For most, the compliance crunch for the Sarbanes-Oxley Act of 2002 (SOX) is over. But an even bigger challenge has just begun: improving the cost-effectiveness of compliance efforts, especially when it comes to internal controls on your company’s information. If you’re involved in managing your company’s data and IT infrastructure, you know how important it is to stay abreast of regulatory and performance best practices in areas like infrastructure management, business continuity, service delivery or environmental security. Now financial and IT managers charged with these responsibilities are turning toward on often overlooked weapon: The Information Technology Infrastructure Library (ITIL).

Developed by the British government, ITIL is a living library of documented best practices in the field of IT services management. And it’s nothing new. It was born in the ‘80s, with a mandate by the UK Central Computing and Telecommunications Agency to help improve IT service delivery by setting common standards, guidelines and language that would help tackle the increasingly complex task of IT infrastructure management. Over the last few decades, it’s been much revered but little implemented--even as today’s modern IT complexities have grown to make ‘80s IT environments look about as complex as a Mennonite barn-raising.

But analysts and experts agree: ITIL is about to explode onto the scene worldwide. And not just as admirable theory, but as profitable rule of capitalistic law. A recent study by Forrester Research claims that: “Widespread adoption of ITIL best practices by internal IT departments will follow through 2008.” Across the country, classes on how to make your company ITIL compliant are bursting at the seams. And budgets for ITIL adoption are already putting hordes of consultants and IT vendors to work.

So why all the sudden hype? Because today, living by the library pays off. Developments in ITIL’s scope of best practices are catching up with today’s challenges, and implementation of the standard delivers real, bottom-line benefits through:

• More cost-effective regulatory compliance.
Implementing ITIL helps keep down SOX-related IT compliance costs by giving you a governance framework by which to control informational accountability in a way that’s consistent, fast and auditable.

• Better returns on IT investment.
Government and private-sector stakeholders around the world contribute to ITIL best practices, and only the ones which deliver hard-dollar value make the cut. Do it ITIL’s way, and you’re doing it the most profitable way known to the IT infrastructure delivery sector as a whole.

• Improved IT infrastructure reliability.
Since the ITIL was built on a foundation of improving IT infrastructure service delivery, its best practices can help ensure business continuity, security and overall system uptime.

• Easier IT scalability and integration.
Since you’re adhering to an international standard, growing, moving and merging your IT infrastructure becomes less expensive when you operate your business by the ITIL best practices. Third-parties, customers, managers and investors will all be speaking the same language.

• Improved customer experience.
Compliance with ITIL puts reliability and security safe guards in place to ensure that customers can conduct business reliably and with formal assurances of your IT asset management competency. This translates into better market perception of your brand, and eventually a more valuable company.

These economic truths have made ITIL initiatives impossible to put off, as the importance of scalable, reliable and compliant access to core technology and applications becomes a more important part of enterprise operations in every industry, from financial services to energy to healthcare.

And now for the bad news: ITIL is an initially expensive investment. Adopting the standard pays for itself, removes many costly problems from the radar and improves the overall cost of ownership. But because the standard crosses a variety of technical, financial and operating disciplines, it takes a real commitment of time and resources. It also takes a little specialized guidance to help calibrate a company’s business needs to its technology environment. To help make this investment easier to swallow, companies are taking three different tacks:

1. Training existing IT leaders and staff on ITIL competency and the auditing skills to ensure that the standard is properly implemented.
2. Hiring in-house expertise, which is increasingly expensive and hard to find.
3. Outsourcing IT infrastructure to a company with ITIL expertise, and simply writing a check to make the pain go away.

The right path for any given business depends on a number of factors, but the fact remains: ITIL is here to stay, and those who find the most creative, cost-effective way to run the shop by library standards will do the best job of not just complying, but competing. After all, you’re probably not in the compliance business; you’ve got a company to run.