Let's strip away the corporate jargon for a moment. An IT Operating Model isn't a complex framework or a binder gathering dust; it is simply your shared, honest answer to a single, pragmatic question:
"How does IT actually work here, on a Tuesday afternoon, when something breaks or something new has to go live?"
Consider that Tuesday afternoon test. An incident hits the dashboard, a change request lands in a queue, or a new business requirement arrives from the executive floor. Who picks it up? Who makes the final decision? Who talks to whom, and which specific tools are opened to track the resolution? That chain of events, from initial demand to eventual delivery, is your operating model, whether you’ve deliberately designed it or left it to chance.
If you can't sketch that answer on a single page in a way your leadership team broadly recognizes, you don’t have an operating model; you have a collection of org charts, process diagrams, and folklore. These are not the same thing. Org charts merely represent hierarchy, not the flow of work. Process diagrams often document what you hope happens, rather than the messy reality. Folklore is what your staff actually does—the unwritten rules, the workarounds, and the "who-you-know" shortcuts that live exclusively in people’s heads. Relying on folklore is a liability; you lose consistency and speed every time a key person leaves, a team is restructured, or a new supplier is onboarded.
Crucially, this answer must be shared. An operating model only functions when the people who run IT and the business stakeholders who depend on it hold a common understanding of how the gears turn. When this alignment is missing, you end up with the friction that powers most of those frustrated "why does IT always take so long?" conversations.
When we talk about it formally, an Operating Model is the blueprint that effectively connects your high-level strategy to the realities of everyday work:
If that sounds suspiciously close to "how IT actually operates", that's the point. The Operating Model is not another document; it's the design of reality.
In Andrew Campbell's work on the Operating Model Canvas, an Operating Model is described as the high‑level design of how an organisation delivers value in practice – how it organises people, work, locations, information, suppliers and management routines so that strategy turns into day‑to‑day operations.
An IT Operating Model is the shared blueprint for how IT actually works here – who does what, using which assets and information, with which suppliers, under which governance.
A practical way to visualise this is Andrew Campbell's Operating Model Canvas, often remembered as POLISM:
Processes (Work)
Organisation (People)
Locations (in IT: Assets & Sourcing)
Information
Suppliers
Management System

From Operating Model Canvas by Andrew Campbell and others
The key value streams and workflows: incident to resolution, request to fulfilment, change to deploy, "idea to live", "threat detected to risk mitigated". This is where your ITIL / USM activities sit – not as isolated processes, but as end‑to‑end flows across teams and suppliers.
The teams and roles that execute the work: service owners, product teams, platform teams, operations, SMO, CCoE, security, vendor managers. In IT, this also includes how you structure SIAM/SMO capabilities and how responsibilities are split between internal teams and external providers.
In classic OMC, "Locations" covers where work is carried out and which physical assets you rely on. In an IT Operating Model, this maps to your technical and sourcing footprint:
In other words: the "L" box becomes the place where you make explicit how your services sit on top of infrastructure, CIs, IT assets and sourcing decisions – not just geography.
This is the nervous system of your Operating Model—the data, systems, and information flows required to run the enterprise. It encompasses everything from ITSM and AIOps tooling, monitoring and observability platforms, and org. data to financial chargeback models, risk registers, compliance records, and supplier contract performance. Good information design is the bedrock of the "Management System"; without it, your governance forums are flying blind. When this layer is fragmented or poorly designed, you fall victim to tool sprawl and manual reconciliation, where every team maintains its own dashboard. The result is a total loss of trust in data, where leadership is routinely presented with three different reports telling three different, contradictory stories about the state of the business.
External providers: infrastructure partners, cloud providers, SaaS vendors, network providers, outsourcing partners, SOC/MDR providers. The Operating Model needs to show where they plug into services and value streams, not just list them in contracts.
The governance and improvement engine: steering committees, CABs, cloud governance boards, risk and NIS2 forums, service reviews, KPI/XLA regimes, improvement cycles. This is where USM and ITIL practices come together as a single management system instead of parallel frameworks.
Not "do we have an incident process?", but "How does incident‑to‑resolution actually flow across these teams and vendors, and who decides what?"
Not "do we have a request catalogue?", but "How does our service structure map to platforms, contracts and cost models?"
Not "do we have a CAB?", but "Where do changes enter the service value stream, and which forum really owns the risk trade‑offs?"
In my experience, you can get an honest picture in a single whiteboard session – if you insist on drawing reality, not the process manual. The gaps you uncover are usually not new; they're just finally visible.
This is where a lot of confusion comes from, so let's be concrete.
Org charts show reporting lines and sometimes cost centres. They don't show how work actually flows across teams, who owns which decisions, or how suppliers are integrated into services.
You can have the same operating model implemented with different org structures (e.g. more central vs. more federated) – and you can have totally different operating models inside the same org chart.
Process documentation answers "what should happen, step by step, if the world behaves".
An operating model answers "how we've actually chosen to run this, given our constraints, risks and suppliers".
You can have 200 pages of ITIL‑compliant processes that nobody follows, and still no operating model. Conversely, you can have a one‑page model that everyone understands, and lean, pragmatic process descriptions that support it.
Your ITSM platform is an implementation of parts of your operating model, not the model itself. If the only place your operating model exists is inside ServiceNow or Jira – in groups, queues, forms and workflows – then it's very hard for leadership to discuss or change it, it's strongly biased by whatever was easiest to configure at the time, and it mostly reflects history, not deliberate design.
In other words: the tool is the plumbing, not the blueprint of the house.
Business model = how the organisation makes money or delivers public value.
Operating model = how you organise yourself internally to do that reliably and repeatedly.
They should be tightly connected, of course. If you change your business model (e.g. move from project to product, or from on‑prem software to SaaS), your operating model has to change too – and this is where many "digital transformations" stumble.
Here is the uncomfortable pattern I see again and again:
Organisation buys a new ITSM platform, or rolls out a new framework push ("we're doing ITIL now").
Everyone is busy for months re‑designing processes, migrating data, building forms and dashboards.
Twelve months later, the experience on the ground is… eerily familiar.
The problem is not that the tools or frameworks are bad. ServiceNow, Jira, ITIL – they're all powerful ingredients when used well. The issue is that many organisations confuse ingredients with the recipe.
Where work is recorded, routed and visualised
Proven building blocks and vocabulary
How you've chosen to put these together to run IT
If you skip the recipe and jump straight into cooking, you'll get… something. But it's unlikely to be consistent, repeatable or aligned with your actual strategy.
In my experience, the most expensive ITSM projects are the ones that try to compensate for a missing operating model with configuration. Every time a structural question comes up ("who really owns this?", "how do these two teams interact?"), someone adds another field, another group, another approval. It works for a while – until the weight of exceptions and local variants becomes unmanageable.
This is where the Unified Service Management (USM) method is particularly helpful.
USM isn't "ITIL 5.5" or "just another framework". It deliberately positions itself as a universal, principle‑based management system: a small, coherent set of management processes and activities you can apply across all services – IT, HR, facilities, you name it.
Think of it like this:
Ultimately, this layering creates a stable foundation that doesn't fracture every time a framework releases a new version or you adopt a new tool. The Operating Model and Management System are durable; the tools and practices can evolve on top without destabilising your entire service delivery.
Tool configuration, detailed practices, dashboards
USM – how we manage services and teams consistently
Operating model – how we run IT here
When you get the layering wrong – for example, by letting the tool dictate the Operating Model – you spend years rearranging the furniture while the foundations stay crooked.
Get a good introduction to USM here.
If you don't have at least a one‑page view of your IT Operating Model that your leadership team recognises, you have no business re‑platforming your ITSM tool.
You'll still be able to deliver a project. There will be a go‑live, some automation, some nicer reports. But you'll mostly be pouring new concrete around an old, undocumented foundation – and you'll be back in the same discussions two years from now.
In Part 3 of this series, we'll connect the dots between ITSM and cloud governance:
Why "cloud operating model" and "ITSM operating model" should not be two separate worlds
How a technology‑agnostic operating model helps you span on‑prem, cloud and SaaS
What this means for cost transparency, risk, and NIS2‑style obligations
What an IT operating model really is (and what it isn't)