It Service Management

Expanded Definition

IT service management, or ITSM, is the operational discipline that turns identity and access policy into a request, approval, fulfilment, and support workflow. In NHI environments, it often becomes the system of record for service account access, credential exceptions, and break-glass approvals, even when the actual secret or token is managed elsewhere.

That distinction matters because ITSM describes the process layer, not the security control itself. A ticket can prove that someone asked for access, but it does not by itself prove the service account was issued with least privilege, rotated on schedule, or retired when no longer needed. Guidance varies across vendors, but the strongest practice is to treat ITSM as an orchestration and evidence layer that feeds identity governance, secret management, and auditability. This lines up with the control logic in NIST Cybersecurity Framework 2.0, which emphasises governed access processes rather than ad hoc fulfilment. The most common misapplication is using ticket closure as proof of secure identity lifecycle completion, which occurs when approvals are recorded but downstream revocation and rotation are not verified.

Examples and Use Cases

Implementing ITSM rigorously often introduces workflow latency, requiring organisations to weigh faster access delivery against stronger approval, traceability, and separation of duties.

• A platform team submits an ITSM request to create a service account for a new payment microservice, and the approval chain requires security review before credentials are issued.
• An operations analyst opens a change ticket to rotate API keys after a suspected exposure, linking the ticket to the remediation steps described in the NHI Lifecycle Management Guide.
• A privileged access exception is granted through ITSM for a temporary integration test, then automatically expires after the maintenance window closes.
• A decommissioning ticket triggers revocation of service account entitlements and downstream secrets cleanup, supporting the lifecycle emphasis in Ultimate Guide to NHIs — Lifecycle Processes for Managing NHIs.
• An audit team pulls ticket history to confirm who approved a high-risk exception, then cross-checks the control expectations in NIST Cybersecurity Framework 2.0.

Why It Matters in NHI Security

ITSM becomes critical in NHI security because it is where human process meets machine identity. If approvals, exceptions, and fulfilment records are incomplete, defenders lose the ability to prove why a service account existed, who authorised it, and whether its access was still justified. That gap is especially dangerous for secrets and service accounts, which NHI Management Group has found are frequently exposed or over-privileged. In the Ultimate Guide to NHIs, 97% of NHIs are reported to carry excessive privileges, and only 5.7% of organisations have full visibility into their service accounts, underscoring how weak process controls become security blind spots.

ITSM also supports governance and audit readiness. The Top 10 NHI Issues makes clear that unmanaged lifecycle steps, poor offboarding, and inconsistent approvals create persistent exposure that security tooling alone cannot repair. Practitioners need to understand ITSM because identity failures often first appear as an incident ticket, an emergency change, or an unreconciled exception, at which point the process itself becomes evidence of what went wrong. Organisations typically encounter the operational impact only after a compromised credential, failed audit, or emergency revocation, at which point IT service management becomes operationally unavoidable to address.

Related resources from NHI Mgmt Group

• Non-Human Identity Access Management
• Service Account Governance
• What is the difference between AI agent security and standard service account management?
• Why do service accounts and workload identities make exposure management harder?