As defined by Wikipedia, ITIL (formally an acronym for Information Technology Infrastructure Library) is a set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of the business. The IT industry is a dynamic one, with constant changes in the service structure and practices. This makes it difficult for professionals to deliver good quality service constantly. ITIL helps professionals to overcome these difficulties.

There is a great demand for ITIL-certified professionals in the IT industry, with companies looking to improve their project delivery and service through the use of best practices. It is always good to get ahead of the competition by taking an ITIL certification course and improve your chances of getting a better job. However, you also need to be able to crack an interview to make that career route possible. To help you prepare better for your next ITIL interview, here are the top ITIL interview questions that are generally asked:


Top ITIL Interview Questions and Answers

These ITIL interview questions and answers will help you crack your upcoming interview easily.


Q1. What are the important stages of ITIL?

Ans. The important stages of ITIL are:

Service strategy – Service strategy allows users to understand the benefits of using market drive approaches to ensure that routine tasks are performed efficiently.

Service design – This stage ensures that the agreed service is delivered when, where, and at the defined cost.

Service Transitions – The goal of the service transition process is to create and implement IT services and ensure coordination between services and Service Management processes.

Service Operations – This stage of ITIL focuses on meeting end-user expectations while balancing costs and uncovering any potential issues.

Continuous Service Improvement – Ensures that IT services can recover and continue after a service incident. Helps perform simplified business analysis to prioritize business recovery.


Explore courses related to ITIL:

Popular Network Security Online Courses & Certifications Top Cybersecurity Online Courses & Certifications
Popular Ethical Hacking Online Courses & Certifications Top Cyber Law Online Courses & Certifications


Q2. Mention 7 steps involved in continuous service improvement.

Ans. The seven steps involved in continuous service improvement are:

  • Find the focus to improve
  • Know what to measure
  • Collect the necessary data
  • Data processing
  • Analyze both information and data
  • Proper use of information.
  • Implement the necessary improvements

Q3. What are the layers of service management measures?

Ans. The service management measures layers are:

Progress – You are responsible for managing the progress of existing service operations

Compliance -Mainly refers to compliance with market standards and industry trend process

Effectiveness – this measure helps to maintain the effectiveness of the services

Efficiency – Helps with workflow efficiency and service maintenance


Q4. How are ICT and BCP related?

Ans. BCP is a systematic process to predict, prevent, and manage ICT, and includes –

  • IT disaster recovery planning
  • Wider IT resilience planning
  • Elements of IT infrastructure, and services related to (voice) telephonic and data communications


Q5. What is the Operational Level Agreement?

Ans. Operational Level Agreements define the relationship between an IT Service Provider and an organization seeking the services of the service provider. It is an essential part of the ITIL and ITSM frameworks and exists at operational levels.


Q6. Mention of processes involved in the Design of Services

Ans. The processes involved in the design of the service are:

  • Design coordination
  • Service level management
  • Service catalog management
  • Availability management
  • Capacity management
  • Information security management
  • IT service continuity management
  • Supply Management


Q7. What is the significant difference between ITIL v2 and ITIL v3?

Ans. The significant differences between ITIL v2. Vs. ITIL v3 are –


It focuses on the product, the process, and the people It focuses on a product, process, people, and partners
The version provides a process-oriented approach The release provides a lifecycle-based approach
Security management is part of the assessment Security management is a completely separate process
It focuses on the design and strategy of services Equal attention to all processes
It has 10 processes and 2 functions It has 26 processes and 4 functions


Q8. What is a Balanced ScoreCard (BSC)?

Ans. A Balanced ScoreCard is a strategic planning and management system that is used extensively in business, government, and nonprofit organizations worldwide. It is a part of ITIL 4 transformation that assesses an organisation from four different perspectives to measure its health.



Q9. What best describes Continual Service Improvement (CSI)?


  • Following the defined seven-step improvement process, including techniques and applications to ensure continual improvement
  • Ensuring that there has been an incremental improvement in the quality and efficiency of services
  • Discussing results with customers and measuring if the offered services have been satisfactory 
  • Continually defining Key Performance Indicators KPIs for effective and efficient change management


Q10. Define Operational Level Agreement (OLA).

Ans. Operational Level Agreement (OLA) is a contract, which emphasizes the different IT groups in a company and how they design their services to support SLAs.


Q11. What is Service Desk?

Ans. IT Service Desk forms the base of IT Service Management. It is the single point of contact between an IT team and the different users within an organization. Thus, if there is any interruption, incident, or alteration in the devices or software, the Service Desk intervenes. Service desks have a help desk or ticketing solution that allows the administrators to manage services based on the type of tickets generated.  

The 4 dimensions of the Service Desk in the ITIL 4 version are:

Organizations and people –Includes the service management team that designs, operates, and changes service offerings.

Information and Technology – The service desk should have an information system to support it.

Value streams and processes – Built through workflows and procedures to best serve service requests and incidents

Partners and suppliers – Third parties involved, such as an outsourcing Service Desk.


Q12. Can it be applied within the company to other processes?

Ans. All the processes that are defined in IT impact business processes, so the initiative to implement ITIL® must involve the business.

After seeing positive results, there are companies that decide to extend the methodology to other business support areas such as maintenance and manufacturing lines (mainly pharmaceutical companies).

Q13. What are the ITIL processes according to the V3 edition?

Ans. The processes are – service strategy, service design, service transition, service operation, and continual service improvement (CSI).


Q14. Who decides the categorization of a proposed change within an ITIL compliant Change Management process?

Ans. This is the task of the Change Manager. A Change Manager will play a key role in ensuring that the projects (change initiatives) meet their objectives within timelines and said budgets by increasing employee adoption and usage.

Q15. What is SLA?

Ans. A service level agreement (SLA) is a contract between a service provider (either internal or external) and the end-user that defines the level of service expected from the service provider.

Q16. Name the 3 types of SLAs?

  • A customer service level agreement is an agreement between the service provider and an external customer.
  • An internal service level agreement is an agreement between you and an internal customer (such as another organization, site, or department).
  • A vendor service level agreement is an agreement between you and the vendor.

Also Read>> Ultimate Guide to ITIL

Q17. What two Service Management processes will most likely use a risk analysis and management methodology?

Ans. The two service management processes are- Availability Management and IT Service Continuity Management.

Q18. What is an OLA?

Ans. An operational-level agreement (OLA) defines the interdependent relationships in support of a service-level agreement (SLA).

Q19. What are the different Knowledge Management Systems (KMS)?

Ans. They are – CMIS (Capacity Management Information System), AMIS (Availability Management Information System), KEDB (Known Error Database), CMDB (Configuration Management Database), DML (Definitive Media Library), and SKMS (Service Knowledge Management System).

Q20. What is the relation between availability, availability service time, and downtime?

Ans. Availability % = (Available service time –downtime) / Available service time

Also Read>> Trending Tech Skills to Master in 2020

Q21. What is the Plan-Do-Check-Act (PDCA) cycle?

Ans. The PDCA Cycle is a systematic series of steps for gaining valuable learning and knowledge for the continual improvement of a product or process. Also known as the Deming Wheel, or Deming Cycle, the concept was first introduced to Dr. Deming by his mentor, Walter Shewhart of the famous Bell Laboratories in New York.

Q22. Define the four phases in the PDSA cycle?

Ans. Plan: Identifying and analyzing the problem.

Do: Developing and testing a potential solution.

Check: Measuring how effective the test solution was, and analyzing whether it could be improved in any way.

Act: Implementing the improved solution fully.

Q23. What are the 7 R’s of change management?

Ans. The Seven R’s of Change Management are:

  1. Who RAISED the change?
  2. What is the REASON for the change?
  3. What RETURN will the change deliver?
  4. Are there any RISKS when we do or do not carry out the change?
  5. What RESOURCES will be required to perform this change?
  6. Who is RESPONSIBLE for this change being performed?
  7. What RELATIONSHIPS are there between this and other changes?

Q24. What type of information is stored in a CMDB?

Ans. CMDB contains contents that are intended to hold a collection of IT assets commonly referred to as configuration items (CI) as well as descriptive relationships between such assets.

Q25. What is the difference between end-users and customers?

Ans. An end-user or end customer directly receives the service or employs the product.

A customer may or may not have the ability to choose between different products and suppliers.

Q26. What is the difference between Expedite / Urgent Change and Emergency Change?

Ans. An ITIL emergency change is the highest priority change that can be defined in an organization. An expedited change is a change that meets a critical business requirement without the normal review and approval time.

Also Read>> Top Security Courses For IT Professionals

Q27. What do you mean by CAB?

Ans. CAB (Change Advisory Board) is an authoritative and representative group of people who are responsible for assessing, from both a business and a technical viewpoint, all high impact Requests for Change (RFCs).

Q28. What is a PIR?

Ans. Post Implementation Review (PIR) is that which takes place after a change or a project has been implemented.

Q29. Explain the service portfolio, service catalog, and service pipeline.

Ans. Service portfolio refers to the services provided by service providers across all Market and all customers.

Service Catalogue is the subset of the Service portfolio. Services ready to be offered to customers are listed in the service catalog.

Service Pipeline consists of services under development.

Q30. What is the freeze period?

Ans. Freeze period is a point in time in the development process after which the rules for making changes to the source code or related resources become stricter or the period during which those rules are applied.

Q32. What is CSF?

Ans. Critical Success Factor or CSF refers to an element mandatory for the successful achievement of a task. It drives any company forward and meets the business goals through its strategy.

Also Read >> Top Networking Interview Questions & Answers

Q33. What is data leakage?

Ans. It refers to an unauthorized data transmission, either electronically or physically, from an organization to any external destination or recipient. The most common forms of data leakage are through web, email, and mobile data storage devices.

Q34. Which factors contribute to data leakage?

Ans. The most common factors leading to data leakage include –

  • Corrupt hard-drive
  • Human Error
  • Inadequate security control for shared drives
  • Malware
  • Misuse
  • Outdated data security
  • Physical theft of data
  • System misconfiguration
  • Technology error
  • Unprotected data back up

Q35. How to prevent data leakage?

Ans. Data leakage is a serious issue and thus there is a need to devise a proper strategy to tackle. Data Loss Prevention (DLP) is a practice adopted by the organizations to safeguard their data. Under this practice, users are not allowed to send confidential or sensitive information outside of the enterprise network. This requires businesses to distinguish the rules that classify confidential and sensitive information such that any user does not disclose it maliciously or even accidentally.

Q36. What is an XSS attack?

Ans. Cross-site Scripting (XSS) is another type of vulnerability that can be technically described as a client-side code injection attack. In this particular attack, an attacker injects malicious data into vulnerable websites. An attack happens when a user visits the web page, as malicious code is then executed. This attack is very harmful to web application users.

Q37. What are the different types of XSS attacks?

Ans. There are three types of XSS attacks –

(i) Non-Persistent XSS attack – Here the data injected by an attacker is reflected in the response and has a link with the XSS vector

(ii) Persistent XSS attack – The most harmful type of attack, where the script executes automatically the moment a user opens the page

(iii) Document Object Model (DOM)-based XSS attack – An advanced type of XSS attack which happens when a web application writes data to the DOM without any sanitization

Q38. Why is information security policy important?

Ans. Information security policy is important because it clearly outlines the responsibilities of employees about the safety and security of information, intellectual property, and data from potential risks.

Q39. What are the most popular work-around recovery options?

Ans. The most popular work-around recovery options are –

  • Fast recovery
  • Gradual recovery
  • Immediate recovery
  • Intermediate recovery
  • Manual workaround
  • Reciprocal arrangements

Want to learn more about CyberSecurity? Refer to this blog – What is CyberSecurity.

Q40. What are the various service providers?

Ans. Service providers that are a part of the ITIL process are –

Internal Service Provider (ISP) – ISPs are the dedicated resources of a business unit and deal with internal organization management.

External Service Provider (ESP) – ESPs offer IT services to external customers and is not limited to any business, individual, or market.

Shared Services Units (SSU) – SSUs are autonomous special units and act as an extension of ISPs.

Also Explore>> Ethical Hacking Courses 

Q41. What is the purpose of Service Transition?

Ans. The purpose of Service Transition is: 

  • To ensure that a service can be managed, operated, and supported.
  • It provides quality information about the change, release, and deployment management.
  • It plans and manages capacity and resource requirements.
  • Service transition also offers guidance on transferring the control of services between customers and service providers.

Q42. What is the difference between ITIL and COBIT?

Ans. The differences between ITIL and COBIT are: 

1. It stands for Information Technology Infrastructure Library. 1. It stands for Control Objectives for Information and Related Technologies.
2. ITIL is used for Information Technology Service Management. 2. COBIT is used for the integration of information and technology.
3. It enables you to implement the guidelines of the business. 3. It enables us to derive guidelines for business operations.
4. It has 5 components: service strategy, service design, service transition, service operation, and continuous service improvement. 4. Its main components include control objectives, frameworks, management guidelines, maturity models, and process descriptions.
5. ITIL follows a bottom-up approach, focusing more on IT service management. 6. COBIT follows a top-down approach, focusing more on IT service governance.

Q43. What are the objectives of Incident Management?

Ans. The objectives of the incident management are:

  • To ensure that standardized methods and procedures are used for the prompt and efficient response, documentation, analysis, ongoing management, as well as reporting of incidents.
  • Increase visibility and communication of incidents to IT support staff and business
  • Align Incident Management activities and priorities with those of the business.
  • Manage user satisfaction with the quality of IT services.

Q44. What is the process of ITIL Incident Management?

Ans. The main process steps involved in incident management are: 

  • Identification 
  • Logging
  • Categorization 
  • Prioritization 
  • Response

Q45. What is the purpose of Problem Management in ITIL?

Ans. The purpose of Problem Management in ITIL is : 

  • Identify potentially recurring incidents
  • Prevent service disruptions 
  • Determine the root cause
  • Meet service availability requirements 
  • Take steps to prevent the incident from reoccurring
  • Improve staff efficiency and productivity
  • Enhance user satisfaction

Q46. What are the different stages in the Problem Management Process?

Ans. The stages in the Problem Management Process are: 

  • Problem Detection 
  • Categorize and prioritize the problem
  • Investigation and Diagnosis 
  • Identify a workaround for the problem
  • Create Known Error Record 
  • Resolution
  • Closure of the problem
  • Review 

Q47. What are the objectives of the IT Service Continuity Management (ITSCM)?

Ans. The objectives of IT Service Continuity Management (ITSCM) are: 

  • To analyze the risks
  • To assist with issues that are related to continuity and recovery
  • Maintain a set of plans on IT service continuity and IT recovery 

Q48. What do you mean by Event Management in ITIL?

Ans. Event Management monitors all events that occur through the changes and improvements in IT infrastructure. It is a process that ensures that all configuration items and services are continually observed and defines a process to categorize these events so that corrective action can be taken if needed.

Q49. What is the difference between a process and a project?

Ans. A project refers to creating something new or implementing a change. A process, on the other hand, aims at creating value by repeatedly performing a task. A project has a finite lifespan whereas a process is continuous and has no deadline.

Q50. What are the responsibilities of the ITIL Service Desk?

Ans. The responsibilities of an ITIL Service Desk are:

  • Incident logging, categorization, and prioritization
  • Resolving the incident 
  • Examining incidents 
  • Incident management reporting

Also Read>> Trending Tech Skills in 2020: Cloud, Game development and DevOps

Q51: Explain the 4 P’s needed for the ITIL Service Management.

Ans. The 4 P’s for the ITIL Service Management are:

  1. People: People in the IT field perform processes and procedures which are associated with ITIL Service Management. 
  2. Processes: It involves an examination of the company’s ability to implement the processes.
  3. Products: Products are the tools used by IT service staff to implement the processes of ITIL.
  4. Partners: Every in-house or outsourced IT organization has partners that enable service to work properly.

Q52. What is the RACI model?

Ans. RACI model is a tool that is used for identifying roles and responsibilities. It helps in avoiding confusion over the roles and responsibilities during a project. RACI stands for: 

  • Responsible: The persons who do the work to achieve the task. Responsibilities are assigned to them to complete a particular task.
  • Accountable: The person who is accountable for the correct and thorough completion of a specific task.
  • Consulted: The groups or people who provide information and are consulted for the task. (Two-way communication)
  • Informed: People who are kept informed about the progress of the task. (One-way communication)

Q53. What is the purpose of Configuration Management?

Ans. The purpose of Configuration Management is to identify, maintain, and verify information on IT assets and configurations in the enterprise.

Q54. What is the difference between proactive and reactive problem management?

Ans. The major difference between proactive and reactive problem management is reactive problem management identifies and eliminates the root cause of known incidents, 

Proactive problem management focuses on preventing incidents before they appear by finding potential problems and errors in the IT infrastructure.

Reactive problem management responds to events after they have happened. It identifies and eliminates the root cause of known incidents.

Q55. What is the difference between an Incident and a Problem?

Ans. An incident is an event that leads to an unplanned interruption to an IT service. It is a single unplanned event that causes a service disruption. On the other hand, a problem refers to the underlying cause of one or more incidents. 


Q56. What is a ‘change request’ in ITIL?

Ans. A change request is a formal proposal for an alteration to some product or system.


Q57. What is a ‘service request’?

Ans. A service request is a user request for information or advice, or for a standard change, or for access to an IT service.


Q58. What is the ITIL Lifecycle Model for services?

Ans. The ITIL Lifecycle Model for services includes –

  • Strategy
  • Design
  • Transition
  • Operation
  • Continual Service Improvement

Q59. Name the ITIL Models commonly adopted by the organizations.

Ans. There are three types of ITIL models adopted by the organizations –

  • Microsoft MOF (Microsoft Operations Framework)
  • Hewlett-Packard (HP ITSM Reference Model)
  • IBM (IT Process Model)

Q60. What is ISO/IEC 27002?

Ans. ISO/IEC 27002:2013 is an information security standard devised by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC). This code of practice provides guidelines for organizational information security standards and information security management practices.

Q61. Give some examples of web-based service desk tools.

Ans. Some example of web-based service desk tools include –

  • BMC
  • CA service desk
  • Oracle Service Cloud
  • ServiceNow
  • SolarWinds Web Help Desk
  • Spiceworks Help Desk/Cloud Help Desk
  • Tivoli

Q62. Which ITIL processes belong to Service Strategy?

Ans. ITIL processes belonging to Service Strategy include –

  • Business relationship management
  • Demand management
  • Financial management
  • Service portfolio management
  • Strategy management

Q63. Which ITIL processes belong to Service Design?

Ans. ITIL processes belonging to Service Design include –

  • Availability Management
  • Capacity Management
  • Design Coordination
  • Information Security Management
  • IT Service Continuity Management
  • Service Catalog Management
  • Service Level Management
  • Supplier Management

Q64. Which ITIL processes belong to Service Transition?

Ans. ITIL processes belonging to Service Transition include –

  • Change Evaluation
  • Change Management
  • Release and Deployment Management
  • Service Asset and Configuration Management
  • Validation and Testing
  • Transition Planning and Support

Q65. Which ITIL processes belong to Service Operation?

Ans. ITIL processes belonging to Service Operation include –

  • Access management
  • Event management
  • Incident management
  • Problem management
  • Service request fulfillment

Q66. What are ITSCM and BCP?

Ans. ITSCM – IT Service Continuity Management is a practice that allows information security professionals to develop IT infrastructure recovery plans

BCP – Business Continuity Planning is the process by which a company creates a prevention and recovery system from potential threats.

Q67. What is ICT?

Ans. Information and Communications Technology (ICT) is the infrastructure and components that enable modern computing and refers to technologies that provide access to information via telecommunications.


The above ITIL interview questions and answers will help you to prepare well for your next ITIL interview. Always be prepared to answer all types of ITIL interview questions — technical skills, interpersonal, leadership, or methodology. If you are someone who wants to get ahead in the software development field, you can take the help of an ITIL certification course to understand the techniques and skills required to be an expert in the field.


If you have recently completed a professional course/certification, click here to submit a review and get FREE certification highlighter worth Rs. 500.

4.36 avg. rating (87% score) - 11 votes