The CIO Pocket Guide to Internal Developer Portals

As a CIO or IT leader, the need for speed and efficiency is always in tension with governance and compliance requirements. 

Sounds all too familiar – the frustration of slow incident resolution, outdated ownership records and resistance from engineering teams. 

You’ve sunk significant time and effort into implementing your ITSM platforms (such as ServiceNow), yet you struggle with buy-in and adoption from engineering teams. They can’t afford to be throttled any further.

In this blog, lets explore how to use an Internal Developer Portal (IDP) with your existing ITSM solution to handle these challenges and more. By the end, you’ll know how adding an IDP to your toolkit does wonders for unlocking the transparency, efficiency, and collaboration you’re aiming for.

Understanding Internal Developer Portals (IDPs) and IT Service Management (ITSM):

What is an IDP?

An IDP is a tailored experience for engineering—a centralized platform that consolidates tools, entities (microservices, compute, data, networking resources, and more), and information required by developers and engineers to efficiently manage their workflows. IDPs are designed to streamline processes like service ownership, incident response, deployment, and self-service, often integrating with numerous third-party tools used by engineering teams.

Key Features of an IDP:

• Service Ownership Tracking: Provides clear visibility into who owns which service, making it easy to identify the right engineer for collaboration, incident response, on-call tracking, identifying dependencies, and general management of services. 
• Single Source of Truth (SSOT) for Engineering: Integrates with 50+ third-party tools, seamlessly bringing data and insights together to catalog, score, and drive standardization across your multitude of services.
• Developer Self-Service: Allow teams to self-service dev environments, repos, services,  and perform other tasks without requiring extensive IT support.

What is an ITSM?

ITSM platforms like ServiceNow provide a structured approach to managing IT services, including incident management, change management, and configuration management. These platforms are widely adopted across organizations to ensure consistent and reliable IT service delivery.

Key Features of an ITSM:

• Configuration Management Database (CMDB): Maintains a database of configuration items (CIs) that are critical to IT operations.
• Change and Release Management: Manages the lifecycle of IT changes and releases to ensure minimal disruption to services.

Incident and Problem Management: Tracks and resolves IT incidents and problems in a structured manner.

Is your ITSM holding you back?

When CIOs reach out to us, we often find they’re facing similar challenges, such as:

• Digital Modernization and Transformation: Navigating digital transformation or migration projects, implementing self-service tools and automation, and enhancing operational efficiency and reliability.
• Maintaining a Reliable Single Source of Truth (SSOT): Managing a high volume of incidents with slow Mean Time to Recovery (MTTR), scaling DevOps, and improving Developer Experience (DevEx).
• Governance and Compliance: Ensuring compliance with regulatory requirements, defining golden paths, and aligning with standards.
• Collaboration and Integration: Overcoming siloed practices and disjointed experiences.

Consider a recent case where an enterprise-sized business, operating major subsidiaries and employing over 1,300 full-time engineers, was in the middle of a digital transformation. While they enjoyed the benefits of independent deployment and decentralized data management, they also faced challenges from this new operating model.

The CIO was frustrated by a lack of visibility and the slow pace of incident resolution. The team had no effective way to define ownership outside of spreadsheets and manual configuration items (CIs) in ServiceNow, where manual operations left important data prone to becoming outdated. Finding the correct on-call engineer when service ownership wasn’t up to date? 

It took 90 minutes, four phone calls, and ten Slack messages to finally locate the right engineer.

Despite significant investment in an ITSM like ServiceNow, intended to serve as a reliable Single Source of Truth, they struggled with adoption from engineering teams. The tools meant to streamline IT operations required manual data entry from engineers, burdening teams with manual upkeep and additional context switching, restricting their ability to code, create, and innovate.

The gaps in their systems were holding them back.

Visibility and Ownership Management

Current State:

Teams leverage current tools and technology to gather context into the state of systems but struggle to trust reporting due to poor data hygiene–incomplete catalogs and out-of-date ownership.

IDP Advantage:

IDPs provide real-time visibility into the current state of services and can obtain important information such as the current on-call engineer, communication channels, and service ownership. Additionally, because IDPs are built on powerful ecosystems, other critical information is readily available from version control systems, deployment pipelines, and incident management tools. Engineers can see at a glance who is responsible for each service, reducing the time and effort needed to locate service owners during critical incidents. Additionally, teams benefit from auto-discovery, and entity verification, which ensures data is fresh and up-to-date.

ITSM Challenge:

ITSM platforms offer visibility through a CMDB where services and their dependencies are recorded. However, these records can quickly become outdated when relying on custom configuration items (CIs) that require manual updates, leading to challenges in identifying the right service owners during critical incidents.

Recommendation:

For dynamic environments where services frequently change, an IDP is more effective in maintaining up-to-date owner information. ITSM platforms are better suited for environments where service ownership is relatively static and well-documented.

What if you leverage ServiceNow in a dynamic environment?

One of Cortex’s out-of-the-box integrations is for ITSM tools like ServiceNow. In an ideal state, the IDP can bi-directionally sync mission-critical data into the ITSM for reporting, hierarchy, and even approval workflows. [Find out more here.]

Ensuring Compliance with Requirements

Current State:

Teams often use disparate tools and operate in silos, lacking centralized visibility into how IT and engineering efforts align with compliance standards for every service. Projects and initiatives to satisfy technical requirements for compliance are managed in separate tracking systems, creating unnecessary complexity and additional work. This fragmented approach not only leads to inefficiencies but also increases the risk of non-compliance due to inconsistencies and missed updates.

IDP Advantage:

IDPs centralize tools, processes, and information, providing a SSOT for software that aligns IT, security, and engineering teams with compliance standards. By integrating compliance checks and leveraging scorecards directly into the developer workflow, an IDP ensures that every service meets regulatory requirements. Engineers can easily access and verify compliance status within the same environment where they manage other aspects of their services, minimizing chaos and reducing the chances of oversight while streamlining audits.

ITSM Challenge:

ITSM platforms are strong in managing compliance within IT operations but fall short in real-time integration with engineering workflows. Compliance tracking is usually handled in separate modules or even different systems, leading to disjointed visibility and potential gaps in ensuring outputs meet required standards. Additionally, enforcing compliance through ITSM processes, while thorough, can slow down innovation and become a bottleneck in fast-paced environments.

Recommendation:

Integrating an IDP with your ITSM solution can bridge this gap by bringing compliance closer to engineering—into the developer workflow—while maintaining the structured governance provided by your ITSM. Use your ITSM as your source of truth and then use integrations to mirror the data into Cortex so teams can leverage the power of scorecards and initiatives. This ensures that both IT and engineering are aligned with regulatory requirements without compromising on speed or agility.

Golden Paths and Driving Alignment to Standards

Current State:

In many organizations, “golden paths”—the recommended, standardized practices and tools for development and deployment—exist in theory but are not consistently followed. This lack of adherence leads to divergent practices, increasing the risk of errors, reducing efficiency, and making it more difficult to ensure compliance with organizational standards. Without a unified platform to guide and enforce these paths, teams revert to using tools and processes they are most comfortable with, rather than those that are most effective. The result? Information sprawl where every app and service is built differently, and none fully reach the destination at the end of the golden path.

IDP Advantage:

An IDP enforces golden paths by integrating them directly into the development workflow. It provides engineers with predefined templates, configurations, scorecards, and workflows that align with organizational standards, reducing the need for manual intervention and ensuring consistency across all projects. The IDP also offers visibility into deviations from these standards, allowing for quick remediation and alignment. This automation not only drives adherence to best practices but also simplifies onboarding for new engineers, as they can immediately access the standardized tools and processes.

ITSM Challenge:

While ITSM platforms can define and document golden paths, they lack the scorecards and initiatives to enforce these standards directly within the engineering workflow. The result is a reliance on manual processes and audits to ensure compliance, which can be time-consuming and prone to error. ITSM platforms may also struggle to keep pace with the evolving needs of engineering teams, leading to outdated or rigid processes that hinder innovation.

Recommendation:

Leverage the strengths of both platforms by using an IDP to enforce golden paths at the operational level while using your ITSM solution to monitor compliance and manage exceptions. This combination allows you to maintain flexibility in development while ensuring that all teams align with organizational standards. Regular reviews of these paths, facilitated by the integration between IDP and ITSM, ensure that standards remain relevant and effective. Additionally, integrating the IDP and ITSM can provide quick access links from within the ITSM to navigate directly to the IDP, enabling you to investigate how apps are being built and how the engineering workflow aligns with standards.

Incident Response Speed

Current State:

Without an IDP, employees must first gather context before responding to critical incidents. Questions like “Who is the engineer on-call?” “Who owns this service?” and “Which library, package, API, etc., are they using?” are prerequisites to contacting the on-call engineer. These prerequisites can take hours if data is out of date, requiring additional context to be gathered.

IDP Advantage:

By integrating with alerting and monitoring tools, IDPs provide contextual data that allows engineers to quickly identify and resolve incidents. Not only does an IDP gather context from integrated systems, but it also provides a consolidated view for experts to diagnose and troubleshoot incidents faster, significantly reducing mean time to resolution (MTTR).

ITSM Challenge:

ITSM platforms are great at enforcing structured processes for incident resolution, ensuring all steps are documented and followed. While this is crucial for maintaining compliance and governance, it can slow down resolution times, especially when dealing with cross-functional issues that require engineering input.

Recommendation:

The best solution is one where speed and agility are priorities while following structured processes. By utilizing an IDP alongside your ITSM, workflows can automatically create incidents in ServiceNow and provide detailed engineering data from the IDP. This integrated process delivers the best of both worlds, lowering MTTR and saving organizations time and money.

Managing Technical Initiatives

Current State:

Managing technical initiatives—whether they are large-scale migrations, modernization efforts, end-of-life projects, or the rollout of new features—can be challenging when teams operate in silos and use different tools. The lack of a unified platform often leads to miscommunication, delays, and misalignment between IT and engineering goals. Tracking progress, dependencies, and outcomes across disparate systems is not only cumbersome but also increases the risk of project failure.

IDP Advantage:

An IDP provides a centralized platform where all technical initiatives can be tracked, managed, and executed. By integrating with the tools that teams already use, an IDP offers a holistic view of progress across all initiatives, ensuring that everyone is aligned on goals, timelines, and dependencies. This transparency fosters better collaboration between IT and engineering teams and allows for real-time adjustments to keep projects on track. Additionally, the self-service capabilities of an IDP empower teams to quickly spin up environments, deploy changes, and manage resources without waiting for IT approval, thereby accelerating the pace of innovation while operating within IT-approved guidelines.

ITSM Challenge:

ITSM platforms like ServiceNow excel at managing the operational aspects of IT services, but they are often not optimized for the fast-paced, iterative nature of modern engineering initiatives. The structured, process-driven approach of ITSM can slow down projects, particularly when rapid adjustments or approvals are needed. Furthermore, ITSM tools may not integrate seamlessly with the development tools that engineering teams rely on, leading to fragmented views of project progress and outcomes. It’s also important to note that any customization to an ITSM like ServiceNow often requires an extensive project timeline, specialized resources, consulting services, and still may fail to completely meet the needs of engineering teams working closely with IT organizations.

Recommendation:

Use an IDP to drive the day-to-day execution of technical initiatives, ensuring that engineering teams have the tools and visibility they need to stay agile and responsive. Meanwhile, your ITSM platform can handle the overarching governance, risk management, and compliance aspects of these initiatives. By integrating the two, you can ensure that technical initiatives are not only executed efficiently but also align with broader organizational goals and standards. A rising tide lifts all ships, and when you empower an organization with unified visibility of engineering initiatives and regular reporting in the ITSM on project progress and compliance alignment, the organization accelerates together, resulting in higher quality outcomes.

Pricing Comparison

IDP Pricing:

IDPs typically operate on a subscription basis, with pricing tiers based on the number of users on the platform. The total cost of ownership for an IDP includes subscription fees, 50+ pre-built integrations with out-of-the-box functionality that leverages your existing tools, and streamlines efforts to align engineering work, apps, and services with company-wide initiatives, standards, and compliance regulations.

ITSM Pricing:

ITSM platforms like ServiceNow operate on a subscription model, often with pricing tiers based on the number of users, modules, and additional features required. Costs can escalate with the need for customizations, integrations, and specialized support, particularly in larger organizations with complex IT environments. The investment is justified by the platform’s ability to provide robust governance, compliance, and IT service management capabilities across the enterprise. It is recognized, and we agree, that IT operations must be streamlined to scale an enterprise organization.

Value for Money:

IDPs offer excellent value for organizations that prioritize speed, agility, and developer productivity. The value is compounded when you consider the IDP’s ability to streamline workflows, improve service ownership, and integrate with modern development tools, leading to a high ROI, especially in fast-paced or complex engineering environments. Providing unified visibility to engineering empowers teams to score initiatives, measure alignment to standards, and realize the golden path to creating production-ready apps and services with the highest quality. This leads to fewer tickets and faster incident resolution due to the contextual data within. On the other hand, ITSM platforms provide value through their comprehensive approach to IT governance, risk management, and compliance. They are particularly valuable in organizations where maintaining structured, compliant IT operations is critical.

For many organizations, the best approach is to leverage both an IDP and an ITSM platform in tandem. This combination allows for the agility and innovation needed by engineering teams while maintaining the governance and compliance required by IT teams. The key is to evaluate your organization’s specific needs and choose the tools that best align with your operational goals and budget.

Use case scenarios

Easily maintain a reliable Single Source of Truth (SSOT) for engineering

Current State:

Rather than relying on a partial source of truth that becomes stale and outdated due to cumbersome processes, many organizations struggle to keep their data accurate and relevant. The CIO in our earlier example began their digital transformation with the implementation of an ITSM like ServiceNow. They saw it as a prerequisite to their larger transformation because of its ability to create a central system of record, track changes, and automate the triaging and assigning of incidents.

However, as their microservices journey progressed, the team realized that the manual and intensive nature of their ITSM implementation was throttling both IT and engineering teams. The complexity of maintaining accurate records in a rapidly evolving environment led to delays and outdated information.

IDP Advantage:

Cortex is designed to make it easy for engineering and IT teams to maintain up-to-date visibility across their entire technical landscape. Powered by an industry-leading ecosystem of integrations, Cortex connects and analyzes all your data in one place, including integrations with ITSMs like ServiceNow. While ServiceNow captures the line of business, product group, and reporting, Cortex’s IDP allows you to define service ownership, track standards, and unify engineering efforts. This ensures that your SSOT is accurate, relevant, and actionable.

‍

With Cortex, your team can access a customized homepage showing:

• On-call scheduling (PagerDuty)
• Actionable insights that gamify software excellence (Cortex Scorecards)
• Personalized catalog (Cortex Entities)
• Open pull requests (GitHub, GitLab, Azure Devops, etc.)
• Assigned reviews for pull requests (GitHub, GitLab, Azure Devops, etc.)
• Assigned issues (Jira, ClickUp, etc)
• Action items (Defined rules requiring action from Scorecard and Initiatives)
• Entity Verification to ensure team data is up-to-date (Cortex)

By seamlessly integrating with your ITSM, Cortex turns your central system of record into a true single source of truth—one that informs decisions, ensures compliance, and empowers teams to build production-ready software with confidence.

Break down silos and unify IT and engineering under a common language

Current State:

Siloed practices and disjointed experiences between IT and engineering teams often result in misaligned goals and inefficiencies. The lack of a common language and shared tools can lead to misunderstandings, delays, and frustration.

IDP Advantage:

Cortex’s IDP bridges the gap between IT and engineering by providing bi-directional integrations that leverage automation with rich metadata (services, owners, libraries, packages, etc.) to keep both IT and engineering teams aligned. Standards become generally understood, and teams unite under common goals to improve production readiness and strengthen operational practices. This unified approach not only reduces friction but also enhances collaboration across the organization.

Ensure compliance with regulatory requirements

Current State:

Teams often feel overwhelmed and unprepared for audits due to fragmented processes and a lack of centralized visibility into compliance efforts. Managing compliance across disparate systems is challenging, and the risk of non-compliance is ever-present.

IDP Advantage:

Cortex’s IDP empowers engineering teams to create initiatives and scorecards as part of their projects to prepare for audits and establish ongoing compliance practices. By taking input from IT, security, and other stakeholders, the IDP ensures that compliance is easily measured, tracked, and reported on. This proactive approach allows organizations to stay ahead of regulatory requirements and avoid the stress and last-minute scrambles often associated with audits.

Drive golden paths and alignment to standards

Current State:

Without a unified platform to guide and enforce standards, organizations struggle to maintain consistency in how software, resources, APIs, and services are built. This lack of alignment leads to inefficiencies and increased risk.

IDP Advantage:

Cortex’s IDP allows organizations to define, apply, and enforce standards seamlessly across the development process. By automatically assessing alignment in a single view using data from over 50 integrations, the IDP alerts users when actions are needed and tracks progress toward meeting standards. This ensures that software is built according to best practices, with runbooks, rollback plans, and other critical elements incorporated into workflows.

Streamline incident response and reduce MTTR 

Current State:

When incidents arise, valuable time is often wasted gathering important information and context. This delay in response time increases MTTR and can have significant operational impacts.

IDP Advantage:

Gartner’s 2023 Hype Cycle for ITSM highlights the benefits of integrating ITSM with monitoring environments, noting that this convergence results in more productive and seamless incident management practices. Cortex’s IDP, with its deep integration into monitoring and rich contextual data, enforces standards that reduce the number of incidents while providing the information needed to resolve issues quickly. By integrating with ITSM platforms, Cortex ensures that both IT and engineering teams have the tools they need to minimize disruptions and improve overall productivity.

Enhance Developer Experience by freeing engineers from manual tasks and low-value chores

Current State:

Engineers often lose valuable hours to manual, low-value tasks that distract them from their core responsibilities and hinder productivity.

IDP Advantage:

Cortex’s IDP significantly reduces cognitive load by providing powerful dashboards, automated workflows, and self-service capabilities that eliminate the need for manual intervention. Developers can easily onboard, access documentation, and leverage gamification to align with standards, all while reducing context switching. This streamlined experience accelerates time to market and allows engineers to focus on innovation.

Accelerate time to market with self-service and automation while ensuring standards are met

Current State:

The traditional approach to development often involves multiple tickets and approvals, which slow down the process and create bottlenecks.

IDP Advantage:

Cortex’s IDP allows developers to self-service the creation of repos, projects, scorecards, services, and licensing for engineering tools. The Scaffolder feature enables automated workflows for spinning up new services, while auto-discovery ensures Day 1 tracking for all new services. This automation not only accelerates development but also ensures that all standards are met from the start, reducing the need for rework and increasing efficiency.

Pros and cons summary

Conclusion and recommendation

Final verdict:

For CIOs and IT leaders, the decision between an Internal Developer Portal and an ITSM platform should be guided by the specific needs and priorities of the organization.

• If your primary focus is on enabling engineering teams, speeding up incident resolution, and ensuring up-to-date service ownership, an IDP is likely the better choice. Its ability to streamline workflows, provide real-time data, and integrate seamlessly with modern development tools makes it a powerful asset for fast-paced, innovative environments.
• On the other hand, if your organization requires strict governance, compliance, and a well-established IT service management framework, an ITSM platform will provide the structure and control needed to maintain reliable IT operations. ITSM platforms excel in environments where maintaining consistent processes and compliance is paramount.

However, the reality for most organizations is that they need both: the agility and innovation fostered by an IDP, and the governance and compliance ensured by an ITSM. By integrating these two platforms, you can empower your engineering teams while maintaining the structure necessary for reliable IT operations.

Next Steps:

Consider evaluating your organization’s specific needs and priorities. If you’re focused on enhancing collaboration between IT and engineering while maintaining agility in today’s fast-paced environment, an Internal Developer Portal could be the perfect addition for your teams.

Request a demo! Reach out today to see how we can help your organization integrate an IDP with your existing ITSM, and start reaping the benefits of streamlined operations, improved productivity, and enhanced compliance.

Frequently Asked Questions (FAQ)

Can IDPs and ITSMs be used together?  

Yes, IDPs and ITSMs can complement each other, particularly in organizations where both IT governance and developer agility are priorities. Integrating the two provides the best of both worlds, combining the agility of an IDP with the structured governance of an ITSM.

What are the biggest challenges in implementing an IDP?

One of the biggest challenges is dealing with existing information sprawl. Many organizations attempt to manage service ownership and other critical data through spreadsheets and outdated systems before considering an IDP. Implementing an IDP requires initial data cleansing and standardization, but it can quickly help control information sprawl and establish golden paths for production-ready services.

Does an IDP replace my ITSM?  

No, an IDP does not replace your ITSM. Instead, it complements your ITSM by providing real-time, developer-centric tools that streamline workflows and improve agility. The ITSM remains crucial for governance, compliance, and managing IT operations, while the IDP focuses on enhancing engineering productivity and service ownership.

Isn’t it more work to manage information across both systems?  

Not necessarily. While it might seem like managing two systems would increase workload, integrating an IDP with your ITSM can actually reduce manual effort and improve overall efficiency. The IDP automates many of the processes that would otherwise require manual updates in the ITSM, ensuring data is consistent and up-to-date across both platforms.

How does an IDP improve incident resolution speed?  

An IDP improves incident resolution speed by providing real-time visibility into service ownership, on-call schedules, and relevant service data. It integrates with monitoring and alerting tools, consolidating all the information engineers need to diagnose and resolve incidents quickly, thus reducing Mean Time to Resolution (MTTR).

Can an IDP help with compliance and regulatory requirements?  

Yes, an IDP can greatly assist with compliance and regulatory requirements by integrating compliance checks directly into the development workflow. It ensures that all services meet regulatory standards by providing scorecards, automating compliance checks, and making it easier to prepare for audits.

What role does an IDP play in digital transformation?  

An IDP is instrumental in digital transformation by enabling faster development cycles, improving service ownership, and reducing operational friction. It supports modern engineering practices such as DevOps and microservices, making it easier to scale and innovate during a digital transformation.

How does an IDP enforce golden paths and standardization?  

An IDP enforces golden paths by integrating standardized practices directly into the development workflow. It provides predefined templates, configurations, and workflows that align with organizational standards, reducing the need for manual interventions and ensuring consistency across all projects.

Is an IDP only useful for large organizations?  

While an IDP is incredibly beneficial for large organizations with complex environments, it’s also valuable for smaller teams. An IDP helps streamline workflows, improve service ownership, and ensure that even small teams can scale efficiently while maintaining high standards of quality and compliance.

What types of integrations does an IDP typically support?  

IDPs typically support a wide range of integrations, including version control systems (e.g., GitHub, GitLab), CI/CD pipelines, monitoring tools (e.g., PagerDuty, Datadog), ITSM platforms (e.g., ServiceNow), and more. These integrations enable the IDP to act as a central hub, bringing together all the tools, data, and insights engineers need to manage their services effectively.