Skip to content
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2026 Signature Events
      • SM Forum: Health & Wellbeing at Work
      • Cyber in ITSM
      • Women in ITSM
      • Digital Transformation Business Simulation (Manchester)
      • ITSM Tooling Case Study Day
      • SM Forum: SIAM
      • XLA26
      • Digital Transformation Business Simulation (Silverstone)
      • ITIL Case Study Day
      • AI in ITSM: does size matter?
      • ITSM26 Conference & Awards
    • Annual Conference and Awards
      • ITSM26 Conference & Awards
      • PSMA26: awarding excellence in ITSM
        • PSMA25 – finalist videos from last year
      • PSMA Roll of Honour
    • Introduction to ITSM Programme
    • Communities of Practice
      • Defence
      • Service Design & Transition
      • Women in ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2026 Signature Events
      • SM Forum: Health & Wellbeing at Work
      • Cyber in ITSM
      • Women in ITSM
      • Digital Transformation Business Simulation (Manchester)
      • ITSM Tooling Case Study Day
      • SM Forum: SIAM
      • XLA26
      • Digital Transformation Business Simulation (Silverstone)
      • ITIL Case Study Day
      • AI in ITSM: does size matter?
      • ITSM26 Conference & Awards
    • Annual Conference and Awards
      • ITSM26 Conference & Awards
      • PSMA26: awarding excellence in ITSM
        • PSMA25 – finalist videos from last year
      • PSMA Roll of Honour
    • Introduction to ITSM Programme
    • Communities of Practice
      • Defence
      • Service Design & Transition
      • Women in ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
Member's Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2026 Signature Events
      • SM Forum: Health & Wellbeing at Work
      • Cyber in ITSM
      • Women in ITSM
      • Digital Transformation Business Simulation (Manchester)
      • ITSM Tooling Case Study Day
      • SM Forum: SIAM
      • XLA26
      • Digital Transformation Business Simulation (Silverstone)
      • ITIL Case Study Day
      • AI in ITSM: does size matter?
      • ITSM26 Conference & Awards
    • Annual Conference and Awards
      • ITSM26 Conference & Awards
      • PSMA26: awarding excellence in ITSM
        • PSMA25 – finalist videos from last year
      • PSMA Roll of Honour
    • Introduction to ITSM Programme
    • Communities of Practice
      • Defence
      • Service Design & Transition
      • Women in ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area
  • Member services
    • Membership Benefits
      • Membership Overview
      • Membership Levels and FAQs
    • Content and Member Resources
    • Maturity Assessment
    • Mentorship Programme
    • PeopleCert CPD Points
    • Professional Skills Management Framework
    • Bookstore
  • Events
    • Events Overview
    • Events Calendar
    • Event Recordings
    • 2026 Signature Events
      • SM Forum: Health & Wellbeing at Work
      • Cyber in ITSM
      • Women in ITSM
      • Digital Transformation Business Simulation (Manchester)
      • ITSM Tooling Case Study Day
      • SM Forum: SIAM
      • XLA26
      • Digital Transformation Business Simulation (Silverstone)
      • ITIL Case Study Day
      • AI in ITSM: does size matter?
      • ITSM26 Conference & Awards
    • Annual Conference and Awards
      • ITSM26 Conference & Awards
      • PSMA26: awarding excellence in ITSM
        • PSMA25 – finalist videos from last year
      • PSMA Roll of Honour
    • Introduction to ITSM Programme
    • Communities of Practice
      • Defence
      • Service Design & Transition
      • Women in ITSM
    • Leadership Council
    • Masterclasses
    • Member Meet-ups
    • Simulations
    • SM Forums
    • Webinars
  • News & Content
    • Blogs and Whitepapers
    • Latest News
    • Monthly Round-up
    • ServiceTalk
    • Content & Member Resources
  • About Us
    • Who We Are
    • Board and Governance
    • Meet the Team
    • Contact Us
    • Terms & Conditions
    • Accessibility
    • Privacy
  • Join Now
  • Member’s Area

Legacy load and tech tangles: understanding debt in ITSM

  • By Faith Thomas and Anthony Steer
  • October 18, 2025

The term ‘technical debt’ was first used by software developer Ward Cunningham in 1992. He used the metaphor of financial debt to describe the ‘interest’ that can be incurred from poor-quality and rushed code and development. Since then, it has evolved to be used in more than just software development.

So, what is debt management from an IT Service Management perspective? How does this align with standard ITIL practices? How can this be defined and managed? And why would we do that (what value will it bring?).

Technical versus legacy debt

Debt from an ITSM perspective can be defined in two distinct ways, technical debt and legacy debt.

  • Technical debt: We have to do it this way for now as a workaround, but we will need to rework it later. Technical debt is created when we choose workarounds instead of systemic solutions that would take longer or use more resource. Taking the shortcut now means we push that work into the future and incur ‘interest’ in the form of additional rework.
  • Legacy debt: This was great when we implemented it, but it’s unsupportable now. Legacy debt is created when configurations, approaches or technologies become problematic or obsolete over time. For example, an operating system goes out of support before it is replaced, an authentication method becomes less secure or useful as technology improves, or a service becomes difficult to manage as technical experts move on. These services and technologies already existed before but, with entropy, they have incurred debt over time.

Debt and risk management

An item of debt is an issue – it exists. Each item of debt will have a risk profile associated with it. For example, a server running on Windows Server 2012 is an issue with limited  support and ability to patch/update. The risk is that that server will have an increasingly vulnerable security profile, which poses risks to the organisation.

So each item of debt will require a risk assessment to ascertain:

  • Likelihood
  • Impact
  • Urgency

How to manage debt

Debt records need to be reviewed and updated throughout their lifecycle as scope, impact and urgency could change over time. A recommended debt process is as follows:

Identifying debt

Technical debt is identifiable as soon as it is created as a conscious decision is made.

Legacy debt can be identified through various methods as it occurs, from vendor notifications, emerging technologies, and staffing entropy. Debt is also identified during the discovery process when reviewing existing technologies.

Recording and categorising debt

It is advisable to embed the debt management process into your ITSM toolset, so that you can ensure a single source of the truth where data related to debt is captured, maintained and monitored. Ideally debt should be:

  • Categorised effectively – legacy versus technical debt, with a source of identification.
  • Prioritised according to impact, likelihood and urgency.
  • Recorded as a cause for incidents.
  • Linked to impacted services and configuration Items.
  • Linked to methods of repayment – design packages, releases, changes and improvements.

Planning debt repayment

Like financial debt, you need to plan and prioritise repayment to incur the least possible interest. There are various places where debt can be factored in:

• During design of a new or replacement service, product, or platform – for example, replacing an on-premise service with an unsupported operating system to the cloud (SaaS or PaaS).

• Building out legacy debt during release – for example, implementing a secure authentication methodology on a new service to be introduced.

• As an improvement made while a service is operational via change control – for example, knowledge acquisition for a service where knowledge gaps were left due to workforce entropy.

It is important that you record these planned repayments within your toolset so that you can monitor its repayment.

Why should we capture and manage debt?

A mature debt management process underpinned by an authoritative source with effective ownership can move the IT function from a reactive to a more proactive stance. Firefighting high-impact incidents or unpicking legacy configurations with limited visibility is expensive with considerable resource overheads, often directly impacting key IT services.

Identifying and eliminating debt will derive real value in:

  • Reducing resource overheads
  • Reducing indirect costs associated with firefighting and implementing short-term workarounds
  • Reducing our exposed security profile
  • Improving user experience.

5 minutes spent designing debt out will save 5 days during release and 5 months in operations.

How does good debt management benefit me?

Effective debt management can help professionals at all levels within the organisation:

Senior leaders and C-suite will have access to information supporting data-driven decisions, giving  them improved oversight and visibility of delivery against the organisation’s strategic goals and objectives.

Subject matter experts in technical, product and innovation teams will be better able to identify and proactively eliminate legacy debt as part of the delivery of new services.

Project managers will be able to utilise data around legacy and technical debt to build into project deliverables that are measurable.

Resource managers will be able to recover time from the workforce by eliminating rework and waste caused by debt.

Service owners will be assisted in the design of new services, ensuring greater quality with reduced operational overheads. They will have visibility of any remaining or introduced debt, enabling them to implement effective workarounds with an improved service to customers.

Service desk will be able to identify root causes and known workarounds for emerging issues caused by recorded debt. They will be able to implement ‘shift-left’ and ‘automation’ to manage these issues and direct to the correct technical experts.

Knowledge managers will benefit from simpler knowledge transfer, with the increased use of standard components.

Governance and process owners will be able to improve governance reviews, utilising data and risk profiles to provide more accurate and targeted feedback, with data-driven decision making that is trackable and can be directly linked to service performance throughout the lifecycle.

Final remarks

Managing debt is not just a matter of good housekeeping, it’s a strategic imperative. When we embed debt identification and repayment into our everyday processes, we shift from reactive firefighting to proactive service management and maturity.

Debt will always exist, but with the right mindset and tooling, we can ensure it is visible, manageable, and ultimately repayable.

Faith Thomas and Anthony Steer

Faith Thomas is Lead IT Service Management Practitioner and Anthony Steer is Lead Design Architect at the University of Birmingham.

Ground Floor South
Burford House
Leppington
Bracknell
Berks RG12 7WW

Tel: +44 (0) 118 918 6500

Linkedin-in Youtube

Disclaimer: Our member environment runs on a separate system. As such, when navigating to member areas on this website you may notice that you are redirected to a different environment.

  • Membership Overview
  • Member Area
  • Events Calendar
  • Board and Governance
  • Latest News
  • Contact Us
  • Membership Overview
  • Member Area
  • Events Calendar
  • Board and Governance
  • Latest News
  • Contact Us
Copyright © 2026 itSMF UK. All rights reserved.
Manage Cookie Consent
We use cookies to optimise our website and our service.
Functional cookies Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}