ITIL 4 and Cloud: The Service Catalog Management Practice

The ITIL 4 service catalog management practice

ITIL 4 Foundation Edition states that “The purpose of the service catalog management practice is to provide a single source of consistent information on all services and service offerings, and to ensure that it is available to the relevant audience.”

ITIL 4 also adds that “The list of services within the service catalog represents those which are currently available and is a subset of the total list of services tracked in the service provider’s service portfolio. Service catalog management ensures that service and product descriptions are expressed clearly for the target audience to support stakeholder engagement and service delivery. The service catalog may take many forms such as a document, online portal, or a tool that enables the current list of services to be communicated to the audience.”

The service catalog needs to provide different views and levels of detail to different business stakeholders. For example:

  • Customer views – with service level, service performance, and financial data.
  • User views – with information on the service offerings that can be requested, plus the provisioning details.
  • IT views – with this covering the technical, process, and security information that’s required for service delivery.

To this end, the staff who would normally maintain a service catalog (for IT) need to learn how to do their service-catalog-related activities for cloud-delivered services, which is likely to involve training in respect of cloud service provider tools and ways of working.

A service catalog is not a static system. Users and administrators should, therefore, have various tools and processes available to them, such as a request catalog or a process to evolve the catalog offerings. For example, AWS Marketplace is a public service catalog that allows organizations to upload their own offerings via online portals and form submissions.

How service catalog management works in the cloud

The main use of a service catalog in the cloud is to provide self-serve access to systems that range from simple to complex, and often to non-technical or non-expert users. The service catalog doesn’t just give access to an application, it can also trigger a value stream in itself – and hiding complex multi-step automation that delivers an outcome such as giving a user access to a system. Or it can be the provisioning of a whole new system for an administrator. Here, if the provisioning process is embedded within a service catalog item, then all the compliance and security can also be embedded and hidden away from the user.

AWS Service Catalog is perhaps the most mature offering in the public cloud market. It allows organizations to create and manage catalogs of IT services that are approved for use on AWS – easy to consume, compliant services that your organization has approved. These IT services can include everything from virtual machine images, servers, software, and databases to complete multi-tier application architectures.

AWS Service Catalog allows you to centrally manage commonly deployed IT services and helps you to achieve consistent governance and meet your compliance requirements while enabling users to quickly deploy only the approved IT services they need.

It’s a good cloud strategy to ONLY offer access to non-technical/non-expert users via a service catalog, to enforce guard rails for security, compliance, and cost. It’s also often less friction for the user as they don’t have to be experts in cloud to use the cloud via a service catalog.

Cloud dos and don’ts for service catalog management

The following dos and don’ts are general guidelines for great service catalog management in the cloud:


  • Limit non-technical non-expert (in cloud) users to the service catalog. The alternative is to give them access to the “raw” cloud console which is a proven cloud anti-pattern that leads to cost over-runs and security breaches.
  • Integrate the cloud service catalog with your company’s ITSM tool.
  • Use the automation behind service catalog to embed compliance policies around cost and security.
  • Use the service catalog to provide a friction-free, self-service model for cloud to improve value streams.


  • Leave the service catalog out of your core cloud strategy – it can be the game-changing success story of cloud, bridging the gap between non-cloud staff and the cloud.
  • Limit service catalog use just to infrastructure teams to provide access to software. Think bigger – about giving access to systems and value streams if the catalog is advanced enough to support automation.

The ITIL 4 service catalog management practice is ideal for cloud. And the service catalogs from leading cloud service providers will fit well into any ITSM practitioner’s toolkit.