What ITIL 5 adds — Lifecycle and AI Governance
18 June 2026
Florian Nitz, Thomas Scherzinger
Reading time: 5 minutes
What the new version adds structurally — and what stays the same for organisations working on ITIL 4 today.
In February 2026, ITIL 5 was released. Not as a revolution but as an evolution — yet with two structural innovations that noticeably shift the frame: a reworked lifecycle model and a dedicated guideline for the governance of artificial intelligence. Anyone working on ITIL 4 today rightly asks: what really changes, and what does not?
The short answer: the Service Value System stays. The practices stay. What ITIL 5 adds is the structural frame for two developments that were not yet embedded in ITIL 4 — thinking in products rather than pure services, and dealing with AI as a governance question.
1. From the 5-stage lifecycle to the Digital Product and Service Lifecycle
ITIL v3 knew five clearly delimited phases: Strategy, Design, Transition, Operation, Continual Service Improvement. Anyone who grew up with this structure knows how formative it is — and how quickly it turns into a set of pigeonholes.
ITIL 4 softened these phases. The Service Value System, with its flexible value chain, replaced the rigid sequence. ITIL 5 goes a step further and introduces the eight-stage Digital Product and Service Lifecycle: Discover, Design, Acquire, Build, Transition, Operate, Deliver, Support.
The decisive difference, though, lies less in the eight stages than in the idea behind them: ITIL 5 no longer separates the product (the «how» of the technology) from the service (the «why» of the customer). A single product — a software platform, say — provides capabilities that become the basis for many different services. Product teams and service teams work continuously within the same lifecycle, instead of handing work linearly from one phase to the next.
For IT organisations, two shifts are particularly powerful: the clean separation of Acquire/Build from Transition — procurement and development are no longer the same thing as the controlled hand-over into operation — and the decoupling of Deliver from Support: delivering value to the customer and resolving incidents in live operation are run as distinct disciplines rather than lumped together.
Figure 1: The 5-stage lifecycle (ITIL v3) versus the eight-stage Digital Product and Service Lifecycle (ITIL 5: Discover, Design, Acquire, Build, Transition, Operate, Deliver, Support).
2. ITIL AI Governance — the real novelty
If there is one innovation ITIL 5 will be remembered for, it is the dedicated publication on AI governance, «ITIL AI Governance». It is deliberately not part of the core framework for product and service management, but a complementary guideline. And it does not explain how to implement AI — it explicitly does not. Its value lies elsewhere: it describes, for the first time, in structured form, which governance decisions an organisation must make when it embeds AI agents into its service processes.
Three questions are central:
Who is responsible for decisions an AI agent makes? In classical processes, accountability is cut to fit people. When an Incident Management agent escalates, closes or reroutes on its own, a clear governance structure is needed — not an after-the-fact discussion.
How is the value of an AI agent measured? MTTR and ticket volume are not enough. What is needed are value metrics tied to business outcomes — not to system parameters.
Where is the limit of autonomous action? Agentic AI acts, it does not merely recommend. That calls for explicit thresholds — defined, documented, communicated.
These three questions are not science fiction. Agentic AI — software that does not merely recommend but acts on its own — is moving into service desks and operational processes right now, and the analyst houses agree that its share will grow strongly in the years ahead. Anyone without answers to these questions today still makes the decisions — only implicitly.
3. Practice update: what changes — and what stays for now
ITIL 5 brings no new practices system. The proven management practices from ITIL 4 remain in place for now; their fully revised publications are, according to PeopleCert, being rolled out in stages in the second half of 2026. What is already foreseeable, though, is the direction the update is heading — wherever AI and the new lifecycle touch everyday work. Three practices where this becomes especially tangible:
- Incident Management: Once AI agents act as the first response tier, the escalation logic shifts. Who takes over when — and at what point does a human take the decision back?
- Service Request Management: Standard requests increasingly run through AI chatbots for request capture and automated service fulfilment. Rigid service catalogues turn into intelligent, personalised recommendations — which noticeably raises expectations of speed and experience.
- Service Configuration Management: With more AI-generated configuration changes, the demands on a well-maintained CMDB rise noticeably — and with them the question of who is accountable for data quality.
Figure 2: The three updated practices side by side — classical ITIL 4 logic versus the new AI-extended requirements in ITIL 5.
4. What changes for your roadmap — and what does not
An honest assessment: anyone working solidly on ITIL 4 today does not have to «switch» to ITIL 5 right away. There is no switching in that sense — ITIL is not a software release.
What is worth checking:
Do you have a clear governance structure for AI-supported decisions? If no AI agents are in use yet: the right moment to define that structure is before deployment — not after.
Are you already thinking in products rather than only in services? The new lifecycle makes this distinction explicit. For IT organisations seen internally as a pure service provider, this is a strategic question.
Is governance a cross-cutting theme for you, or an after-the-fact control? ITIL 5 runs governance — and AI governance in particular — across the entire lifecycle, from Discover to Support. Improvement and steering need an institutional home, not just good intentions.
5. Three levers first
ITIL 5 is extensive. For anyone unsure where to start, three concrete entry points help:
- A governance audit for AI decisions. Which processes are already influenced by algorithms or AI tools today? Who carries responsibility for their output? Half an hour with the team is enough to see where the blind spots are.
- Lifecycle mapping of your own services. Which services or products are currently in Transition, which in operation (Operate/Deliver), which should really be retired? The eight-stage lifecycle from Discover to Support is a useful mirror.
- Reworking the value metrics for one practice. Pick a practice — Incident Management is a good choice — and ask: which KPIs really say something about business value today? That is the most concrete way into the logic of ITIL 5.
ITIL 5 is not a leap into the unknown. It is an evolution that addresses the right questions for 2026 — AI governance, product thinking, demonstrable value. Anyone asking these questions today is not «ITIL-5-compliant». They are simply well prepared.
Our practice tip
Do not wait with the governance question until the first AI agent is live in the service desk. Take half an hour with your team and, for every process already touched by an algorithm, answer three questions: Who owns the output? How do we measure its value? Where does autonomous action end? The answers reveal the blind spots — and that is exactly where ITIL 5 steps in.
Author
Florian Nitz
Florian Nitz is a Consultant at Qudits AG and an ITIL 4 Managing Professional. He is responsible for technical and digital projects — from IT service management to the further development of digital platforms — and combines strategic clarity with pragmatic execution.
Author
Thomas Scherzinger
Thomas is Executive Partner at Qudits AG and an ITIL V3 Expert. His focus lies in managing complex IT programmes and projects — particularly in the life sciences — as well as in building and continuously improving IT service management organisations. He develops teams and people with passion.