• Increase System stability, integrity & performance
• Decrease System maintenance, time & effort
• Enhance business alignment and flexibility
• Set availability goals
• Increase user satisfaction and IT staff productivity
• Improve audit and accountability
• Decrease “emergency” fixes
• Eliminate repeat changes
• Decrease risk
• Increase visibility of internal controls
• Integrate with other ITIL Departments
Steps to Implement Change Management
• Extensible Workflow: Robust workflow reinforces a best practices framework by routing each Request for Change (RFC) through a process designed to manage the entire change lifecycle: request, screen, authorize, implement, release, and review.
• User Roles: The creation of configurable roles allows IT decision makers to define responsibilities and access levels, ensuring that team members focus on tasks appropriate to a defined scope and avoid operating at cross purposes - o r beyond their authority.
• Impact Analysis: Resource management functions enable Change Management to forecast change risks for interdependent resources and identify users potentially impacted by a proposed change.
• Notification/Communication: There is a need to enforce notification of relevant decision makers and team members at each step in the change lifecycle and promote communication before, during, and after change, as opposed to under-communicated or after-the-fact discussions typical of unauthorized/unplanned change activities.
• Auditing: Create a change log to track all significant events in the change lifecycle, thereby creating an historical document that can be referenced during the change lifecycle, post-release review, rollback, or for compliance with regulatory legislation such as the Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act (HIPAA), or the Payment Card Industry (PCI) Data Security Standard.
• Measurement: Change management metrics aid IT accountability and visibility by providing detailed measurement of factors such as the number of changes managed; success vs. failure rates; and cost of change.
• Compliance Reporting: Change Management should have detailed reporting capabilities to allow for quick response to requests for insight into change activities by focusing attention on change status, cost, impacted resources, priority/category of change, and change by user or department.
• Overview: Create a Dashboard to provide a detailed overview of the entire change management process, highlighting past and ongoing change activities.
Suggestions for Change Management
• Hold Benchmark sessions for representatives from major functions of IT
• Determine performance issues, frequent outages, length of time for changes to be implemented
• Business Process Evaluation: interview process and functional owners to gain a deeper understanding of IT and business change management processes
• Perform a detailed technology analysis walk-thru for a sample of change throughout the systems to understand how changes are actually implemented - identify strengths and opportunities
• Decide on software - how will Change tickets be opened? (self-service Service Desk)
• Create templates to track changes (place on Intranet) (review changes send on to approval matrix - once approved then on to implementation phase and then scheduled)
• Create approval process flow
• (Endeavor) to validate software packages for errors and to push changes from staging to production (distributed or mainframe)
• Create Flowcharts - Brochure
• Increase Awareness
• Analyze Data - Create Dashboard
• Set up 3x weekly Change Advisory Board meeting (1 day for Internet Hosting)
• Document standardized policies and procedures
• Establish good communication, protocol for notifying end users of change Meet audit and compliance objectives (HITECH, HIPPA concerns?)
• Create reports - Daily, Monthly, Analytic (how many changes were successful, unsuccessful, cancelled, backed-out, etc.)
• Emergency Changes (paging system - needs approval from Manager on Duty and possibly VP)
Additional Facts According to industry surveys
• 80% of IT-related problems that lead to downtime are directly attributable to changes made to the environment.
• SCM and help desk tools, while useful for their intended purpose, lack the multilevel approval workflows, impact analysis tools, and advanced communication features needed to effectively manage change in distributed, high-demand IT environments.
• Frameworks such as the ITIL prescribe approaching change systematically, with emphasis on treating each change as a lifecycle consisting of definable components that are segregated, analyzed, and efficiently executed.
• Levels of Measuring the Maturity of an IT Organization’s Management of Change (Gartner)
Level 0 - Chaotic Use no problem tracking, have ad hoc response methods with heavy reliance on employee knowledge/skill and information communication
Level 1 - Reactive Have a Service Desk and some form of problem tracking (often using a help desk tool); employ root cause analysis
Level 2 - Proactive Enter into service level agreements and use some form of change and configuration management
Level 3 - Service Employ service level management and event correlation, Negotiate, define, and manage the levels of IT services provided to the enterprise
Level 4 Value Act as strategic contributor to business opportunity by leveraging IT resources