SkarpSkarp

Chapter 8 of 13

General Management Practices: Foundation for Every Organization

Discover how core organizational capabilities like continual improvement, information security, and relationship management show up in ITIL questions—even when the scenario doesn’t sound "technical" at all.

15 min readen

1. Why General Management Practices Matter in ITIL 4

General Practices in ITIL 4

In ITIL 4, general management practices are capabilities every organization needs. They support the Service Value System and all value streams, not just IT operations.

What the Exam Expects

For Foundation, you must recall practice purposes, know key terms and example activities, match short scenarios to the right practice, and tell similar practices apart.

Our Focus Practices

We focus on four high‑frequency practices: continual improvement, information security management, relationship management, and supplier management.

Link to Real World

These show up in questions about customer feedback, data protection, collaboration with business units, or working with cloud providers, even when nothing sounds technical.

2. Continual Improvement: Purpose and Core Ideas

Purpose of Continual Improvement

Continual improvement aligns practices and services with changing business needs by identifying and improving everything involved in service management.

Always On, Everywhere

The practice is ongoing, not a one‑off project. It applies to services, processes, tools, skills, and relationships, across all SVS components and value chain activities.

Typical Activities

Key activities: maintain a continual improvement register, define improvement initiatives, follow a structured improvement model, and measure and report results.

Exam Clues

Look for clues like “improvement register”, “step‑by‑step improvement”, or “how can we do this better over time?” to identify continual improvement in questions.

3. Continual Improvement in Action (Mini Scenarios)

Scenario 1: Service Desk Delays

Long waiting times are logged in a continual improvement register, analyzed, and addressed through a pilot solution, then rolled out based on metrics. This is continual improvement.

Scenario 2: Value Stream Review

After a new app launch, the team reviews the whole value stream, finds testing delays, and proposes automation. Again, this is continual improvement of the value stream.

Scenario 3: Improvement Culture

Everyone is invited to submit monthly improvement ideas that are reviewed and prioritized. This shows continual improvement as an organization‑wide habit.

Visual Picture

Imagine a looped arrow circling the Service Value Chain, constantly asking: “Is this still the best way to create value?” That loop is continual improvement.

4. Information Security Management: Protecting Value

Purpose of InfoSec Management

Information security management protects the organization’s information by managing risks to confidentiality, integrity, availability, and related security properties.

CIA Explained

Confidentiality means only authorized access. Integrity means data is accurate and unchanged. Availability means information is there when needed.

Key Activities

Typical work: maintain security policies, assess and treat risks, define access rules, run awareness training, and monitor and review security events.

Link to Standards

Many organizations align with ISO/IEC 27001:2022, but ITIL just expects you to know the practice purpose and basic concepts, not detailed clauses.

Exam Clues

Look for words like data protection, access control, security policy, or risk of breaches. These usually point to information security management.

5. Relationship vs Supplier Management: Know the Difference

Relationship Management: Purpose

Relationship management builds and maintains links with stakeholders, focusing on understanding needs, managing expectations, and improving satisfaction.

Relationship Management: Activities

Key tasks include identifying stakeholders, managing customer satisfaction and feedback, handling complaints, and communicating plans and performance.

Supplier Management: Purpose

Supplier management ensures suppliers and their performance are managed so that they support seamless delivery of quality products and services.

Supplier Management: Activities

Typical work includes supplier strategy, selecting suppliers, negotiating contracts and SLAs, monitoring performance, and managing supplier‑related risks.

Quick Distinction

Customers and stakeholders → relationship management. Vendors, contracts, cloud providers → supplier management.

6. Mini Sorting Exercise: Which Practice Is It?

For each short scenario, decide which single practice is the best match:

  • CI = Continual improvement
  • ISM = Information security management
  • RM = Relationship management
  • SM = Supplier management
  1. The organization creates a prioritized list of ideas to improve how incidents are handled, and reviews progress monthly.
  • Your guess:
  1. A major customer complains that they were not informed about a service outage. The service provider sets up regular review meetings and a new communication plan.
  • Your guess:
  1. A company negotiates new terms with its cloud hosting provider to include stronger uptime guarantees and penalties for non‑performance.
  • Your guess:
  1. After several phishing attacks, mandatory staff training is introduced on how to detect suspicious emails.
  • Your guess:

Scroll down for feedback when you are ready.

Suggested answers:

  1. CI – structured improvement of incident handling over time
  2. RM – managing expectations and satisfaction of a customer
  3. SM – dealing with a supplier contract and performance
  4. ISM – reducing security risk through awareness training

7. Quick Check: Purpose Statements

Test your ability to match a purpose statement to a practice.

Which purpose best matches the **relationship management** practice in ITIL 4 Foundation?

  1. To ensure that suppliers and their performance are managed appropriately to support the provision of quality products and services.
  2. To establish and nurture the links between the organization and its stakeholders at strategic and tactical levels.
  3. To align the organization’s practices and services with changing business needs by identifying and improving services and components.
  4. To protect the organization’s information by managing risks to confidentiality, integrity, and availability.
Show Answer

Answer: B) To establish and nurture the links between the organization and its stakeholders at strategic and tactical levels.

Relationship management is about establishing and nurturing links with stakeholders at strategic and tactical levels. Option 0 is supplier management, option 2 is continual improvement, and option 3 is information security management.

8. Key Term Review Flashcards

Use these flashcards to reinforce key ITIL 4 general management practice concepts.

Continual improvement (purpose)
To align the organization’s practices and services with changing business needs by identifying and improving services, components, and all elements involved in service management.
Information security management (purpose)
To protect the organization’s information by understanding and managing risks to confidentiality, integrity, availability, and other security properties.
Relationship management (purpose)
To establish and nurture the links between the organization and its stakeholders at strategic and tactical levels.
Supplier management (purpose)
To ensure that the organization’s suppliers and their performances are managed appropriately to support the seamless provision of quality products and services.
Confidentiality
A security property ensuring that information is accessible only to those authorized to have access.
Integrity
A security property ensuring that information is accurate, complete, and protected from unauthorized modification.
Availability
A security property ensuring that information is available when and where it is needed.
Continual improvement register (CIR)
A structured, prioritized list of improvement opportunities, used to track and manage continual improvement activities.

9. Scenario Quiz: Distinguishing Similar Practices

Apply what you have learned to a short exam‑style scenario.

A service provider notices that satisfaction scores from a key business customer are falling. They schedule regular review meetings, agree improvement actions together, and set up a shared dashboard so the customer can see performance data. Which practice is MOST directly involved?

  1. Relationship management
  2. Supplier management
  3. Continual improvement
  4. Information security management
Show Answer

Answer: A) Relationship management

The focus is on a key business customer’s satisfaction, expectations, and communication. That is relationship management. Continual improvement is involved, but the primary practice managing the customer link is relationship management. Supplier management would apply if this were about a vendor, not a customer.

10. Connecting Practices Back to the SVS and Exam Strategy

Practices in the SVS

Continual improvement wraps around all SVS components; information security protects value; relationship management aligns stakeholders; supplier management aligns external providers.

Exam Strategy: Step 1

First, identify the main focus: improvement, protection, customer relations, or supplier contracts. This quickly narrows the practice choices.

Exam Strategy: Step 2

Then match the scenario to the practice purpose you know. Compare each option’s purpose, not the buzzwords in the question.

What You Should Be Able to Do

State each purpose in your own words, give example activities, and distinguish customers from suppliers, and improvement from protection. That is the exam‑level mastery.

Key Terms

Integrity
A security property that ensures information is accurate, complete, and protected from unauthorized modification.
Availability
A security property that ensures information is available when and where it is needed.
Value stream
A series of steps an organization uses to create and deliver products and services to consumers.
Confidentiality
A security property that ensures information is accessible only to those authorized to have access.
Supplier management
A practice that ensures suppliers and their performance are managed appropriately to support seamless, quality products and services.
Continual improvement
A practice focusing on aligning the organization’s practices and services with changing business needs by identifying and improving all elements involved in service management.
Relationship management
A practice that establishes and nurtures the links between the organization and its stakeholders at strategic and tactical levels.
Service Value System (SVS)
The model in ITIL 4 that describes how all components and activities of an organization work together to enable value creation.
General management practice
A set of organizational resources designed for performing work or accomplishing an objective, applicable across the organization, not just in IT.
Information security management
A practice that protects the organization’s information by managing risks to confidentiality, integrity, availability, and related security properties.
Continual improvement register (CIR)
A structured, prioritized list of improvement opportunities used to manage continual improvement activities.

Finished reading?

Test your understanding with a custom practice exam on this chapter.

Test yourself