IT Management Best Practices – Adoption and Maturity of 34 IT Organizational Disciplines
Much of the mission of the IT organization is to automate and improve business processes throughout the enterprise. But the IT organization itself also has its own need for process improvement and automation. The best-run IT organizations not only focus their process improvement efforts on those of other departments, they also seek to optimize their own IT management processes internally.
In this study, we examine the growth and maturity of 34 IT management practices which we have grouped into five major categories: IT governance practices, IT financial management practices, IT operational management practices, IT security and risk management practices, and application development practices.
Download or Purchase Now
Clients, download the full report now: IT Management Best Practices 2020-2021
Not a client? Click the link above to purchase the report.
Want to see more, first? Download 21 sample pages of this report, free.

Detailed Description
This study, now in its 15th year, is designed to increase awareness of what are best practices in IT management, provide benchmarks IT leaders to compare their own adoption and maturity levels against other organizations, and justify investments in implementing best practices.
Each year, we ask IT organizations in our annual survey to what extent they are engaged with a selected list of practices. Survey participants have five response choices:
- No activity
- Implementing
- Practicing informally
- Practicing formally but inconsistently
- Practicing formally and consistently
These responses enable us to determine how widely a best practice has been adopted, how formally and consistently it is being practiced, and how quickly it is likely to grow. By comparing current-year responses with those from prior years, we also can assess the growth trajectory of a best practice.
To simplify the presentation, we have grouped the practices into five major categories: IT governance practices, IT financial management practices, IT operational management practices, IT security and risk management practices, and application development practices. While the boundaries between these best-practice categories can overlap, the categories provide an opportunity to discuss the selected practices within the context of related practices. We present our key study findings by category at the beginning of each section.
Table of Content
IT Management Best-Practices
- Introduction
- How We Measure Best-Practice Trends
- Understanding the Practice Profiles
- Major Findings
IT Governance Best-Practice Profiles
- IT Strategic Planning
- IT Steering Committee
- IT Project Portfolio Management
- Project Management Office
- IT Change Control Board
- Organizational Change Management
- Enterprise Architecture
IT Financial Management Best-Practice Profiles
- IT Personnel Time Tracking
- Service-Based Cost Accounting
- Chargeback of IT Costs
- Showback of IT Costs
- IT Service Catalog
- Benchmarking IT Spending Levels
IT Operational Management Best-Practice Profiles
- Server OS Standard Images
- Desktop Standard Images
- IT Infrastructure Library (ITIL)
- IT Asset Management System
- Bring Your Own Device
- User-Satisfaction Surveys
- IT Performance Metrics
IT Security and Risk Management Best-Practice Profiles
- IT Security Policies
- Data Classification and Retention
- Two-Factor Authentication
- IT Security Compliance Audits
- Penetration Testing
- Security Incident Management
- Disaster Recovery Planning
- Disaster Recovery Testing
- Business Continuity Planning
Application Development Best-Practice Profiles
- System Development Life Cycle
- Agile Development
- Software Change Management Process
- DevOps
- Post-Implementation Audits
Appendix
- Benchmarking IT Management Best Practices
- Methodology and Sample
Contact Us

Akshay Khanna
