ITIL 4 and Cloud: The Deployment Management Practice

The ITIL 4 deployment management practice

Here’s how ITIL 4 Foundation Edition describes the purpose of the deployment management practice, “…to move new or changed hardware, software, documentation, processes, or any other component to live environments. It may also be involved in deploying components to other environments for testing or staging.”

While the ITIL release management practice has an overall view and owns communications around releases, the deployment management practice can be considered as the activities to deliver changes to environments. There are a number of deployment techniques available, and the choice depends on the nature of the affected customers, environments, platforms, software, and components:

  1. Phased delivery, sometimes known as canary releases, where change is rolled out gradually across multiple targets.
  2. Continuous delivery that leverages DevOps principles such as small batch sizes and high change frequencies, and techniques such as Continuous Integration for automated deployments.
  3. Big bang deployment, where new components are deployed to all targets simultaneously. It’s sometimes necessary but the risks can be mitigated by using blue-green deployments that keep two live targets running (old and new) and facilitate traffic to one or the other, making for easier back out.
  4. Pull deployment which allows targets to pull changes “on demand,” such as polling a central system to check for new changes and self-updating as required.

All of these are possible in the cloud. In all cases, a secure central repository that offers features like version history should be used.

There are well-walked cloud paths for the deployment management practice because it has always been a crucial engine for startups to exploit cloud for speed, quality, and cost. However, it can be a problem area when non-cloud organizations start to use cloud because they often want to “lift and shift” their non-cloud deployment management practices onto cloud and can thus miss out on the benefits.

How deployment management works in the cloud

No cloud discussion is complete without exploring the deployment management practice because the performance of this practice has a direct impact on the business outcomes of using the cloud. As such, cloud service providers offer all the tools and practices to customers that encourage high-performing deployment management.

Modern application development creates competitive differentiation by enabling rapid innovation. When building modern applications on the cloud, there are some accepted “must dos” to achieve success:

  1. Security across the entire application lifecycle from development to production.
  2. Decompose and decouple apps into microservices to ease deployment and scale (the cons are complexity and observability).
  3. Build with serverless technologies (managed databases, event-driven functions).
  4. Codify applications and infrastructure in the same bundle using infrastructure as code.
  5. Rapid-release high-quality features with CI/CD.
  6. Increase observability and feedback through monitoring.

All four of the aforementioned deployment management techniques can be delivered through cloud-native tooling:

  1. Secure central repository through Github, Bitbucket, or AWS CodeCommit.
  2. Phased deployment by using cloud structures like virtual private clouds and many cloud accounts to isolate targets and roll out changes. Also, tools like load balancers for canary releases and only letting small amounts of traffic hit new code.
  3. Continuous delivery with tooling, which are often free like AWS CodeStar, CodePipeline, and more.
  4. Big bang using blue-green with automated PaaS environments like AWS Beanstalk or CloudFoundry.

These cloud-based practices are normally the province of the application developer and not the IT service manager. This is an opportunity for both success and failure that can be measured using four key metrics:

  • Lead time
  • Change failure rate
  • Change frequency
  • Mean Time to Restore.

Cloud dos and don’ts for deployment management

The following dos and don’ts are general guidelines for great deployment management in the cloud:


  • Use cloud-native tools, rather than non-cloud tooling. They’re usually free.
  • Research the many examples of all deployment approaches/practices in the cloud – the internet is awash with them.
  • Just get started – deployment practices don’t have to be planned for months. You can just start with Version Control and build capabilities from there.
  • Codify your target environments – also known as Infrastructure as Code – and keep that infrastructure code in the same place as your application code.


  • Think deployment management is just the responsibility of application developers – it’s a crucial part of becoming a high-performing organization and impacts customers.
  • Separate application from infrastructure code.
  • Forget the four key metrics – they’ll tell you how well you’re doing. Or not.

The deployment management practice is the driving force of high-performing organizations and it’s well supported by the cloud. If an ITSM practitioner can be engaged with this practice, collaborate with developers and administrators, and build an effective practice. Over time, it will no doubt be a success story in the organization’s adoption of the cloud.