Change Management
Change Management is a process designed to understand and minimize risks while making IT changes. Businesses have two main expectations of the services provided by IT:
- The services should be stable, reliable, and predictable.
- The services should be able to change rapidly to meet evolving business requirements.
The objective of change management is to enable IT service management to meet both expectations—to enable rapid change while minimizing the possibility of disruption to services.
Objectives:- The primary objective of Change management is to mitigate risk and impact. Change management does the authorization to approve any change to be deployed. It protects the production environment while executing a new change. Following are the objectives of Change management process:
- Reduction of risk and impact
- Maintenance of current working state
- Communication and approval management
- Effective change planning with optimized resources
Reduction in number of incidents due to change execution.
Scope:- The scope of the IT change management process is limited to change implementations that will cause:
- A service to become unavailable or degraded during service hours.
- The functionality of a service to become different.
- The CMDB to require an update.
Types of Changes:- There are different types of change requests, or change classes, that are typically managed in different ways:
Standard changes are changes to a service or to the IT infrastructure where the implementation process and the risks are known upfront. These changes are managed according to policies that are the IT organization already has in place. Since these changes are subject to established policies and procedures, they are the easiest to prioritize and implement, and often don’t require approval from a risk management perspective.
Normal changes are those that must go through the change process before being approved and implemented. If they are determined to be high-risk, a change advisory board must decide whether they will be implemented.
Emergency changes arise when an unexpected error or threat occurs, such as when a flaw in the infrastructure related to services needs to be addressed immediately. A security threat is another example of an emergency situation that requires changes to be made immediately.