simple Rules for Process Design.
Improving process maturity doesn’t require complicated models or academic frameworks. It starts with understanding how work is actually being done today, engaging the people who perform the work every day, and making practical improvements.
Define the process, ensure it is consistently executed, measure the results, and refine it over time. When organizations focus on these fundamentals, maturity improves naturally.
And in doing so, they don’t just become more mature — they become more resilient.
Process maturity isn’t academic or bureaucratic — it’s simply good management. Organizations that define how work should be done, execute it consistently, measure results, and improve over time will always outperform those relying on ad-hoc execution.