White Paper. Change Management: A CA IT Service Management Process Map



Similar documents
Change Management: A CA Service Management Process Map. Peter Doherty

White Paper. Incident Management: A CA IT Service Management Process Map

White Paper. IT Service Management Process Maps. Select Your Route to ITIL Best Practice

Incident Management: A CA IT Service Management Process Map

Improving Service Asset and Configuration Management with CA Process Maps

Problem Management: A CA Service Management Process Map

Service Transition and Support: A CA Service Management Process Map

Service Catalog Management: A CA Service Management Process Map

Release and Deployment Management: A CA Service Management Process Map

agility made possible

Availability Management: A CA Service Management Process Map

The Rise of Service Level Management. Gary Case

Deploying the CMDB for Change & Configuration Management

Request Fulfillment: A CA Service Management Process Map

Applying ITIL v3 Best Practices

Service Validation and Testing: A CA Service Management Process Map

Knowledge Management: A CA Service Management Process Map. Lynda Rees

CA Clarity PPM. Overview. Benefits. agility made possible

Enhancing IT Support with Knowledge Management

How Technology Supports Project, Program and Portfolio Management

Business Service Management Links IT Services to Business Goals

How To Create A Help Desk For A System Center System Manager

can you simplify your infrastructure?

CA Oblicore Guarantee for Managed Service Providers

Best Practices in Change Management WHITE PAPER

Change Management Living with Change

CA Service Desk Manager

An ITIL Perspective for Storage Resource Management

agility made possible

how can I improve performance of my customer service level agreements while reducing cost?

Achieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations

How Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits?

can you improve service quality and availability while optimizing operations on VCE Vblock Systems?

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

The National Commission of Audit

Capacity Management: A CA Service Management Process Map

Transforming IT Processes and Culture to Assure Service Quality and Improve IT Operational Efficiency

CA Service Desk Manager

CA Service Desk On-Demand

LANDesk Service Desk Certified in All 15 ITIL. v3 Suitability Requirements. LANDesk demonstrates capabilities for all PinkVERIFY 3.

White Paper August BMC Best Practice Process Flows for ITIL Change Management

The Rise of Service Level Management in ITIL V3. April Oblicore, Inc.

WHITE PAPER. Best Practices in Change Management

HP Service Manager. Software Version: 9.34 For the supported Windows and UNIX operating systems. Processes and Best Practices Guide

CA Service Desk Manager Change Management. Ken Laufmann Raymond Cadden

SOLUTION WHITE PAPER. Align Change and Incident Management with Business Priorities

ORACLE IT SERVICE MANAGEMENT SUITE

CA SOLVE:Central Service Desk for z/os

Sallie Mae slashes change management costs and complexity with CA SCM

Web Admin Console - Release Management. Steve Parker Richard Lechner

CA Automation Suite for Data Centers

HP Service Manager. Process Designer Content Pack Processes and Best Practices Guide

EXIN IT Service Management Foundation based on ISO/IEC 20000

can you effectively plan for the migration and management of systems and applications on Vblock Platforms?

CA Configuration Automation

CA Nimsoft Service Desk

CA CMDB Connector for z/os version 2.0

are you helping your customers achieve their expectations for IT based service quality and availability?

HP Service Manager software

Elevate the Consumer Experience: Creating a Win-win for Both IT and its Consumers

Project and Portfolio Management for the Innovative Enterprise

journey to a hybrid cloud

Integrating CA Software Change Management with CA Service Desk Manager for Enterprise Change Control

Crossing the DevOps Chasm

Tips & Tricks: CA CMDB Data Mining Techniques. John Sorensen & Neil Mitchell

Next-Generation Performance Testing with Service Virtualization and Application Performance Management

Work Smarter, Not Harder: Leveraging IT Analytics to Simplify Operations and Improve the Customer Experience

Proactive Performance Management for Enterprise Databases

CA Clarity Integration

Identifying & Implementing Quick Wins

ITIL v3. Service Management

how can I deliver better services to my customers and grow revenue?

Problem Management Overview HDI Capital Area Chapter September 16, 2009 Hugo Mendoza, Column Technologies

solution brief September 2011 Can You Effectively Plan For The Migration And Management of Systems And Applications on Vblock Platforms?

Picis improves the delivery of client projects worth $50 million with CA Clarity PPM

Unicenter Service Desk

CCIT Change Management Procedures & Documentation

Preparation Guide. IT Service Management Foundation Bridge based on ISO/IEC 20000

Change Submitter: The person or business requesting or filing the Request For Change (RFC) notice.

How To Standardize Itil V3.3.5

University of Waikato Change Management Process

BRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper

Orchestrate IT Process with an Integrated Workflow Management

ROI Business Use Case. Cross-Enterprise Application Performance Management. Helps Reduce Costs & MTTR, Simplify Management, Improve Service Quality

ITIL Version 3.0 (V.3) Service Transition Guidelines By Braun Tacon

CA Clarity PPM. Demand Management User Guide. v

Genesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM.

Sicredi improves data center monitoring with CA Data Center Infrastructure Management

Achieving ITSM Excellence Through Availability Management

White Paper. Business Service Management Solution

Choosing the Right Project and Portfolio Management Solution

CA Configuration Management Database (CMDB)

Transcription:

White Paper Change Management: A CA IT Service Management Process Map Peter Doherty Senior Consultant, Technical Service, CA, Inc. Peter Waterhouse Director, Business Service Optimization, CA Inc. June 2006

Table of Contents Introduction...3 Change Management... 4 Request for Change (RFC)...5 RFC Analysis...5 Change Prioritization...5 Categorize...5 Change Advisory Board...6 Change Schedule...6 Build & Test Change...7 Implementation...7 Ensuring a Successful Change Management Journey...7 About the Authors...8 2

Introduction CA s IT Service Management (ITSM) Process Maps provide a clear representation of the ITIL best practice framework. We use the analogy of subway or underground system transport maps to illustrate how best to navigate a journey of continuous IT service improvement. Each map details each ITIL process (track), the ITIL process activities (stations) that must be navigated to achieve ITIL process goals (your destination), and the integration points (junctions) that must be considered for process optimization. CA has developed two maps (Service Support Figure A; and Service Delivery Figure B), since most ITSM discussions are focused around these two critical areas. The Service Support journey represents a journey of improving day-to-day IT service support processes that lay the operational foundation needed upon which to build business value. The Service Delivery journey is more transformational in nature and shows the processes that are needed to deliver quality IT services. Close examination of the maps shows how a continuous improvement cycle has become a circle or central line, with each Plan-Do-Check-Act (P-D-C-A) improvement step becoming a process integration point or junction. These junctions serve as reference points when assessing process maturity, and as a means to consider the implications of implementing a process in isolation. Each of the ITIL processes are shown as tracks, and are located in a position most appropriate to how they support the goal of continuous improvement. Notice too, how major ITIL process activities become the stations en-route towards a process destination or goal. This paper is part of a series of 10 ITSM Process Map white papers. Each paper discusses how to navigate a particular ITIL process journey, reviewing each process activity that must be addressed in order to achieve process objectives. Along each journey careful attention is given to how technology plays a critical role in both integrating ITIL processes and automating ITIL process activities. Figure A. Service Support. Figure B. Service Delivery. 3

Change Management Change is an intrinsic aspect of every business especially healthy businesses that innovate and readily adapt to shifts in the market. So, for a business to remain healthy, its IT organization must be capable of effectively and efficiently handling change. It must be able to execute change with minimal cost and minimal risk of business disruption. IT must also be able to keep itself well-aligned with changing business goals and priorities. In today s fast-moving markets, this ability to easily and appropriately handle change is even more important. That s why IT organizations need to implement and automate best practices for the entire end-to-end change management lifecycle, from planning through doing (see Figure 1). Only IT organizations that embrace this kind of disciplined approach to change management will be able to deliver the operational agility essential for business success. If Incident and Problem Management represent the heart of Service Support, then Change Management is the process to control the heart rate. Optimized Change Management results in fewer incidents and problems, and helps ensure that strategic improvement requests are quickly processed and implemented. That is why the process must be well documented, especially during categorization activities, since decisions made here will affect how resources and costs will be allocated. Let s review the Change Management process journey (see Figure 1), assessing each critical process activity (or station), and examine how technology can be applied to optimize every stage of the journey. While technology will greatly enable the automation of the change process, it cannot improve a process that is fundamentally poor. Figure 1. Change Management Process Line. 4

REQUEST FOR CHANGE (RFC) The journey of Change Management starts with a Request for Change (RFC). What is the difference between a service request and a change? At a basic level, a service request may involve making a change to the environment but generally that change is operational and doesn t impact business services. A number of related service requests could generate a change if they require impact analysis or touch the production environment. A Request for Change (RFC) could be triggered by such activities as a customer request via the Service Desk, the introduction or removal of a Configuration Item, or the output of a development project. It could also be triggered by Problem Management. To prevent too many entry points, the process should document who can create RFC s, what they are intended to do and what information is required. Technology can help, ensuring that, requestors don t need to know the entire process and have a simple way of submitting RFC s. The tool should drive them through the important steps and ensure that the correct level of detail is captured. It is also important to understand the business importance of the change. Remember, the goal of Change Management is to facilitate all change requests by using clear procedures, automation and easy checks and balances. ITIL suggests that any member of the organization should be able to submit an RFC. If not managed properly, this could lead to ungated demand and possible misuse of the Change Management system. A more appropriate approach would be to use service requests for routine standardized demands that need not be controlled by Change Management, and to use IT or business relationship managers to submit RFCs. RFC ANALYSIS This activity of RFC Analysis is designed to perform an initial evaluation of the information provided for completeness and feasibility. An automated system can significantly shorten this phase by allowing the tool to apply business rules to determine what information is required. A key requirement is ensuring adequate change lead times are in place, and in-line with policy. CHANGE PRIORITIZATION After performing the initial analysis, the next station is prioritizing the change. This occurs by analyzing the impact of the problem and the urgency of the fix (if the change was generated from a problem) or the importance to the organization of what the change is implementing. If this can t be agreed upon, the Change Advisory Board (CAB) may need to intervene. When the change priority is determined it is used to determine resource requirements and change scheduling windows. In a resource-constrained environment, business units can use it to internally prioritise demand. Risk assessment should also be determined at this stage. Measuring risk can be defined as the actual risk associated with implementing the change versus the risk of possible failures if changes are not implemented. Both types of risks should be evaluated and costed. Another portion of determining risk is based on the impact of the change on other components of the environment. Today, in a highly shared environment, an individual cannot track all of the touch points between technology and business services. For example, if a change requires a clustered web server to be rebooted, what business services are affected and what is the impact on Service Level Agreements? Integration with Configuration Management can help by allowing you to work through what if scenarios to determine the impact of a technology change on business services. CATEGORIZE The next station is actually a major hub for a number of activities. Categorization involves evaluating the size of the change from a resource requirements perspective, the risk associated with the change, as well as the priority, and then deciding on the process steps to be followed. Categorization is an extremely important activity, since it is assigned according to business impact, and therefore determines the level of change authorizations and financial and resource requirements. During this stage, IT must collaborate with the business to ensure the correct categorization of changes and avoid problems further down the line. The bulk of Change Management work is done at this station, with many checks and balances to ensure that change approval becomes relatively straightforward. Here, organizations can realize the major benefits of Change Management, for example, by utilizing technologies to help determine change categories (based on criteria 5

agreed with the business), quickly absorb large volumes of changes, and cost changes before they are incurred. For a minor change, a small number of workflow tasks should be completed and, for the most part, these will involve approvals and implementation scheduling. A minor change is appropriate only where a small effort and risk involved. Similar categorization can be used for significant changes. This is another area where technology can streamline and automate the process itself, using business rules to insert the correct process flow into the change and then report conformance against the workflow while also providing an audit trail. CHANGE ADVISORY BOARD Once this work has been performed, a decision is made on whether to proceed. This will happen at the Change Advisory Board (CAB) meeting. The CAB should consist of all the interested parties for active changes, both from IT and the business. The CAB should meet regularly and involve a formal meeting including meeting minutes and communication. The CAB should review all proposed and implemented changes (this is the Post Implementation Review). For new changes, there should be agreement on the need, resource allocation and available funds. A lot of work is required after CAB approval, which is why it is important to automate what can be complex processes. Minor changes should be authorized prior to the CAB meetings, which should focus on change requests that have higher risk and associated costs. Again, this is why the business must be involved from the design phase of process development. Everyone needs to understand what is critical to the business to determine changes that can be pre-approved and those that need to be analyzed further. The CAB should also review implemented changes to determine the quality of the process and whether the changes were implemented correctly. Determining that the technical aspect of the change was successfully implemented is insufficient. What s required is determining whether change achieved its purpose. More mature organizations will wait for a specified period before closing off the change. IT should demonstrate its engagement with the customer at the CAB stage by ensuring that business customers affected by changes are fully involved in the decision making process. The CAB has responsibility for approving or rejecting changes. They also should perform the due diligence and, in instances where there is not enough information, make a decision to send the change back to the requester. Approval must be gained at three levels: technical, business and financial. Since these CAB meetings can require significant time and resources, technology can be effectively utilized, for example, by giving CAB members electronic access to RFCs for electronic approval. Once the CAB approves the change, the doing phases of scheduling, building, testing and implementation begin. The CAB has to be financially responsible and strike a balance between managing risk and controlling costs. CHANGE SCHEDULE Once all approvals are given, it is now appropriate to schedule the change. More activities need to happen before a change window can be selected. In cases of major releases, an organization may be restricted to certain maintenance windows and needs to have a place holder in the Forward Schedule of Changes (FSC) calendar. These key activities are best controlled by using best practice project management. This is one of the key steps in increasing the value and taking advantage of the proactive nature of Change Management. Scheduling should be worked out with the key stakeholders to ensure that all the implementation steps required to institute the change are achievable. Automated technology helps keep everyone informed of what needs to be done and when it is needed. Providing visibility into when changes are to be implemented is critical. In this scheduling phase, a Forward Schedule of Change (FSC) should be updated. This should be a generally available calendar view of when all change windows are scheduled. It should be clearly stated within each window any (business) services or technologies that will be impacted, along with the start and end time of the implementation. This is important for a number of reasons. First, it allows changes to be implemented together where there is an opportunity to do so (for example where there is common infrastructure being affected). Secondly, it provides the ability to quickly spot change conflicts or situations where the time of the planned change could have a detrimental affect on the business (for example, if the business is running a sales campaign it would be inconvenient if certain Web services were unavailable during that time). And third, it makes the Service Desk aware of planned change and service outages so they can place an advance notice on the bulletin board and are prepared to answer the influx of calls. Otherwise, the Service Desk will waste time trying to diagnose the increase in incidents caused by the service outage or implemented change. 6

BUILD & TEST CHANGE This stage includes provisioning hardware and software and performing the work needed to put the change together. The change needs to be tested in a pre-production environment to make sure that it is given every chance of success. Back out plans and a go/no-go decision point must be specified ahead of time. You do not want to leave that decision in the hands of the implementers as this encourages a hero culture where people will keep trying to implement a change and make it work. This is a poor practice as it generally means that the change process didn t work and there is a higher risk of the change failing or having undesirable impacts on its related IT services. IMPLEMENTATION The implementation station is the next step. Only the changes that are approved and scheduled in the change window can be implemented. This is not an opportunity for people to introduce unauthorized changes. The entire premise of the Change Management process is to protect the production environment; unauthorised changes put this objective at risk. An output at this stage will be an implementation report that will be reviewed at the next CAB meeting to ensure that the business goals were met and the risks and costs to the business were minimized. Including the business in this process allows for continuous improvement because you are constantly engaged to ensure the change process is aligned with the business goals. If they are not, you may not meet the business objectives and be forced to refine your process to make the necessary changes. All the discussion above has been in the context of a well planned process where forewarning is imbedded into the change process. In a dynamic operational environment there will often be times when high-impact incidents and problems need to have fixes applied that will involve a change to the production environment. This is not an opportunity to bypass the change process as there should also be a process in place to handle urgent or emergency changes. Change approval is still a prerequisite in these cases, but the standard process will generally be condensed and some of the CAB approvals will be delegated. Organizations that have not fully developed their Change Management processes will see a high volume of emergency changes, most likely because of timing. This is normally due to lead times not being enforced, with changes continuously and mistakenly viewed as emergencies. A good metric to gauge whether a change is an emergency is to determine if there is a high impact incident or problem open that this change will fix. If this is not the case, then you must question whether it s an emergency change. The last step is to review the Change Management process as an entire unit. Change Management is an iterative process that requires constant review and adjustment for continuous improvement. This is why the process owner should constantly be reviewing changes to look for ways to make the process better and to consult with the business often to ensure their needs are being met. Ensuring a Successful Change Management Journey In simple terms, the underlying goal of Change Management is to protect the business, because any time we touch the production environment we put the business at risk. Failed changes are better than changes that are successfully implemented and cause failures later. But both are bad! It is not good enough to just have a good Change Management process. Compliance is also required to make sure things are done as they should be and a full audit trail of everything that was done is easily accessible. To do this process manually in a complex environment is very difficult and prone to human errors or having people bypass the system. To raise the level of maturity where business impact and risk assessment is performed requires integration with Configuration Management. Configuration Management will provide Change Management with a baseline, priority and urgency of changes and detailed information on the history and relationships of Configuration Items (CI). This is necessary in order to effect a complete impact assessment of changes made. Integrated technology and process automation solutions can significantly ease the overhead of managing the process through automation and ensuring process compliance. Some ways include: Embed a change process in the solution based on the change category. Analysts can then select the appropriate workflow template to automatically assign individual tasks to the appropriate resource in the change process. Assist the CAB by providing information to the relevant people electronically so they do not actually need to come together to discuss changes unless there is a specific reason. 7

Ensure conformance to the process by not allowing the change to progress unless the prerequisite tasks have been completed and a record is made of who completed them and when. Perform business impact analysis through Configuration Management to determine what business services are impacted by changes to the infrastructure. Often, without this link to Configuration Management it is nearly impossible to determine all the impact points that a single change can cause since there is no relationship information in the infrastructure. Unify change processes across both IT operations and software development, Allow the Change Management process to be a business enabler where the repeatable process is constantly used without the requestor having to try and work out what needs to be done. Service Levels can be offered for Change Management and business rules can be used to proactively monitor these and raise visibility automatically when a violation occurs. Engage with the customers and make them part of the Change Management process, using facilities such as portfolio management to prioritize strategic change requests. About the Authors Peter Doherty is a Senior Consultant with CA. He is a 15 year Service Management practitioner and holds a Manager s Certificate in IT Service Management. A highly sought speaker for IT Service Management seminars and conferences, he won the President s Award for best content and presented paper at the 2004 Australian itsmf National conference. Peter has published on the subject of IT Asset Management as an extension of ITIL and is a regular contributor to industry publications. Peter Waterhouse is Director of Product Marketing in CA s Business Service Optimization business unit. Peter has 15 years experience in Enterprise Systems Management, with specialization in IT Service Management, IT Governance and best practices. Copyright 2006 CA. All rights reserved. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. This document is for your informational purposes only. To the extent permitted by applicable law, CA provides this document As Is without warranty of any kind, including, without limitation, any implied warranties of merchantability or fitness for a particular purpose, or non-infringement. In no event will CA be liable for any loss or damage, direct or indirect, from the use of this document including, without limitation, lost profits, business interruption, goodwill or lost data, even if CA is expressly advised of such damages. ITIL is a registered trademark and a registered community trademark of the UK Office of Government and Commerce (OGC) and is registered in the U.S. Patent and Trademark Office. MP302640606

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information