Requirements Analysis/Gathering. System Requirements Specification. Software/System Design. Design Specification. Coding. Source Code.
|
|
- Ellen Gaines
- 8 years ago
- Views:
Transcription
1 Change Control and Configuration Management IVT 11 th Annual conference April 2010 DISCLAIMER Amgen is not responsible for the written or verbal bl content t of fthi this presentation tti Gisele Fahmi, B.Eng., M.A.Sc. 1 2 Agenda-Part 1 Definitions and Overview Change Control Configuration Management Change & Configuration Management Relationship IS Change Control/Management Terminology Key Resources Responsibility Type Categories Phases Process Summary Tips Emergency/Urgent Changes Agenda-Part 2 IS Configuration Management Terminology Key Resources Responsibility Phases Process Summary Tool tips Summary Interactive session Useful/Reference Links 3 4 1
2 Definitions and Overview Change Control Change Control/Management is a formal process used to ensure that: Changes to a product or system are introduced in a controlled and coordinated manner It reduces the possibility that unnecessary changes will be introduced d to a system without t forethought, ht introducing faults into the system or undoing changes made by other users of software The goals of a change control procedure usually include: Minimal disruption to services Reduction in back-out activities Cost-effective utilization of resources involved in implementing change Definitions and Overview Change Control Change Management is A structured approach to transitioning individuals, teams, and organizations from a current state to a desired future state (Source: Wikipedia) The process during which the changes of a system are implemented in a controlled manner by following a pre- defined framework/model with, to some extent, reasonable modifications A systematic approach to proposing, evaluating, approving, implementing, and reviewing changes (Source: ICH Q10) 5 6 Definitions and Overview Configuration Management Configuration Management () is a field of management that focuses on Establishing and maintaining consistency of a system's s performance, its functional/physical attributes with its requirements/design, and operational information throughout its life Definitions and Overview Configuration Management Configuration Management is responsible for: Identifying, Controlling, and Tracking all versions of hardware, software, documentation, processes, and procedures under the control of Change Management These items are referred to as Configurations Items (CIs) and all changes to them are recorded and tracked throughout the component lifecycle 7 8 2
3 Definitions and Overview Change & Configuration Management Relationship A CI is an aggregation of hardware or software or both that is designated for Configuration Management and treated as a single entity in the Configuration Management process (Source: IEEE) During the assessment of a proposed change, the Configuration Management process identifies the CIs affected by the Change Change Implementation involves update and verification of impacted CIs and documentation IS Change Control/Management Terminology Baselines: Baselines are the core of Software Change Management (S); they provide a stable platform to work from The Configuration Items that are identified determine the baseline (s) associated with the project 9 10 Change Baseline Scheme Diagram Requirements Analysis/Gathering Design Specification Source Code Software/System Design Testing/Data/Results System Deployed in Production Coding Execution System Requirements Specification Release IS Change Control Terminology Baseline Baseline is a secure specification of the software in the current state: Changes to the baseline can only be made by following strict change control procedures. The baseline must be protected df from any unauthorized changes A new baseline is established for each complete set of approved system changes Each baseline must include a cross-reference, reference, or traceability matrix that maps each design element to their corresponding software requirements
4 IS Change Control Terminology Change: The addition, modification or removal of anything impacting a regulated system. The scope should include all IT Services, Configuration Items, Process, Documentation, etc. Change Record: A Record containing the details of a Change. Change Records should reference the Configuration Items that are affected by the Change The receipt of a change request initiates the lifecycle of a Change Record IS Change Control Terminology Change Control Board (CCB) or Change Advisory Board (CAB): An authoritative and representative group of cross- functional resources people who assist the Change Manager in the assessment; prioritization and scheduling of changes for all high impact Requests for Change (RFCs) They advise Change Management on the priorities of RFCs and propose allocations of resources to implement those Changes A CAB is an integral part of a defined change management process designed to balance the need for change with the need to minimize inherent risks IS Change Control Key Resources Responsibility Determining roles and responsibilities The 4 Ws: who what when hn and why of change IS Change Control Key Resources Responsibility Change Manager () Reviews RFCs to ensure adherence to the Change Management Process Provides guidance and training to s throughout the change control process Accepts or rejects RFCs Plans and chairs the CCB/CAB meetings Closes RFCs upon successful completion of all change related activities
5 IS Change Control Key Resources Responsibility Change Owner () Owns the change throughout its lifecycle Assigns, coordinates, and ensures completion of assessments and approvals and presents proposed changes to the CCB/CAB Creates implementation i and roll back plans Assures that areas affected by the change are notified in advance of the release and verifies successful implementation of the change Assures testing is performed and results are appropriately documented Notifies Change Manager of any unsuccessful changes and takes appropriate measures to remediate/resolve 17 IS Change Control Key Resources Responsibility Change Requester (CR) Collects basic information to initiate the RFC in the change control management system NOTE: Change Requester is the in most cases Business Owner (BO) Accountable for providing a business assessment to support the change Ensures that new system/service requirements are delivered via the change Assures the impact assessment is appropriate and fulfills the business needs 18 IS Change Control Key Resources Responsibility System Owner (SO) Owner of the impacted CI and accountable for providing a technical assessment to support the change Responsible for ensuring a system is designed to meet the business requirements and steady state support Assures the impact assessment and the rollback plan are appropriate within the planned schedule Works with all interdependent System Owners, if applicable, of the RFC CI prior to the change implementation IS Change Control Key Resources Responsibility Quality Approver (QA) Serves as a CCB/CAB member Reviews and approves or rejects RFCs Ensures change content is compliant with the appropriate regulations and procedures Validation Assessor (VA) Serves as a CCB/CAB member Defines validation activities and strategy required Ensures compliance during the change execution Identifies compliance issues, if applicable, that must be resolved before the RFC moves to the next change phase
6 IS Change Control Type Categories Critical Change Significant impact on the functionality, including qualified/validated status of GxP systems Highest risk factor/level and impact to critical business processes and service level This change category requires extensive planning, scheduling since it implies cross system impact The change requires planned outage outside of schedule maintenance window defined for the system Examples: Full version upgrade of a GxP application, involves release of a new GxP application 21 IS Change Control Type Categories Medium Requires substantial resources to plan, build and Change implement Medium risk factor/level and minimal impact to business processes The change does not result in significant functional modifications Changes do not pose significant impact to the validated/qualified status of GxP systems 22 IS Change Control Type Categories Minor Change Minor risk factor/level Planning, scheduling, and activity coordination takes place within one single functional area Only impacts a single system Do not involve a full version upgrade of a GxP application Do not involve a new release of a GxP application IS Change Control Type Categories Standard This change category is governed by a specific Change procedure documented in details for auditing purposes Changes classified under this change type are part of routine/maintenance activities Change does not affect the functionality or validated/qualified status of GxP systems
7 IS Change Control Type Categories Risk factors are determined based on: Number of users Number of system impacted Cross functional/global impact Regulatory status Business activities supported by the system Planned downtime required for implementation/deployment in production Resources required to implement NOTE: Critical and Medium Changes are required to be presented at CCB/CAB meeting. Minor changes are at the discretion of the Change Manager IS Change Control Phases Creating a Change Control Process KIM (Keep In Mind) Documenting the change request life cycle Establishing and communicating change control procedures Facilitating change from requirements through maintenance IS Change Control Phases Initiation Change requester initiates the RFC by recording at a minimum: A A change owner if different from change requester Description of the change CIs impacted by this change Requested completion date The recommended change type category Success criteria of the change Roll back plan A A unique identifier is assigned to every RFC IS Change Control Phases Review/ Change Manager reviews the submitted RFC then rejects/accepts the change based on the Initial completeness of information Authorization If rejected, the Change Manager records the rejection reason and the RFC status is changed to return to the Change Requester If accepted, the confirms the change type and promotes the RFC to the next level/phase The SO and BO provide their initial authorization to the change record For Standard Changes, the promotes the RFC and the can perform the change record phases and proceed to closure
8 IS Change Control Phases Assessment/ assigns the corresponding appropriate Development resources to each required assessment and initiates the assessment phase For Standard Changes, no regulatory assessment nor approval by Quality is required Change Assessors complete the following assessments (refer to next slide): IS Change Control Phases Assessment/ Technical Assessment-SO Development Change Impact: describe changes required to the system design and impact of those Cont d changes on other systems Resource Analysis: estimate the resources needed (Network, Developer with specific skills, etc.) Document Update Plan: identify key change deliverables required but not limited to: Code/design review, Design Specification, Admin SOP, etc IS Change Control Phases IS Change Control Phases Assessment/ Development Cont d Technical Assessment-SO-Cont d Proposed solution/design strategy: Specify technical details of the change and how it is being performed Test plan: testing strategy required to test the change. Includes the rationale for the proposed testing approach Rollback plan: back out plan description in case of a system/change failure Release plan: Implementation schedule, plan and audience to be notified of change release Assessment/ Development Cont d Business Assessment-BO Impact of change: describe the changes needed to support the business process and/or business requirement Resource analysis: analyze what resources are needed to represent the affected business area (s) Document update plan: key change deliverables but not limited to: Requirements Specification, Operations SOP, Training documents Training Plan: specify timeline for roll out of training
9 IS Change Control Phases Assessment/ Validation Assessment-VA Development Validation Impact summary: Impact to the validated state of the system, impact to Validation Cont d docs and SOPs if applicable Document Update Plan Training Plan: Verify if completed via technical or business assessment Test Strategy: Specify environments that need to be tested and types of testing required. Also provide details about what validation documents and SOPs are required. 33 IS Change Control Phases Assessment/ reviews the accuracy of the Development assessments and obtains approvals/assessments for the change before Cont d proceeding (Authorization to proceed requires and/or CAB approval) SO, BO, CAB- -if selected, and Quality complete their assessment authorization The change enters development and is completed per the requirements and design changes Development summary is documented in the change record Note: CAB includes: technical/business/compliance members 34 IS Change Control Phases IS Change Control Phases Test/Approval to Implement Record test results in the test summary of the change record Required documentation needs to be complete prior to proceeding with CAB approval (i.e. Test results summary recorded and documented in the change record) organizes and presents test results at CAB CAB release approval obtained; then BO, SO, Quality provide their release approval Release/ Deployment After change is approved for release, coordinates change deployment in production ensures release package is scheduled and activities required for release are complete Change is released into production
10 IS Change Control Phases IS Change Control Assessment Matrix Based on Change Type Closure reviews the post-implementation package to ensure the change record is complete closes the change record Change Type Minimum Required Assessments Technical Assessment Business Assessment Regulatory Assessment Regulatory Critical Medium Regulatory Minor Required Required Required N/A Required Required Standard N/A N/A N/A Signature Authorization to proceed Change Type (Regulated) Critical Medium Minor Standard Initiation IS Change Control Process Summary Change control Phases (with Authorizations, Assessments, Tasks, Approvals, and Roles) Review& Assessment Validation Assessment Development Test/Approval Release Release & Initial Assessment Authorization to implement Approval deployment Authorization Authorizations Tasks Tasks Authorizations Tasks Tasks Approvals Tasks Tech-SO Bus-BO Tech-SO Bus-BO Tech-SO Tech-SO Tech-SO Bus-BO Tech-SO Bus-BO Tech-SO Initiate RFC Request- Validation- VA Quality QA Quality QA Quality QA Development Summary- Development Summary- Development Summary- Test Summary- Test Summary- Test Summary- Close RFC- CAB- Tech- SO Bus- BO CAB- CAB- Tech- SO Bus- BO CAB- N/A N/A N/A N/A N/A N/A Quality QA Quality QA Quality QA 39 Closure Tech- SO Tech- SO Bus- BO Bus- BO Initiate RFC Request- Validation- VA Release Verification- IS Change Control Tips Release Verification- Close RFC- Tech- SO Tech- SO Initiate RFC Request- Validation- VA CAB- CAB- Release Verification- Close RFC- Initiate RFC Request- Release Verification- Close RFC- Before implementing any change it is recommended: To have an informal review involving target resources to be impacted by the change (SO, BO, etc.) Review the impact of the change requested. It is not always necessary to apply the change (e.g. it may be a nice-to- have low priority request) Perform an analysis and assessment of the technical proposal of how the requested change will be engineered Review the cost and resource estimates in case further steps are required BENEFIT: Perform the above steps early to identify potential cost/time savings by incorporating into a subsequent release
11 IS Change Control - Emergency/Urgent Changes Definition: Emergency Changes relate to immediate resolution of a known production incident where an outage of a system, application or other service component has occurred Emergency Changes must be associated with a high priority incident 41 IS Change Control - Emergency/Urgent Changes Emergency Process Description: 1. The Change Requestor initiates the RFC: Unless a delay in action would create a major business impact (e.g., potential loss of product, unrestricted spread of a computer virus) If an RFC cannot be created, obtain an emergency change approval from the SO, BO or CAB member before proceeding. This approval can be obtained verbally, followed by an within 24 hours which will be provided to the Change Manager and attached to the to-be change record Initiate an RFC within 1 business day of performing the emergency remediation 42 IS Change Control - Emergency/Urgent Changes Emergency Process Description-Cont d: 2. The RFC is reviewed by the Change Manager to ensure the required information has been recorded. dd The RFCi is either ih accepted or rejected based on the outcome of the review 3. A change record is created 4. The Change Manager obtains approval/rejection from the SO, BO or CAB member. The Change Manager updates the change record per the decision. This approval can be obtained verbally. 43 IS Change Control - Emergency/Urgent Changes Emergency Process Description-Cont d: 5. The Change is deployed. Ensure that documented evidence of the change is maintained and attached to the change record 6. The Change Owner will notify impacted parties (including Quality for Regulated CIs) within 1 business day of the emergency 7. The remaining tasks in the change record must be executed within 1 month after the release of the change 44 11
12 IS Configuration Management Terminology Configuration Management Database: A DB is a repository of information related to all the components of an information system A DB helps an organization understand the relationships between the system components by recording configuration items (CI) and details about the important attributes and relationships between CIs IS Configuration Management Terminology Cont d Configuration Management System (S): A set of tools and databases used to manage configuration data. A S is maintained by a configuration management process Configuration Item (CI): An object that is treated as a self-contained unit for the purposes of identification and change control. All configuration items (CIs) are uniquely identified by codes and version numbers IS Configuration Management Terminology Cont d Configuration Management oversees the lifecycle of the CIs through a combination of processes and tools The objective of these systems is to avoid the introduction of errors related to lack of testing or incompatibilities with other CIs IS Configuration Management Terminology Cont d From the perspective of the implementer of a change, the configuration item is the "what" of the change. Altering a specific baseline version of a configuration item creates a new baseline version of the same configuration item In examining the effect of a change, first consider: What configuration items are affected? and How have the configuration items been affected? The above considerations are part of the change management impact analysis
13 IS Configuration Management Terminology Cont d 1. Examples of CI attributes/properties/specifications in scope for the S include (but not limited to): CI Name: Application/System name CI Classification: Business Application: collection of components deployed and assigned a version number Business System: group of interdependent applications and other system resources that interact to accomplish specific business functions Business Service: service delivered to business customers Business Process: a system or procedure that an organization uses to support a business service Infrastructure software and hardware IS Configuration Management Terminology Cont d 2. Software version number 3. Validation, Qualification or N/A 4. SOPs 5. System Owner name 6. Business Owner name Examples of CIs excluded from tracking: laptops/desktops/end user assets (cell phones, memory sticks, etc.) IS Configuration Management Key Resources Responsibility CI Owner: = System Owner Configuration Auditor Plans and executes audit of configuration data Identifies unauthorized configuration information Undertakes audits of configuration information Note: configuration auditor will not audit his/her own changes IS Configuration Management Key Resources Responsibility Configuration Librarian: Guardian of master copies of CIs Updates CIs based on Update CIs requests submitted by Configuration Requester Creates new CIs based on Create CIs requests submitted by Configuration Requester Responsible for accuracy of configuration items and associated attributes Generates configuration reports Accepts and records the receipt of new/revised configurations
14 IS Configuration Management Key Resources Responsibility Configuration Manager (): Responsible for day to day quality and integrity of Configuration Management and process. Represents the site/functional area for the enterprise configuration management process Facilitates resolution of issues with items not complying with the process Supports the process for ensuring accuracy of DB entries throughout the lifecycle of the systems tracked as CIs in the DB Acts as point of contact for system owners Performs reviews at defined interval to ensure the logical depiction in the DB reflects the actual physical environment 53 IS Configuration Management Key Resources Responsibility Configuration Requestor: Submits change requests for updates to CIs discovered during an incident, problem resolution, or change Submits change requests for creation of new CIs 54 IS Config. Management Phases The High level tasks of Configuration Management are: Identification of configuration items to be included in the DB Control of data to ensure that it can only be changed by authorized individuals Status maintenance, which involves ensuring that current status of any CI is consistently recorded and kept updated Verification, through audits and reviews of the data to ensure that it is accurate Submit Config. Request IS Config Management Phases The Configuration Requester submits a request for new or updated configuration items or for a service including: Configuration item (CI) field attributes Configuration g model CI types, attributes, or relationships Reports of status or details on one or more CIs The Configuration Librarian verifies the request. If authorized/appropriate, the Configuration Librarian proceeds. If rejected, communicate the reason of rejection to the Configuration Requester
15 IS Config. Management Phases Report The Configuration Librarian CIs Retrieves the required information from the Configuration Management System Delivers the report to the Configuration Requester Identify CIs IS Config. Management Phases For new or revised CIs: The Configuration Librarian identifies CI types and assesses impact to S The Configuration Librarian identifies the business reason for the Change and submits a Change Request If the change request is approved, the CI type is created/enabled within the S (including attributes and relationships to be tracked) If the change request is rejected the change requestor is notified and the change is closed IS Config. Management Phases Control The Configuration Librarian creates new CIs CIs, updates CI information or makes a CI obsolete based on information provided by the Configuration Requester. IS Config. Management Phases Review The Configuration Manager performs verifications CIs that check the existence of CIs and confirm that CIs are correctly recorded in the S: The Configuration Manager initiates a periodic verification to confirm integrity of the S for their functional area or site The Configuration Manager summarizes CI variances (i.e., what is in the S vs. what was expected to be in it) in the configuration report If Configuration Item errors are discovered, submit a change request to have the errors corrected. The Configuration Manager is responsible for any necessary corrective action
16 IS Config. Management Phases IS Config. Management Process Summary Review CIs The Configuration Manager submits the configuration verification reports to the Configuration requestor and other appropriate technical, business or compliance areas IS Config. Management Tool Tips Some of the existing tools are very configurable Recommendations: Examine the capabilities and limitations of each tool Identify the Configuration Management needs of your organization by: Investigating and discussing process with configuration team Presenting the tools and capabilities and compare against your organization s needs 63 IS Config. Management Tool Tips Determine how your existing configuration management process will change to accommodate the chosen tool Identify and document the impact and ensure all key resources are on board An example of a Change and Configuration Management tool is IBM s Tivoli Change and Configuration Management Database. The low level component of CDB is called Tivoli Application Dependency Discovery Manager (TADDM in short) 64 16
17 Summary DB acts as a historical record for all changes to the environment. Once the CIs are logged in the DB, they cannot be modified without following the change management process Change and configuration work hand in hand to ensure that an accurate, controlled and complete picture of the system is available Ownership: ensure there is ownership of each part of the configuration management process for DB to be properly maintained Only authorized personnel can modify the DB depending on their role and access privileges Interactive Session Classify the Change Control type Discuss the potential impact Identify the Config Management Process to follow Identify the required resources to complete the Change Control to deployment Identify the steps required for completion and closure of the Change Control Useful/Reference Links mplianceregulatoryinformation/guidances/u pdf en/change_record.htm en/change.htm us/library/cc aspx asp 67 Useful/Reference Links Guidelines for Configuration Management: IEEE Std IEEE Guide to Software Configuration Management MIL-HDBK-61A NFIGURATION MANAGEMENT GUIDANCE (7 February 2001) 68 17
ITIL Version 3.0 (V.3) Service Transition Guidelines By Braun Tacon
ITIL Version 3.0 (V.3) Service Transition Guidelines By Braun Tacon Executive Summary: This document is seven pages. Page one is informational/background only. What follows over the next six pages are
More informationPage 1 of 8. Any change, which meets the following criteria, will be managed using IM/IT Change Management Process.
Page 1 of 8 1. Introduction This policy describes the Authority s Information Management/Information Technology (IM/IT) change management procedures. IM/IT manages changes to applications, infrastructure
More informationChris Day, Acting Director of IT Services C Day. Configuration Manager Change Manager Change Assessors Change Implementers
Standard Operating Procedures (SOP) for: Configuration Management and Change Control SOP Number: DG25 Version Number: 1 Effective Date: 14/07/2014 Review Date: 14/07/2015 Author: Reviewer: Authorisation:
More informationYale University Change Management Process Guide
Yale University Management Process Guide Yale University Management Process 1 of 29 Table of Contents Introduction... 3 Purpose... 3 Scope... 3 Management Overview... 3 Management Key Concepts... 4 Management
More informationWhite Paper August 2006. BMC Best Practice Process Flows for ITIL Change Management
White Paper August 2006 BMC Best Practice Process Flows for ITIL Change Management Copyright 1991 2006 BMC Software, Inc. All rights reserved. BMC, the BMC logo, all other BMC product or service names,
More informationITIL Essentials Study Guide
ITIL Essentials Study Guide Introduction Service Support Functions: Service Desk Incident Management Problem Management Change Management Configuration Management Release Management Service Delivery Functions:
More informationCCIT Change Management Procedures & Documentation
CCIT Change Management Procedures & Documentation 1.0 Introduction A major challenge within any organization is the ability to manage change. This process is even more difficult within an IT organization.
More informationTechExcel. ITIL Process Guide. Sample Project for Incident Management, Change Management, and Problem Management. Certified
TechExcel ITIL Process Guide Sample Project for Incident Management, Management, and Problem Management. Certified Incident Management Red Arrows indicate that the transition is done automatically using
More informationRelease Management Policy Aspen Marketing Services Version 1.1
Release Management Policy Version 1.1 John Toso 5/10/2010 2 Contents Release Management Policy Overview:... 3 Critical Success Factors... 3 Service Level Management (SLM)... 4 Key Performance Indicators:...
More informationIntegration Technologies Group (ITG) ITIL V3 Service Asset and Configuration Management Assessment Robert R. Vespe Page 1 of 19
Service Asset and Configuration 1. Does the tool facilitate the registration and management of an organization s logical, physical and virtual Configuration Items (CIs)? For example, services, systems,
More informationHP Change Configuration and Release Management (CCRM) Solution
HP Change Configuration and Release Management (CCRM) Solution HP Service Manager, HP Release Control, and HP Universal CMDB For the Windows Operating System Software Version: 9.30 Concept Guide Document
More informationHP Service Manager. Process Designer Content Pack 9.30.1. Processes and Best Practices Guide
HP Service Manager Process Designer Content Pack 9.30.1 Processes and Best Practices Guide Document Release Date: June, 2012 Software Release Date: June, 2012 1 Legal Notices Warranty The only warranties
More informationITIL A guide to service asset and configuration management
ITIL A guide to service asset and configuration management The goal of service asset and configuration management The goals of configuration management are to: Support many of the ITIL processes by providing
More informationImplementing Change Management in a Regulated Environment
Implementing Change Management in a Regulated Environment Valerie Arraj Managing Director Session 227 Compliance Process Partners Service Management-focused consulting, automation and training organization
More informationCONFIGURATION MANAGEMENT PLAN
CONFIGURATION MANAGEMENT PLAN Integrated Procurement System U.S. Election Commission i CONFIGURATION MANAGEMENT PLAN TABLE OF CONTENTS Page # 1.0 CONFIGURATION CONTROL...3 1.1 Change Control Board (CCB)...3
More informationCHG-11-G-001 Does the tool use ITIL 2011 Edition process terms and align to ITIL 2011 N/A. Edition workflows and process integrations?
Purpose: [C]ontrol the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services. (ST 4.2.1) Activities include: Assessing the impact of business change on
More informationSOFTWARE CONFIGURATION MANAGEMENT GUIDEBOOK
Office of Safety and Mission Assurance NASA-GB-9503 SOFTWARE CONFIGURATION MANAGEMENT GUIDEBOOK AUGUST 1995 National Aeronautics and Space Administration Washington, D.C. 20546 PREFACE The growth in cost
More informationProcess Guide. Release Management. Service Improvement Program (SIP)
Process Guide Release Service Improvement Program (SIP) i Table of Contents Process Guide Release Document Information... 3 Approval... 4 Section 1: Process Vision... 6 Overview... 6 Process Mission and
More informationAn ITIL Perspective for Storage Resource Management
An ITIL Perspective for Storage Resource Management BJ Klingenberg, IBM Greg Van Hise, IBM Abstract Providing an ITIL perspective to storage resource management supports the consistent integration of storage
More informationITIL v3. Service Management
ITIL v3 1 as a Practice ITIL = IT Infrastructure Library Set of books giving guidance on the provision of quality IT services Common language Best practices in delivery of IT services Not standards! Platform
More informationHow To Manage Change Management At Uni
Change Management Process VERSION 1.0 Version Date: 1 May 2006 Table of Revisions REVISION NUMBER DESCRIPTION OF CHANGES (PARAGRAPH AND OR SECTION NUMBERS FOR REVISION TRACKING) DATE OF CHANGE REVIEWED
More informationThe purpose of this document is to define the Change Management policies for use across UIT.
UNIVERSITY OF UTAH - IT OPERATIONS POLICY UIT CHANGE MANAGEMENT POLICY Chapter or Section: Information Technology ID SOP-CNFM.001 UIT Configuration Management Policy Rev Date Author Change 4.4 9/29/11
More informationCommonwealth of Massachusetts IT Consolidation Phase 2. ITIL Process Flows
Commonwealth of Massachusetts IT Consolidation Phase 2 ITIL Process Flows August 25, 2009 SERVICE DESK STRUCTURE Service Desk: A Service Desk is a functional unit made up of a dedicated number of staff
More informationOverview of Service Support & Service
Overview of Service Support & Service Delivery Functions ITIL Service Support / Delivery- 1 Service Delivery Functions Availability Management IT Services Continuity Management Capacity Management Financial
More informationITIL Roles Descriptions
ITIL Roles s Role Process Liaison Incident Analyst Operations Assurance Analyst Infrastructure Solution Architect Problem Manager Problem Owner Change Manager Change Owner CAB Member Release Analyst Test
More informationChange Submitter: The person or business requesting or filing the Request For Change (RFC) notice.
ROLES, RESPONSIBILITIES, PROCEDUREs Change Submitter: The person or business requesting or filing the Request For Change (RFC) notice. IT Operations Change Manager: The steward of the Change Management
More informationIntroduction... 4. Purpose... 4 Scope... 4 Manitoba ehealth Change Management... 4 Icons... 4. RFC Procedures... 5
Remedy Change Management Version 3.0 Modified: 10/27/2015 Table of Contents Introduction... 4 Purpose... 4 Scope... 4 Manitoba ehealth Change Management... 4 Icons... 4 RFC Procedures... 5 Process Flow
More informationITSM Process Description
ITSM Process Description Office of Information Technology Incident Management 1 Table of Contents Table of Contents 1. Introduction 2. Incident Management Goals, Objectives, CSFs and KPIs 3. Incident Management
More informationChange Management Living with Change
Change Management Living with Change Introduction Neil Thomas Industry experience in IT & IT support ITIL Vendor Product Management ITIL Consulting Specialised in Service Catalog & CMDB Introduction Fully
More informationhi Information Technologies Change Management Standard
hi Information Technologies Change Management Standard Classification Service Delivery Standard # SVD-002 Approval Authority Chief Information Officer Implementation Authority Director, Service Delivery
More informationDepartment of Administration Portfolio Management System 1.3 June 30, 2010
E 06/ 30/ 2010 EX AM PL 1. 3 06/ 28/ 2010 06/ 24/ 2010 06/ 23/ 2010 06/ 15/ 2010 06/ 18/ 2010 Portfolio System 1.3 June 30, 2010 Contents Section 1. Project Overview... 1 1.1 Project Description... 1 1.2
More informationDomain 1 The Process of Auditing Information Systems
Certified Information Systems Auditor (CISA ) Certification Course Description Our 5-day ISACA Certified Information Systems Auditor (CISA) training course equips information professionals with the knowledge
More informationService Transition. ITIL is a registered trade mark of AXELOS Limited.. The Swirl logo is a trade mark of AXELOS Limited.. 1
Service Transition ITIL is a registered trade mark of AXELOS Limited.. The Swirl logo is a trade mark of AXELOS Limited.. 1 Lesson Objectives Service Transition - Introduction - Purpose and Objectives
More informationSoftware and Hardware Configuration Management
DOWNLOADED AND/OR HARD COPY UNCONTROLLED Verify that this is the correct version before use. AUTHORITY DATE Jeffrey Northey (original signature on file) IMS Manager 07/09/2014 Doug Dorrer (original signature
More informationájoƒ ùdg á«hô dg áµلªÿg Yesser Overall SDLC Process Definition
ájoƒ ùdg á«hô dg áµلªÿg Yesser Overall SDLC Process Definition Version 0.6 - Page 3 / 43 Table of Contents 1. Process Introduction... 5 1.1. Process Scope... 5 1.2. Process Objectives and Benefits... 5
More informationCHAPTER 7 Software Configuration Management
CHAPTER 7 Software Configuration Management ACRONYMS CCB CM FCA MTBF PCA SCCB SCI SCM SCMP SCR SCSA SEI/CMMI SQA SRS USNRC INTRODUCTION Configuration Control Board Configuration Management Functional Configuration
More informationProcess Description Change Management
Process Description Change Management Version 4.1 April, 2013 Document Change Control Version # Date of Issue Author(s) Brief Description 1.0 3/8/13 J.Worthington Initial Draft 2.0 3/25/13 J.Worthington
More informationNSSC Enterprise Service Desk Configuration Management Database (CMDB) Configuration Management Service Delivery Guide
National Aeronautics and Space Administration NASA Shared Services Center Stennis Space Center, MS 39529-6000 www.nssc.nasa.gov NASA Shared Services Center Version 1.0 NSSC Enterprise Service Desk Configuration
More informationITIL Introducing service transition
ITIL Introducing service transition The goals of service transition Aligning the new or changed service with the organisational requirements and organisational operations Plan and manage the capacity and
More informationEastern Illinois University EISE Configuration Management Plan
Eastern Illinois University EISE Configuration Management Prepared by: Bill Witsman Version: 10.0 Create Date: April 13, 2005 Approval Date: Last Revision Date: December 17, 2009 CM Analyst: Project Manager:
More informationHUIT Change Management with ServiceNow. itsm@harvard.edu September 2013
HUIT Change Management with ServiceNow itsm@harvard.edu September 2013 Module 1: Basic Training - Change Requester/Implementer Change Management with ServiceNow Agenda Session Overview HUIT Change Management
More informationICS Operations & Policies Manual. For State Agencies Providing and Using Consolidated Services
2010 ICS Operations & Policies Manual For State Agencies Providing and Using Consolidated Services This manual is intended to be an Idaho state operations process framework based on the Information Technology
More informationITSM Maturity Model. 1- Ad Hoc 2 - Repeatable 3 - Defined 4 - Managed 5 - Optimizing No standardized incident management process exists
Incident ITSM Maturity Model 1- Ad Hoc 2 - Repeatable 3 - Defined 4 - Managed 5 - Optimizing No standardized incident process exists Incident policies governing incident Incident urgency, impact and priority
More informationITIL A guide to release and deployment management
ITIL A guide to release and deployment management The goal of release and deployment management Release and deployment management aims to build, test and deliver services to the customers specified by
More informationOperational Change Control Best Practices
The PROJECT PERFECT White Paper Collection The Project Perfect White Paper Collection Operational Change Control Best Practices Byron Love, MBA, PMP, CEC, IT Project+, MCDBA Internosis, Inc Executive Summary
More informationGeneral Platform Criterion Assessment Question
Purpose: [E]nsure that the assets required to deliver services are properly controlled, and that accurate and reliable information about those assets is available when and where it is needed. (ST 4.3.1)
More informationINFORMATION TECHNOLOGY SERVICES IT CHANGE MANAGEMENT POLICY & PROCESS
INFORMATION TECHNOLOGY SERVICES IT CHANGE MANAGEMENT POLICY & PROCESS Revised: 12/5/2011 Table of Contents Overview... 3 Roles and Responsibilities... 4 Management Process Definition... 6 Management Process
More informationConfiguration control ensures that any changes to CIs are authorized and implemented in a controlled manner.
ITIL Intermediate Capability Stream: RELEASE CONTROL AND VALIDATION (RCV) CERTIFICATE SCENARIO BOOKLET Scenario One A global company develops its own applications to support the business. The service transition
More informationChange Management Policy
Change Management Policy Change management refers to a formal process for making changes to IT services. The goal of change management is to increase awareness and understanding of proposed changes across
More informationInfrastructure Change Management. The process and procedures for all changes to the live environment
Infrastructure Change Management The process and procedures for all changes to the live environment Version 4.1 October 2012 1.0 Introduction... 3 2.0 The Change Process... 4 2.1 Why raise a change?...
More informationService Support. 2005 Kasse Initiatives, LLC. ITIL Configuration Management - 1. version 2.0
Service Support Configuration Management ITIL Configuration Management - 1 Goals of Configuration Management The goals of Configuration Management are to: Account for all the IT assets and configurations
More informationDeploying the CMDB for Change & Configuration Management
WHITE PAPER: CMDB, CHANGE & CONFIGURATION MANAGEMENT Deploying the CMDB for Change & Configuration Management MAY 2007 CA and BearingPoint Table of Contents Executive Summary SECTION 1 2 Pressures on IT
More informationChecklist. Standard for Medical Laboratory
Checklist Standard for Medical Laboratory Name of hospital..name of Laboratory..... Name. Position / Title...... DD/MM/YY.Revision... 1. Organization and Management 1. Laboratory shall have the organizational
More informationAchieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations
Achieving Control: The Four Critical Success Factors of Change Management Technology Concepts & Business Considerations T e c h n i c a l W H I T E P A P E R Table of Contents Executive Summary...........................................................
More informationITIL Example change management procedure
ITIL Example change management procedure An example change process diagram Change Intiators outside IT (users/customers/supplier/etc.) Change Initiators IT SERVICE DESK Filters change requests RFC REJECT
More informationSoftware Quality Subcontractor Survey Questionnaire INSTRUCTIONS FOR PURCHASE ORDER ATTACHMENT Q-201
PURCHASE ORDER ATTACHMENT Q-201A Software Quality Subcontractor Survey Questionnaire INSTRUCTIONS FOR PURCHASE ORDER ATTACHMENT Q-201 1. A qualified employee shall be selected by the Software Quality Manager
More informationWhite Paper November 2006. BMC Best Practice Process Flows for Asset Management and ITIL Configuration Management
White Paper November 2006 BMC Best Practice Process Flows for Asset and ITIL Configuration Copyright 2006 BMC Software, Inc. All rights reserved. BMC, the BMC logo, all other BMC product or service names,
More informationChange Management. Bizagi Suite
Change Management Bizagi Suite Change Management 2 Table of Contents Change Management... 5 Process Elements... 6 RFC Entering... 6 Enter RFC... 6 Technical Review Required?... 9 Technical Review and Sign
More informationConfiguration Management
Configuration Management ProPath Office of Information and Technology Table of Contents Configuration Management Process Map... 1 Process: Configuration Management... 2 Configuration Management Description
More informationConfiguration Management. Process Guide
Configuration Management Process Guide Table of Contents 1. PREFACE... 3 2. MISSION... 5 3. OBJECTIVES... 6 3.1 INTRODUCTION... 6 3.2 DEFINITIONS... 6 3.3 OBJECTIVES... 6 4. GUIDING PRINCIPLES... 9 4.1
More information8. Master Test Plan (MTP)
8. Master Test Plan (MTP) The purpose of the Master Test Plan (MTP) is to provide an overall test planning and test management document for multiple levels of test (either within one project or across
More informationIT SERVICE MANAGEMENT POLICY MANUAL
IT SERVICE MANAGEMENT POLICY MANUAL Version - 1.0 SATYAM COMPUTER SERVICES LIMITED Satyam Infocity Unit 12, Plot No. 35/36 Hi-tech City layout Survey No. 64 Madhapur Hyderabad - 500 081 Andhra Pradesh
More informationSACM and CMDB Strategy and Roadmap. David Lowe ActionableITSM.com March 20, 2012
SACM and CMDB Strategy and Roadmap David Lowe ActionableITSM.com March 20, 2012 Disclaimer The strategy and roadmap information presented here is generic by nature and based on a highly hypothetical use
More informationChange Management. Service Excellence Suite. Users Guide. Service Management and Service-now
Change Management Users Guide Service Management and Service-now Service Excellence Suite Table of Contents Introduction... 3 Overview and Objectives... 4 Overview... 4 Objectives... 4 Primary Benefits
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationConfiguration & Build Management
Object-Oriented Software Engineering Using UML, Patterns, and Java Configuration & Build Management Outline of the Lecture Purpose of Software Configuration Management (SCM) Some Terminology Software Configuration
More informationFlorida Courts efiling Authority. User Forum Policy. Page 1 of 11 DRAFT
Florida Courts efiling Authority User Forum Policy Page 1 of 11 DRAFT Introduction In conjunction with the Chief Justice and the Supreme Court, the Florida Courts E-Filing Authority was established in
More informationGENERAL PLATFORM CRITERIA. General Platform Criterion Assessment Question
GENERAL PLATFORM CRITERIA SACM-V3-G-001 Comment: Does the tool use ITIL V3 process terms and align to ITIL V3 workflows and process integrations? SACM-V3-G-002 (OGC ISS 5.1.10) Access Controls Does the
More informationIT General Controls Domain COBIT Domain Control Objective Control Activity Test Plan Test of Controls Results
Acquire or develop application systems software Controls provide reasonable assurance that application and system software is acquired or developed that effectively supports financial reporting requirements.
More informationUniversity of Waikato Change Management Process
1. Overview Information Technology Services and the Faculty and Division ICT staff have adopted the Information Technology Infrastructure Library (ITIL) systems management framework as its model for best
More informationITIL by Test-king. Exam code: ITIL-F. Exam name: ITIL Foundation. Version 15.0
ITIL by Test-king Number: ITIL-F Passing Score: 800 Time Limit: 120 min File Version: 15.0 Sections 1. Service Management as a practice 2. The Service Lifecycle 3. Generic concepts and definitions 4. Key
More information5 FAH-5 H-520 LIFE CYCLE MANAGEMENT
5 FAH-5 H-520 LIFE CYCLE MANAGEMENT (CT:ITS-5; 02-05-2013) (Office of Origin: (IRM/BMP/SPO/PM) 5 FAH-5 H-521 CONFIGURATION MANAGEMENT REQUIREMENTS Configuration management (CM) is a function deployed throughout
More informationIntroduction. What is ITIL? Automation Centre. Tracker Suite and ITIL
1 Introduction The Information Technology Infrastructure Library (ITIL) aims to improve the management of IT services within the organization, for lowered costs, improved efficiency and productivity. But
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework Information Security Agenda 1 Manage security policy 2 Information security management system procedure Agenda 3 Manage
More informationData Management Policies. Sage ERP Online
Sage ERP Online Sage ERP Online Table of Contents 1.0 Server Backup and Restore Policy... 3 1.1 Objectives... 3 1.2 Scope... 3 1.3 Responsibilities... 3 1.4 Policy... 4 1.5 Policy Violation... 5 1.6 Communication...
More informationPHASE 9: OPERATIONS AND MAINTENANCE PHASE
PHASE 9: OPERATIONS AND MAINTENANCE PHASE During the Operations and Maintenance Phase, the information system s availability and performance in executing the work for which it was designed is maintained.
More informationConducting a Gap Analysis on your Change Control System. Presented By Miguel Montalvo, President, Expert Validation Consulting, Inc.
Conducting a Gap Analysis on your Change Control System Presented By Miguel Montalvo, President, Expert Validation Consulting, Inc. Standards, Regulations, Guidelines related to Change Control Management
More informationAUTHOR: REVISION BY: ADS Lead/Manager ESYS Windows OSA
INFORMATION RESOURCES APPLICATIONS AND DATA SERVICES PROCESS NAME: ADS Web Application Release Management ORIGINAL DOCUMENT DATE: 10/2/2014 AUTHOR: Jim Nelson PROCESS OWNERS: ADS Lead/Manager LAST REVISION:
More informationProblem Management: A CA Service Management Process Map
TECHNOLOGY BRIEF: PROBLEM MANAGEMENT Problem : A CA Service Process Map MARCH 2009 Randal Locke DIRECTOR, TECHNICAL SALES ITIL SERVICE MANAGER Table of Contents Executive Summary 1 SECTION 1: CHALLENGE
More informationISO 20000-1:2005 Requirements Summary
Contents 3. Requirements for a Management System... 3 3.1 Management Responsibility... 3 3.2 Documentation Requirements... 3 3.3 Competence, Awareness, and Training... 4 4. Planning and Implementing Service
More informationProblem Management. Process Guide. Document Code: Version 2.6. January 7, 2011. Robert Jackson (updates) Ashish Naphray (updates)
Problem Management Process Guide Document Code: Version 2.6 January 7, 2011 Prepared by: R. Bruce Specht Robert Jackson (updates) Ashish Naphray (updates) Contributors: Dalibor Petrovic Karen Moses ITSM
More informationThe Newcastle upon Tyne Hospitals NHS Foundation Trust. IT Change Management Policy and Process
The Newcastle upon Tyne Hospitals NHS Foundation Trust Version No.: 2.0 Effective From: 16 July 2015 Expiry Date: 16 July 2018 Date Ratified: 5 June 2015 Ratified By: Director of IT 1 Introduction IT Change
More informationCentral Agency for Information Technology
Central Agency for Information Technology Kuwait National IT Governance Framework IT Service Management How many times we felt that Business is looking to IT as Operations center not strategy enabler 1
More informationCITY UNIVERSITY OF HONG KONG Change Management Standard
CITY UNIVERSITY OF HONG KONG (Approved by the Information Strategy and Governance Committee in December 2013; revision 1.1 approved by Chief Information Officer in September 2015) PUBLIC Date of Issue:
More informationNovo Service Desk Software
Product Data Sheet The Novo Service Desk has helped streamline processes, reduce costs, provide better metrics, and run a more efficient help desk Lender Processing Services Novo Service Desk Software
More informationHP Service Manager. Software Version: 9.34 For the supported Windows and UNIX operating systems. Processes and Best Practices Guide
HP Service Manager Software Version: 9.34 For the supported Windows and UNIX operating systems Processes and Best Practices Guide Document Release Date: July 2014 Software Release Date: July 2014 Legal
More informationTitle: Rio Tinto management system
Standard Rio Tinto management system December 2014 Group Title: Rio Tinto management system Document No: HSEC-B-01 Standard Function: Health, Safety, Environment and Communities (HSEC) No. of pages: 23
More informationRelease & Deployment Management
1. Does the tool facilitate the management of the full lifecycle of Release and Deployment Management? For example, planning, building, testing, quality assurance, scheduling and deployment? Comments:
More informationSoftware Configuration Management Plan
For Database Applications Document ID: Version: 2.0c Planning Installation & Acceptance Integration & Test Requirements Definition Design Development 1 / 22 Copyright 2000-2005 Digital Publications LLC.
More informationCOMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF HUMAN SERVICES, INSURANCE AND AGING
COMMONWEALTH OF PENNSYLVANIA DEPARTMENT S OF HUMAN SERVICES, INSURANCE AND AGING INFORMATION TECHNOLOGY PROCEDURE Name Of Procedure: Number: System Implementation Review Board (SIRB) Process PRO-IOS009
More informationNewcastle University Information Security Procedures Version 3
Newcastle University Information Security Procedures Version 3 A Information Security Procedures 2 B Business Continuity 3 C Compliance 4 D Outsourcing and Third Party Access 5 E Personnel 6 F Operations
More informationMHRA GMP Data Integrity Definitions and Guidance for Industry March 2015
MHRA GMP Data Integrity Definitions and Guidance for Industry Introduction: Data integrity is fundamental in a pharmaceutical quality system which ensures that medicines are of the required quality. This
More informationDIRECTIVE NUMBER: 141.03.04.001 v2.0. SUBJECT: Correctional Integration Systems Change Management Plan
DEPARTMENT OF CORRECTION SUPPORT Management Services DIRECTIVE NUMBER: SUBJECT: Correctional Integration Systems Change PAGE NUMBER: 1 of 10 Adopted: 12-15-03 01.00.00. POLICY OF THE DEPARTMENT It is the
More informationSoftware Quality Assurance (SQA) Testing
Service Description Services is a subscription fee based managed shared service, which offers a highly reliable, scalable, secure, and cost-effective testing platform that state agencies and local government
More informationService Management Foundation
Management Foundation From Best Practice to Implementation 2008 IBM Corporation Agenda Management Foundation: - Fundamental building blocks for successful Management - ITIL v3: What s new in Operations
More informationStatement of Service Enterprise Services - AID Microsoft IIS
Statement of Service Enterprise Services - AID Microsoft IIS Customer Proprietary Rights The information in this document is confidential to Arrow Managed Services, Inc. and is legally privileged. The
More informationApplying ITIL v3 Best Practices
white paper Applying ITIL v3 Best Practices to improve IT processes Rocket bluezone.rocketsoftware.com Applying ITIL v. 3 Best Practices to Improve IT Processes A White Paper by Rocket Software Version
More informationMHRA GMP Data Integrity Definitions and Guidance for Industry January 2015
MHRA GMP Data Integrity Definitions and Guidance for Industry Introduction: Data integrity is fundamental in a pharmaceutical quality system which ensures that medicines are of the required quality. This
More informationOECD DRAFT ADVISORY DOCUMENT 16 1 THE APPLICATION OF GLP PRINCIPLES TO COMPUTERISED SYSTEMS FOREWARD
OECD DRAFT ADVISORY DOCUMENT 16 1 THE APPLICATION OF GLP PRINCIPLES TO COMPUTERISED SYSTEMS FOREWARD 1. The following draft Advisory Document will replace the 1995 OECD GLP Consensus Document number 10
More informationHow To Create A Help Desk For A System Center System Manager
System Center Service Manager Vision and Planned Capabilities Microsoft Corporation Published: April 2008 Executive Summary The Service Desk function is the primary point of contact between end users and
More information