Download (PPT, 1.11MB)


store.theartofservice.com/itil.html
Change Management ?& ITIL V3

Service Transition

Change Management

The process responsible for controlling the lifecycle of all changes. The primary objective is to enable beneficial changes to be made with minimum disruption to IT Services and the business.

Goal

The goal of Change Management is to:

Respond to the customers changing business requirements while maximizing value and reducing incidents, disruption and re-work.

Respond to the business and IT requests for change that will align the services with the business needs.

Scope

Scope of change and release management for services.

Terminology of Change

Terminology (2)

Policies

Increasing the success rate of changes and releases requires

Executive support for implementing a culture that sets

stakeholder expectation about changes and releases and

reduces unplanned work.

It must be policies and standards defined which make it clear

to the internal and external providers what must be done and

what the consequence of non-adherence to policy will me.

Design & Planning

The Change Management processes should be planned in conjunction with

Release and Configuration Management. This helps the service provider to

evaluate the impact of the change on the current and planned services and

releases. The requirements and design for the Change Management

process include:

Legislation, codes of practice, standards requirements

Approach to eliminating unauthorized change

Identification and classification

Organizational, roles and responsibilities

Stakeholders

Grouping and relating changes

Procedures

Interfaces to other Service Management processes

Approach to interfacing Change, Release and Configuration Management

Types of Change Request

A change request is a formal communication seeking an alteration to

one or more configuration items. This could take several forms e.g.

RFC

Service Desk call

Project Initiation Document.

The organization must ensure that appropriate procedures and forms

are available to cover anticipated requests. Avoiding bureaucracy by

using a standard change procedure and ‘pre’ authorizing minor

changes removes some of the cultural barriers to adopting the

Change Management process.

Change process models and workflows

It is helpful to predefine change process models – and apply them to

appropriate changes when they occur. A process model is a way of

predefining the steps that should be taken to handle a process (in this

case a process for dealing with a particular type of change) in an

agreed way.

Support tools can then be used to manage the required process.

This will ensure that such changes are handled in a predefined path

and to predefined timescales.

Standard Change (pre-authorized)

Approval of each occurrence of a standard change will be granted by the

delegated authority for the standard change, e.g. by the budget holding

customer for installation of software for an approved list on a PC registered

to their organizational unit or by a 3rd party engineer for replacement of a

faulty desktop printer.

The crucial elements of a standard change are:

Defined trigger to initiate RFC

Tasks are well known, documented and proven

Authority is effectively given in advance

Budgetary approval will typically be preordained or within the control of the change requester

Risk is usually low and always well understood.

Remediation Planning

No change should be approved without having explicitly addressed the

question of ‘what do we do if it is not successful?’.

A back-out plan should be created that will restore the organization to the pre

change state, this is often achieved through the reloading of a baselined set

of CI’s.

However, not all changes are reversible, so an alternative approach to

remediation is required. This may involve revisiting the change itself in the

event of failure, or it may be so severe that it requires invocation of the

continuity plan.

Only by considering what remediation option are available before

implementing a change can the risk of the proposed change be determined

and informed decisions taken.

Activities

Creating & Record RFC’s

The change is raised by a request from the initiator – the individual or

organizational group that requires the change.

For a major change with significant organizational and/or financial

implications, a change proposal may be required. This will contain:

full description

business and financial justifications

signed off by relevant members of business management.

Change Logging

All RFC’s received should be logged and allocated to an identification

number.

Where change requests are submitted in response to a trigger such as a

resolution to a Problem Record, it is important that the reference number of

the triggering document is also documented to provide traceability.

Logging of RFC’s should be done by means of an integrated Service

Management tool, capable of storing data on all assets and CI’s and the

relationships between them.

Procedures should specify levels of access and who has access to the

logging system. While any authorized personnel may create, or add reports

of progress to, an RFC only Change Management staff will have permission

to close an RFC.

Review RFC

Procedures should stipulate that, as changes are logged, Change

Management should briefly consider each request and filter out any

that seem to be:

Totally impractical

Repeats of earlier RFC’s

Incomplete submissions.

These should be returned to the initiator, together with brief details of

the reason for rejection, and a record should be entered in the

change log. A right of appeal against rejection should exist, via

normal management channels, and should be incorporated within the

procedures.

Assess & Evaluate

The potential impact on the services of all changes and their

impact on service assets and configurations need to be

considered. The Seven R’s of Change Management provide a

good starting point.

Many organizations develop specific impact assessment forms

to prompt the impact assessors about specific types of change.

This can help with the learning process, particularly for new

services or when implementing a formal impact assessment

step for the first time.

The 7 R’s of Change Management

Who RAISED the change?

What is the REASON for the change?

What is the RETURN required from the change?

What are the RISKS involved in the change?

What RESOURCES are required to deliver the change?

Who is RESPONSIBLE for the build, test and implementation of the change?

What is the RELATIONSHIP between this change and other changes?

Risk Categorization

Evaluation of Change

Based on the impact and risk assessment, and the potential benefits

of the change, each of the assessors should evaluate the information

and indicate whether they support approval of the change.

All members of the change authority should evaluate the change

based on impact, urgency, risk, benefits and costs. Each will then

indicate whether they support approval and be prepared to argue

their case.

Authorizing the Change

Coordinate Change Implementation

Authorized RFC’s should be passed to the relevant technical groups

for building of the changes. It is essential that this is a formal process

so that it can be tracked and reviewed.

Change Management has a responsibility for ensuring changes are

implemented as scheduled. This is a coordination role as the actual

implementation will be completed by other parties.

Remediation procedures will be documented in advance for each

authorized change, this documentation should include who is

responsible for invoking remediation.

Review & Close Change Record

On completion of the change, the results should be reported for

evaluation to the parties responsible for managing changes and then

presented as a completed change for stakeholder agreement.

A review should also include any incidents arising as a result of the

change. If the change is part of a service managed by an external

provider, details of any contractual service targets will be required.

Change Review

This review should be carried out to confirm that:

the change has met its objectives

the initiator and stakeholders are happy with the results

there has been no unexpected side-effects.

Any lessons learned should be fed back into future changes.

CAB

The cab may be asked to consider and recommend the adoption or rejection

of changes appropriate for higher level authorization and then

recommendations will be submitted to the appropriate change authority. To

achieve this the CAB needs to include people with a clear understanding

across a wide range of stakeholder needs. The Change Manger will chair

the CAB, exampled of potential members are:

Customers

User Managers

User group representatives

Applications Developers

Specialist/ technical consultants

Service and operation staff

Facilities/ office service staff

Contractors or 3rd party representatives

Other parties as applicable to specific circumstances.

ECAB

When the need for an emergency change arises it may not be

possible to convent a full CAB, it is necessary to identify a smaller

organization with authority to make emergency decisions. This body

is the Emergency Change Advisory Board (ECAB).

The number of emergency changes proposed should be kept to an

absolute minimum, as they are generally more disruptive and prone

to failure. Defined authorization levels should exist and the levels of

delegated authority must be clearly documented and understood.

Not all emergency changes will require the ECAB involvement, many

may be predictable both in occurrence and resolution and well

understood changes readily available.

Inputs & Outputs

Inputs:

Policy and strategies for change and release

RFC

Change Proposal

Plans e.g. change, transition, release, deployment, test, evaluation and remediation.

Current change schedule

Current assets or configuration items

Test results, test reports and evaluation report

Outputs:

Rejected RFC’s

Approved RFC’s

Change to the services

New, changed or disposed assets and CI’s

Change schedule

Authorized change plans

Change documents and records.

Interfaces with Service Management

The service management processes may require change and

improvements. Many will also be involved in the impact

assessment and implementation of service changes e.g.

Service Asset & Configuration Management

Problem Management

IT Service Continuity Management

Information Security Management

Capacity & Demand Management

Roles, Responsibilities and Skills

Change Manager

Administration of all RFC’s

Prepare RFC’s for CAB meetings, FSC for Service Desk.

Authorize (or reject) changes

CAB

Advises Change Manager on authorization issues for RFC’s with significant or major impact

Release Manager

Manages the release of changes

Advises the Change Manager (as part of CAB) on release issues

Technical specialists

Build and test the actual change

Skills: Business knowledge, technical, project management

Value to business

Reliability and business continuity are essential for the success and survival

of any organization. Service and infrastructure changes can have a negative

impact on the business through service disruption and delay in identifying

business requirements, but Change Management enables the service provider

to add value to the business by:

Prioritizing and responding to business and customer change proposals

Implementing changes that meet the customers’ agreed service requirements while optimizing costs

Contributing to meet governance, legal, contractual and regulatory requirements

Reducing failed changes and therefore service disruption, defects and re-work

Delivering change promptly to meet business timescales

Tracking changes through the service lifecycle and to the assets of its customers

Liaising with business change process to identify opportunities for business improvement.

Key Performance Indicators

Number of changes implemented to services which met the customers agreed requirements

Benefits of change expressed as ‘value of improvement made’ and ‘negative impacts prevented or terminated’ compared with the cost of the change

Reduction in number of disruption to services

Reduction in number of unauthorized changes

Reduction in backlog of RFC’s

Reduction in number and percentage of unplanned changes and emergency fixes

Change success rate

Reduction in number of failed changes

Incidents attributable to changes

Percentage accuracy in change estimate

Challenges

Change in culture

1 central process comes into place that influences everyone’s activities

Bypassing

projects ducking the Change Management planning

Optimal link with Configuration Management

to execute a controlled change all data MUST be reliable

Commitment of the supplier(s) to the process

Commitment of the management

because the Change Manager ultimately decides, ?not the management of the company !!!

store.theartofservice.com/itil.html