IT 7833 Policy, Strategy and GovernanceDanny GoodwinNovember 4, 2010 I. Configuration and Change Management Information Technology for NGAP must support two core processes of aneffective business and that is; “Running the business” and “Changes in business.”Decrease stability and fast change in the business environment has invoked a shift ofpriority from Run to Change. This affects all areas of the IT NGAP. To achieve agilityand flexibility an infrastructure is required to enable and control change in a reliablemanner. Change Management The objective of Change Management in this context is to ensure thatstandardized methods and procedures are used for efficient and prompt handling of allchanges to controlled NGAP,s IT infrastructure, in order to minimize the number andimpact of any related incidents upon service. Changes in the NGAP’s infrastructure mayarise reactively in response to problems or externally imposed requirements, e.g.legislative changes, or proactively from seeking improved efficiency and effectivenessor to enable or reflect business initiatives, or from programs, projects or serviceimprovement initiatives. Change Management can ensure standardized methods,processes and procedures are used for all changes, facilitate efficient and prompthandling of all changes, and maintain the proper balance between the need for changeand the potential detrimental impact of changes. Configuration Management Configuration management is a field of management that can be defined asestablishing and maintaining consistency of a systems or products performance and itsfunctional and physical attributes with its requirements, design, and operationalinformation throughout its lifecycle. II. OBJECTIVES Planning and Organize Work with NGAP’s business to ensure that the enterprise portfolio of IT enabledinvestments contains programs that reflect the business. Recognize that there aremandatory, sustaining and discretionary investments that differ in complexity anddegree of freedom in allocating funds. IT processes should provide effective andefficient delivery of the IT components of programs and early warning of any deviationsfrom plan, including cost, schedule or functionality, which might impact the expectedoutcomes of the programs. IT services should be executed against equitable andenforceable service level agreements (SLAs). Accountability for achieving the benefitsand controlling the costs should be clearly assigned and monitored. Establish fair,
IT 7833 Policy, Strategy and GovernanceDanny GoodwinNovember 4, 2010transparent, repeatable and comparable evaluation of business cases, includingfinancial worth, the risk of not delivering a capability and the risk of not realizing theexpected benefits. Acquire and Implement Develop a plan to identify and document all technical, operational and usageaspects such that all those who will operate, use and maintain the automated solutionscan exercise their responsibility. Develop and follow a set of procedures and standardsthat is consistent with the business organization’s overall procurement process andacquisition strategy to acquire IT-related infrastructure, facilities, hardware, softwareand services needed by the business. Deliver and Support Define a framework that provides a formalized service level managementprocess between the customer and service provider. The framework should maintaincontinuous alignment with business requirements and priorities and facilitate commonunderstanding between the customer and provider(s). The framework should includeprocesses for creating service requirements, service definitions, SLAs, OLAs andfunding sources. These attributes should be organized in a service catalogue. Theframework should define the organizational structure for service level management,covering the roles, tasks and responsibilities of internal and external service providersand customers. Establish a planning process for the review of performance and capacity of ITresources to ensure that cost-justifiable capacity and performance are available toprocess the agreed-upon workloads as determined by the SLAs. Capacity andperformance plans should leverage appropriate modeling techniques to produce amodel of the current and forecasted performance, capacity and throughput of the ITresources. Monitor and Evaluate Establish a general monitoring framework and approach to define the scope,methodology and process to be followed for measuring IT’s solution and servicedelivery, and monitor IT’s contribution to the business. Integrate the framework with thecorporate performance management system. Continuously monitor benchmark andimprove the IT control environment and control framework to meet organizationalobjectives. Identify, on a continuous basis, local and international laws, regulations, andother external requirements that must be complied with for incorporation into theorganization’s IT policies, standards, procedures and methodologies.
IT 7833 Policy, Strategy and Governance Danny Goodwin November 4, 2010 III. Roles and Responsibilities Configuration Management Chart Reference: “Configuration Management Essentials” - How to Manage ComplexITy by Dr. Reinhold Thurner Change Management Chart Legend: Responsible, Accountable, Consulted, Informed Sub-Process Sub- Change Change Impacted Change Change C Change Change ChangeProcess Requestor Manager Jurisdiction Coordinator Owner A Liaison Assessor Implementer Change Manager B5.1 -Log and R A R IClassifyChange5.2 –Accept I A I R I I IChange5.3 -Assess R I A I R R R R IRisk &Impact5.4a -Authoriz R I R A R R I R IeChange5.4b - RApprove I A I R R I I IChange
IT 7833 Policy, Strategy and Governance Danny Goodwin November 4, 2010andCommunicate5.5 -Schedul R C A I R R R R CeChange5.6 -Build & I I I I A I R ITestChange5.7 –ApproveImplementation R C A R R R R R CDateandCommunicate5.8 -Impleme C I I I A I R RntChange Reference: Prepared for the Information Technology Standards Council (ITSC) under the delegated authority of the Management Board of Cabinet. Change Management Chart Description 1. Enterprise ITSM Process Owner; the Enterprise Process Owner owns the process and the supporting documentation for the Process being described. This includes setting Policy and providing leadership and direction for the development, design and integration of the process. 2. Change Management Process Owner; the Change Management Process Owner owns the process and the supporting documentation for the process within their jurisdiction. The Change Management Process Owner provides process leadership by overseeing the process and ensuring that the process is followed by the organization. 3. Change Manager; the primary focus of this role is at the process level within their jurisdiction although some responsibilities do cross over and require attention at the individual change level as well. 4. Change Coordinator; Ensures changes conform to process standards and principles and local procedures. 5. Change Requester; provides a clear description of the reason for change, provides additional information regarding the change when requested by the Change Manager/Coordinator, confirms the completed change was successful and met original objectives.
IT 7833 Policy, Strategy and GovernanceDanny GoodwinNovember 4, 20106. Change Owner; the focus of this role is at the individual change level rather than theprocess level.7. Change Advisory Board (CAB); The Change Advisory Board (CAB) is a body thatexists to assist the Change Manager in the assessment, prioritization and approval ofchanges; the Change Manager involves Corporate Change Management through theCorporate Change Advisory Board (CCAB) process. CABs are not required to convenefor the exclusive purpose of dealing with changes requiring approval.8. Change Liaison; the Change Liaison role comes into play when a change involvesactivities that cut across organizational boundaries.9. Change Assessor; Responsible for contributing to the business and technical riskand impact assessment of a change for their domain, and reviewing the change planand for ensuring its rigor and completeness.10. Change Implementer; Responsible for deploying the approved change into theenvironment as per the approved Implementation, Testing and Back Out Plans,Participates in planning for changes.