Dundalk Institute of Technology Change Control Procedure



Similar documents
GEM CSU - IT Services Change Control Policy

Chris Day, Acting Director of IT Services C Day. Configuration Manager Change Manager Change Assessors Change Implementers

Organization. Project Name. Project Overview Plan Version # Date

Information & Technology. Change Management Policy

Information & Technology Management Branch Ministry of Education. Change Management Policy

Change Management Control Procedure

Change Management Procedures Re: The Peoplesoft Application at Mona

CHANGE MANAGEMENT PLAN TEMPLATE

UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE

Voice Over IP Network Solution Design, Testing, Integration and Implementation Program Overview

Annex 4: Technical and Financial Proposal Template

OPERATING PROCEDURE IT CHANGE MANAGEMENT PROCEDURES MANUAL. PREPARED BY: AEMO DOCUMENT NO: Enter Document ID VERSION NO: 6.

Rail Network Configuration Management

SMKI Recovery Procedure

CCIT Change Management Procedures & Documentation

ICT Service Desk Creation

Miami University. Payment Card Data Security Policy

Trust Operational Policy. Information Security Department. Third Party Remote Access Policy

Release Management Policy Aspen Marketing Services Version 1.1

ASIAN PACIFIC TELECOMMUNICATIONS PTY LTD STANDARD FORM OF AGREEMENT. Schedule 3 Support Services

PROJECT DELIVERY METHODOLOGY (PDM) Florida Department of Transportation Office of Information Systems. Business Systems Support Office

University of Bedfordshire ISD Change Management Policy

Project Implementation Process (PIP)

Dundalk Institute of Technology. Acceptable Usage Policy. Version 1.0.1

UMHLABUYALINGANA MUNICIPALITY IT CHANGE MANAGEMENT POLICY

BT Assure DoS Mitigation UK

CHANGE MANAGEMENT POLICY

HP Software-as-a-Service

Project Management Framework

CRM in a Day Support Services Agreement

Change Management Process Document

UMHLABUYALINGANA MUNICIPALITY IT PERFORMANCE AND CAPACITY MANAGEMENT POLICY

Columbia College Process for Change Management Page 1 of 7

Release: 1. ICANWK607A Design and implement wireless network security

Job description. Job title: Server Infrastructure Analyst 1

Coleg Gwent Internal Audit Report 2012/13 Assets and Inventory. Assurance Rating:

CRM Support Services Agreement

ITRM Guideline CPM Date: January 23, 2006 SECTION 4 - PROJECT EXECUTION AND CONTROL PHASE

Customer Service Charter TEMPLATE. Customer Service Charter Version: 0.1 Issue date :

MTN Managed Firewall. Description of Service

STATE OF NEW JERSEY IT CIRCULAR

Infrastructure Change Management. The process and procedures for all changes to the live environment

Audit Management Software Solution

Change Management Process. June 1, 2011 Version 2.7

HUIT Change Management with ServiceNow. September 2013

Cisco Change Management: Best Practices White Paper

-1- PSEG-LI Update of LIPA SGIP Full Docw-NYISO reqmts above 10 MW

What s New Guide. Help Desk Authority 9.1

TechExcel. ITIL Process Guide. Sample Project for Incident Management, Change Management, and Problem Management. Certified

Aberdeen City Council IT Security (Network and perimeter)

Patch Management Procedure. Andrew Marriott PATCH MANAGEMENT PROCEDURE.DOCX Version: 1.1

MSN Upgrade and Refresh with Remote Support Services

Managed ICT Services. User Guide. Possibilities that are built in. Telstra Corporation Limited ABN

ITP01 - Patch Management Policy

OPERATIONAL SERVICE LEVEL AGREEMENT BETWEEN THE CLIENT AND FOR THE PROVISION OF PRO-ACTIVE MONITORING & SUPPORT SERVICES

California Dept. of Technology AT&T CALNET 3. Service Level Agreements (SLA) 7.3 Network Based Managed Security

Patch Management Policy

Maturity Model. March Version 1.0. P2MM Version 1.0 The OGC logo is a Registered Trade Mark of the Office of Government Commerce

Corporate ICT Change Management

Project Charter and Scope Statement

Template for IT Project Plan. Template for IT Project Plan. [Project Acronym and Name]

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

IT Services. Service Level Agreement

Data Center Services

Information Security Incident Management Policy and Procedure

Procedure for Corrective and Preventative Action. Procedure No. 304

Welsh Government Response to the Report of the National Assembly for Wales Public Accounts Committee on Grant Management in Wales Final Report

Information Technology Services Project Management Office Operations Guide

Access Control Policy. Document Status. Security Classification. Level 4 - PUBLIC. Version 1.0. Approval. Review By June 2012

Technology Event Notification and Escalation Procedures. Procedure: Technology Event Notification and Escalation. Procedure Date: 10/27/2009

Internal Quality Management System Audit Checklist (ISO9001:2015) Q# ISO 9001:2015 Clause Audit Question Audit Evidence 4 Context of the Organization

Change Submitter: The person or business requesting or filing the Request For Change (RFC) notice.

Purchase to Pay Process

PROJECT MANAGEMENT PLAN CHECKLIST

PROJECT MANAGEMENT PLAN Outline VERSION 0.0 STATUS: OUTLINE DATE:

Proposal to Migrate from a Workgroup to a Domain

Software and Hardware Configuration Management

IT ACCESS CONTROL AND USER ACCESS MANAGEMENT POLICY

PROJECT MANAGEMENT FRAMEWORK

North European Functional Airspace Block Avinor, Norway EANS, Estonia Finavia, Finland LGS, Latvia. NEFAB Project CHANGE MANAGEMENT MANUAL

14620 Henry Road Houston, Texas PH: FX: WEB: QUALITY MANUAL

U.S. Department of Education Federal Student Aid

Transcription:

Dundalk Institute of Technology Change Control Procedure 1

Revision History Date of this revision: 07 Dec 2015 Date of next revision: 07 Dec-2016 Revision Number v1.0.1 Revision Summary of Changes Date 07/12/2015 Formalising release version of document Changes marked Approval This document requires the following approvals: Name Title Date James McCahill IT Strategy Manager 07/12/2015 Michael Denihan Computer Services Manager 07/12/2015 This Change Control Procedure will be reviewed on a periodic basis. 2

Table of Contents 1. PURPOSE... 4 2. ROLES AND RESPONSIBILIES... 4 3. DEFINITIONS... 4 4. SCOPE... 4 5. CHANGE CONTROL PROCESS... 5 6. APPENDICES... 8 Appendix I - Change Control Form... 8 3

1. PURPOSE The purpose of this Change Control Procedure is to outline how changes to software & hardware infrastructure and critical configurations at Dundalk Institute of Technology are to be managed. 2. ROLES AND RESPONSIBILIES IT Manager To monitor compliance with the Change Control Procedure in conjunction with the business process owner, and technicians responsible for designing and implementing the change. To inform the Vice President for Financial and Corporate Affairs of suspected non-compliance and/or suspected breaches of the Change Control Procedure. 3. DEFINITIONS Change A change is any technical or functional amendment, which has the ability to impact positively or negatively on Dundalk Institute of Technology system performance, operations and functionality. Change Control Change control in the context of Information Technology (IT) is a formal process used to ensure that changes to hardware, software and facilities are introduced in a controlled and coordinated manner. It reduces the possibility that unnecessary changes will be introduced and/or authorised changes will be introduced in an uncontrolled manner introducing unnecessary system issues. In summary, change control is the process by which the application of changes is managed in order to identify and eliminate any potential adverse impacts. 4. SCOPE This document outlines the procedure to be applied for the following types of change: Installing new hardware or software; Upgrading hardware or software; Reconfiguring, changing or upgrading facilities e.g. power, network Standard periodic maintenance Configuration changes which have the potential to significantly affect service e.g. firewall, router etc. 4

5. CHANGE CONTROL PROCESS While specific procedures will vary depending on the nature of the change, for example procedures for installing new hardware will vary from procedures for installing new software, the following change control process need to be applied to a greater or lesser extent to all change types: Change Request: ID, Initiator s name, Date, Description of change, Reason for change. Requirements Definition & Planning (RPD) Technician Change Request Reject Review impact on, business areas, IT Services, IT Infrastructure, technology. Assess risks, fall back plans, urgency Impact Analysis (IA) STO Accept Reject Consider timeline, resource requirements, impacts, costs, communication requirements, contingency Change Planning Meeting (CPM) IT Manager STOs Fallback Accept Reject STO and/or Technician to negotiate approval with business unit Change Sign Off (CSO) Business Owner Detail & resolve constraints and conflicts. Ensure resource availability. Identify costs. Detail test plan, communication plan, risk mitigation plan, fall back plan. Produce & walk thru detailed time schedule for the implementation. Accept Detailed Change Implementation Plan (CIP) STO &Technicians No Consider detailed implementation plans Go/Nogo IT Manager Heads of Schools, Functions & Departments Yes Update Documentation STO & Technicians Implement Change STO & Technicians Review actual timeline. Produce root cause analysis for problems. Publish change report with findings & recommendations. Post Implementation Review (PIR) STO Post Implementation Report STO 5

Step Description Comment 1. Requirements Definition and Planning (RDP) 2.Impact Analysis (IA) 3. Change Planning Meeting (CPM) Change Sign Off (CSO) The requirement to install or upgrade hardware, software or facilities is identified. This includes the notification and or identification of system software patches which could be applied. In relation to the latter the Computer Services Department (IT Department) need to determine if and when such patches would be applied and need to plan accordingly. In relation to hardware, software or facilities installation/upgrade the relevant business owners need to be made aware of the reason for the installation and/or upgrade, need to agree to the change, to the timing of the change and finally need to be clear on the requirement for their involvement in terms of verifying change. Planning should also include development of relevant rollback procedures. Following on from the initial identification of the need to install/upgrade/patch IT department need to perform an IA to a sufficient degree of precision to allow them to determine the level of testing which needs to be performed. The CPM is designed to bring together IT Management to consider the implications of the change proposed across the entire IT and Institute spectrum Technicians proposing the change will present the proposed change to the business process owner to ensure the business owner agrees to proceed with planned change. Depending on the complexity of the installation or upgrade, requirements definition and planning should be formalised to a greater or lesser degree. The more complex the change the more clarity which needs to be brought to the change control process through documentation. Appendix I provides a templates for changes which should be completed for all changes and which should be supported by appropriate levels of documentation depending on the complexity of the change. The template for change (Appendix 1) includes an IA section to allow details of the IA and outcome of same to be documented. Again the level of detail is dependent on the complexity of the relevant change. The CPM should consider the proposed timeline and any other constraints which might arise such as resource conflicts, cost, impacted systems, the communication needs and required contingencies. Having considered the proposed change and had the opportunity to hear and question the technical rationale, risks and plan, the business owner will formally 6

3.Change Implementation Plan (CIP) It is the responsibility of the IT department and/or relevant business users to ensure that there is a detailed CIP produced and communicated to convince the Institute Management that the appropriate level of testing, planning & communication has been undertaken before approval is given for the change to be applied. sign off that the business is agreeable to needs the change. Constraints & conflicts must be resolved and a deliverable plan & timeline must be identified which minimises the impact and risk to the business. All timings should allow for the activation and implementation of a fall back plan should it prove necessary. 4.Go/Nogo 6. Update Documentation Post Implementation Review (PIR) The relevant business heads and process owner(s) in consultation with the IT Manager needs to approve implementation of the change Following successful upgrade the relevant specification listing held at Dundalk Institute of Technology should be immediately updated. The final step should be to communicate the successful completion of the installation/upgrade to all those affected. For significant installations or upgrades the technician/sto should convene a PIR within a week of the implementation to consider the learning from the change. High level presentation slides should be produced to support the request for sign off. Refer to Appendix I for change templates where this approval can be formally indicated. Where the change (for example software upgrade) was applied on a test server as well as a production server the specification listing should be updated in a timely manner. PIR should review timelines, positives, negatives, resource issues, communication issues. Root cause analysis should be carried out where problems were encountered. Change owner (STO or Technician) should document and circulate the PIR to technician & management involved with or impacted by the change. 7

6. APPENDICES Appendix I - Change Control Form Change Control Form (v2) Change Request Number (Helpdesk Ticket Number) Name of Requestor Is this a new installation, upgrade, configuration or removal? If upgrade, replacement or removal provide name and location of existing. Detailed reason for installation or upgrade Summary outline of work to be carried out. (Attach relevant documents if required) Name of business owner Impact Assessment (What systems or services impacted?) Testing performed and outcome of testing (attach relevant documents) Proposed timing Communications Schedule 8

Implementation plan & procedure (attach relevant documents) Rollback plan & procedure in the event of problems (attach relevant documents) Business owner approval for change to production environment Signature: Date: IT Manager Approval for change to progress Signature: Date: Detail of Post Implementation Verification Testing performed and relevant outcome IT sign-off on completion of change (IT Technical Staff) Signature: Date: Documentation updated & filed (list documents updated) Signature: Date: 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information