"For instance, service level agreements need to be very clear on what we support on a person's own device and what we don't. Another good example is capacity planning where we take into account the new infrastructure needed to manage personal devices.
"In the end BYOD will probably force a better ITSM practice."
Impacts across the ITIL lifecycle
The rise of BYOD has implications for organisations that have invested in process-based ITSM programs.
Karen Ferris, director of ITSM consulting company, Macanta and a board member for independent industry association, itSMF Australia, said that BYOD has an impact in many ways on ITSM processes and operations. This is because the current iteration of best practice ITSM frameworks (ITIL v3) defines a lifecycle approach to the delivery of services.
Every step defined in the ITL lifecycle framework -- including service strategy, service design, service transition and service operation -- needs readdressing with BYOD in play, Ferris said.
"For instance, service strategy needs to consider the adoption of BYOD in the organisation," she said. "It may not be appropriate to every organisation and it may not be appropriate to every employee within the organisation but careful consideration needs to be given to the ramifications of a BYOD strategy including security, legal, financial, HR and the need to maintain productivity and meet service level agreements.
"Meanwhile, the service portfolio approach of 'define, analyse, approve and charter' needs to be applied to BYOD as it does to any other service under consideration as a potential service offered by the organisation. The implications for service desk and support also have to be considered. Each of the ITSM processes has to be adopted and adapted to manage the implications of BYOD."
Ferris offered, as an example, that "BYOD as a service" would need to be included as part of the service catalogue while there will be changes to a range of other processes to reflect the changing environment.
"It will have associated service levels managed via Service Level Management," Ferris said. "Change management will be key in ensuring that changes do not compromise the security around BYOD and therefore increase risk.
"Service asset and configuration management can be used to record details of employees who have signed up for BYOD and the associated policy. Supplier management may have to manage additional suppliers if third party support for BYOD devices is put in place.
"Meanwhile, security management will be key while there will also need to be clear communication about what service is provided by the service desk and support teams for BYOD through incident management and request fulfilment. There is no right or wrong answer but the ITSM practices will need to be adapted to manage the situation."
Sign up for CIO Asia eNewsletters.