SlideShare a Scribd company logo
itSM Solutions®
DITY™ Newsletter
Reprint
This is a reprint of an itSM Solutions® DITY™ Newsletter. Our members receive our weekly DITY Newsletter, and
have access to practical and often entertaining articles in our archives. DITY is the newsletter for IT professionals
who want a workable, practical guide to implementing ITIL best practices -- without the hype.

become a member
(It's Free. Visit http://www.itsmsolutions.com/newsletters/DITY.htm)

Publisher
itSM Solutions™ LLC
31 South Talbert Blvd #295
Lexington, NC 27292
Phone (336) 510-2885
Fax (336) 798-6296
Find us on the web at: http://www.itsmsolutions.com.
To report errors please send a note to the editor, Hank Marquis at hank.marquis@itsmsolutions.com
For information on obtaining copies of this guide contact: sales@itsmsolutions.com
Copyright © 2006 Nichols-Kuhn Group. ITIL Glossaries © Crown Copyright Office of Government Commerce. Reproduced with the
permission of the Controller of HMSO and the Office of Government Commerce.
Notice of Rights / Restricted Rights Legend
All rights reserved. Reproduction or transmittal of this guide or any portion thereof by any means whatsoever without prior written permission of
the Publisher is prohibited. All itSM Solutions products are licensed in accordance with the terms and conditions of the itSM Solutions Partner
License. No title or ownership of this guide, any portion thereof, or its contents is transferred, and any use of the guide or any portion thereof
beyond the terms of the previously mentioned license, without written authorization of the Publisher, is prohibited.
Notice of Liability
This guide is distributed "As Is," without warranty of any kind, either express or implied, respecting the content of this guide, including but not
limited to implied warranties for the guide's quality, performance, merchantability, or fitness for any particular purpose. Neither the authors, nor
itSM Solutions LLC, its dealers or distributors shall be liable with respect to any liability, loss or damage caused or alleged to have been caused
directly or indirectly by the contents of this guide.
Trademarks
itSM Solutions is a trademark of itSM Solutions LLC. Do IT Yourself™ and DITY™ are trademarks of Nichols-Kuhn Group. ITIL ® is a
Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is registered in the U.S. Patent
and Trademark Office, and is used here by itSM Solutions LLC under license from and with the permission of OGC (Trade Mark License No.
0002). IT Infrastructure Library ® is a Registered Trade Mark of the Office of Government Commerce and is used here by itSM Solutions LLC
under license from and with the permission of OGC (Trade Mark License No. 0002). Other product names mentioned in this guide may be
trademarks or registered trademarks of their respective companies.
Impact Assessment in 5 Simple Steps

Instructor Portal

Downloads

Newsletters

---------------------------------------------

DITY™ Newsletter
Vol. 3.3 • January 17, 2007

Impact Assessment
In 5 Simple Steps

Subscribe Its Free!

RSS Stay up to date!

PDF Pass it around!

Print page

IT is its own worst enemy—Gartner and others have documented that about 80% of all
Incidents occur because of failed change management activities. However, it does not have
to be that way. Change Impact Assessment is well known outside of IT...
By Hank Marquis

Anyone familiar with ITIL® has heard of an “Impact Assessment.” While there are
many places in the ITIL that mention assessing impact, this article focuses on
assessing the potential impact of changes. Change impact assessment is a systematic
approach that seeks to discover possible risks associated with a Request for Change
(RFC.)
Failure to discover the risks of a proposed change is the top reason for that popular dance, the IT 2step. Everybody knows it, it goes like this "take one step forward, now two steps back..." Seriously
though, most failed changes are simply the result of not taking into account current activities, and
a failure to communicate anticipated activities.
This includes any situation which proposes to alter system configurations, operating practices,

http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (1 of 5)1/13/2007 1:44:31 PM
Impact Assessment in 5 Simple Steps

policies, or procedures, and any new or different activities to be performed.
For change impact assessment, or simply impact assessment, to be effective the practitioner has to
explore all of the differences between normal operations and any conditions that introduce risks or
may contribute to a failed change.
Used effectively, impact assessment can proactively manage risk. It is a simple idea that can be
implemented quickly using a word processor or spreadsheet -- it requires no complex software. It
does require careful adherence to a formal procedure however, and teamwork.
Following I describe how to reduce the risks of making changes by introducing a simple, effective,
formal change impact assessment procedure based on best practices.
Impact Assessment 101
Impact assessment is a fairly mature and formal activity in most organizations outside of IT, the military
in particular has deep experience in planning changes. Yet for some reason most IT impact assessment
consists of emailing around an RFC and waiting for someone to comment about it, or worse, a lead tech
working in isolation on "one little change." Another popular method I see for impact assessment is a
meeting, usually the day or two before the change is to occur, where department heads talk about the
work upcoming.

However, it is clear that existing impact assessment does not work. Every year all the big think tanks
always report that IT is its own worst enemy—Gartner and others have documented that about 80% of
all Incidents occur because of failed change management activities. However, it does not have to be that

way. Change impact assessment is well known outside of IT, and there are models for performing impact
assessment.
While effective and easily implemented, impact assessment is not a panacea and does not totally replace

existing change procedures, instead, you should strive to improve your existing process. The procedure for
performing an impact assessment consists of the following five steps:
1. Define the extent of the change proposed
2. Determine key differences in the changed state (proposed) from a point of reference or the
original state

3. Focus on the possible effects of the key differences from step #2
4. Sort and prioritize the possible effects (#3) from the key differences (#2) based on risk and
possibility
5. Make a decision using the results
Sounds easy! So lets actually try to use our new system.
Step #1 -- Define Extent of the Change

Assuming you have in hand an RFC that wants to "Upgrade Desktops to Vista", prepare a document
(word processor is fine) that describes the extent of the change. Be specific, and list all boundaries for all
systems. Without a clear understanding of the change, you can't identify risks. Clearly, some of this will
be in the RFC already, but you need to make sure to capture all possible descriptions of the environment
for the change.
Take a tact of tying to identify what will probably occur or be going on before, during, and after the
change. Try to consider as many environments or angles as possible. For example:

http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (2 of 5)1/13/2007 1:44:31 PM
Impact Assessment in 5 Simple Steps

Probable Events With "Upgrade Desktops to Vista"
q

q

q

Scope: Initial upgrade IT department only, IT non-production workstations only, no servers,
no desktops, laptops only.
Work Environment
r Some IT workers only have laptops
r Some workers will be traveling and not in the office
Platform Environment
r Disk space requires is 300MB
r Transition of existing preferences, installations, and configurations
r Memory required is 2GB
r CPU speed must be at least 1.2GHZ
Table 1. Probable Events

Your goal here is to describe, as fully as possible, the environment and situation for the change. The more
detail, the better.

Step #2 -- Determine Key Differences

The basis of the impact assessment is to compare the proposed state of the infrastructure or organization
after the change with the state before the change. Of course, with something new there is no existing

baseline, in which case you can choose a similar situation, or even do research about other
implementations.
The goal is to identify all of the differences, large and small, between the pre and post -change states.
Examine previous changes. Check for similar changes in other systems, departments, technology silos and
divisions. Check for failures by reviewing past change records, incident logs, and problem reports. Review
the Internet for documents describing what others have found and done.
After establishing your reference sources, in a table list out all the differences between the references
(failures and success.) Don't try to sort, categorize, or judge them. Your goal is as many types of
differences as possible. Common differences include:
q

Hardware and software models, versions, platforms, etc.

q

Staff, personnel, vendor, and support persons, etc.

q

Process, procedures, organization, schedules, time of day, etc.

q

Environment, location, installation, etc.

This step is ideal for use with a group—assemble a team, give them the reference data in advance, have
them prepare, then host a meeting where you can lead a brainstorming session to develop as many
potential differences as possible. Record them into a table, with references, for use in the next step.
Assuming the previous probable events table (like table 1), a possible output (for example purposes only)
might look like this:
Key Differences Between Normal and "Upgrade Desktops to Vista"
q

q

Work Environment/ Some IT workers only have laptops
r they will be working using their laptops (not available to upgrade)
r might not be in office at the appropriate time (e.g., work/travel)
Platform Environment/ Disk space requires is 300MB
r Previous changes needed less disk space (was 512MB)
r Several changes backed out due to lack of disk space (had 1GB)
Table 2. Key Differences

Here it is very important to uncover positive, negative, and neutral trends. This means you should check
http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (3 of 5)1/13/2007 1:44:31 PM
Impact Assessment in 5 Simple Steps

for successful changes as well. Don't forget to consider your regulatory environment, and you can also use
theoretical models like the ITIL and others, that describe a “perfect world” and compare the change to it.
Step #3 -- Focus on Effects

Study each of the differences listed in the table created in the last step (table 2). Ask if this difference has
the potential to cause unexpected side effects. Consider the reference materials—has their been a history
of fault or failure because of this difference? Has this difference not had any impact? Be sure to imagine
positive, negative and neutral affects. This step is also ideal for a group.

Impact Assessment of Upgrade Desktops to Vista
Risk Mitigation
Differences from Normal
Some IT workers only have
laptops

Potential Effects

Prevention Steps
Ensure accurate listing of all
laptops and workers
Make sure there is a system
They will have work
available to users during the
to do
upgrade
They might not be
in the office

Monitoring Steps
Step up inquires about which
applications are required
Step up inquires about which
applications are required

Table 3. Possible Effects of Key Differences

Your goal here is to consider the differences for each probable event. For each potential effect, try to list
out what you can do to detect it (monitor) and prevent it. This forms the basis of the impact assessment,
for the starting point for risk assessment.
Step #4 -- Sort and Prioritize

Using the risk analysis system I presented in “10 Steps to Do It Yourself CRAMM”, make an effort to
prioritize potential effect; taking into account the effort, costs, and probability of its occurrence. Of course,
full probability assessment is beyond the scope of this article, but you can get pretty close.
Your output is a list of recommendations, with pros and cons, to submit to the CAB or whomever requires
it. Your work is self-justifying. That is, using plain simple terms, past experience, and formal planning,

you will present what is currently happening, what might happen and ways to make sure the bad does not
occur. This is all it takes for leaders to make decisions and prepare.
Step #5 -- Make a Decision

Use the results of the sorted, prioritized risk assessment to identify vulnerabilities and make
recommendations to mitigate the risks. Use the recommendations to show how to avoid, or if too
costly, respond effectively, should something go wrong with the change. Compare the benefits of
following your recommendations to the potential costs of not following them. Decide whether the
potential risk is acceptable or not.
Summary
A formalized approach to change impact assessment is inexpensive and can produce high quality
decisions. It requires following a process, and having the time to follow a process. While the approach
presented here is well tested and sound, it does have some limitations:
q

q
q

This method relies heavily on the references you choose -- choose the wrong reference or
miss a reference and it might not work as well

Without a CMDB that incorporates organizational learning it is hard to find references
Your results will only be as good as the knowledge and skills of the people performing the
assessment

http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (4 of 5)1/13/2007 1:44:31 PM
Impact Assessment in 5 Simple Steps

Even with these caveats, this is still probably the easiest and simplest method to formalize change
impact analysis. Follow these simple steps, and you just might find yourself out of the “one step
forward, two steps back” routine!
Subscribe Its Free!

RSS Stay up to date!

PDF Pass it around!

Where to go from here:
q
q
q

Subscribe to our newsletter and get new skills delivered right to your Inbox, click here.
Download this article in PDF format for use at your own convenience, click here.
Use your favorite RSS reader to stay up to date, click here.

Related articles:
q
q

10 Steps to Do It Yourself CRAMM explains how to establish a risk assessment system.
Browse back-issues of the DITY Newsletter, click here.

Home

Methodology

http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (5 of 5)1/13/2007 1:44:31 PM

About Us

Products

Contact Us

More Related Content

What's hot

Building Software In-House: Too Much Control and Flexibility
Building Software In-House: Too Much Control and FlexibilityBuilding Software In-House: Too Much Control and Flexibility
Building Software In-House: Too Much Control and Flexibility
Ivan Ruchkin
 
Brighttalk learning to cook- network management recipes - final
Brighttalk   learning to cook- network management recipes - finalBrighttalk   learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - final
Andrew White
 
Bright talk running a cloud - final
Bright talk   running a cloud - finalBright talk   running a cloud - final
Bright talk running a cloud - final
Andrew White
 
Dit yvol2iss35
Dit yvol2iss35Dit yvol2iss35
Dit yvol2iss35
Rick Lemieux
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Ian Sommerville
 
Agile 2013: Pat Reed and I discussing Scrum and Compliance
Agile 2013: Pat Reed and I discussing Scrum and Compliance Agile 2013: Pat Reed and I discussing Scrum and Compliance
Agile 2013: Pat Reed and I discussing Scrum and Compliance
Laszlo Szalvay
 
The Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster RecoveryThe Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster Recovery
InnoTech
 
Brighttalk getting back on track - final
Brighttalk   getting back on track - finalBrighttalk   getting back on track - final
Brighttalk getting back on track - final
Andrew White
 

What's hot (8)

Building Software In-House: Too Much Control and Flexibility
Building Software In-House: Too Much Control and FlexibilityBuilding Software In-House: Too Much Control and Flexibility
Building Software In-House: Too Much Control and Flexibility
 
Brighttalk learning to cook- network management recipes - final
Brighttalk   learning to cook- network management recipes - finalBrighttalk   learning to cook- network management recipes - final
Brighttalk learning to cook- network management recipes - final
 
Bright talk running a cloud - final
Bright talk   running a cloud - finalBright talk   running a cloud - final
Bright talk running a cloud - final
 
Dit yvol2iss35
Dit yvol2iss35Dit yvol2iss35
Dit yvol2iss35
 
Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)Designing Complex Systems for Recovery (LSCITS EngD 2011)
Designing Complex Systems for Recovery (LSCITS EngD 2011)
 
Agile 2013: Pat Reed and I discussing Scrum and Compliance
Agile 2013: Pat Reed and I discussing Scrum and Compliance Agile 2013: Pat Reed and I discussing Scrum and Compliance
Agile 2013: Pat Reed and I discussing Scrum and Compliance
 
The Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster RecoveryThe Nuts and Bolts of Disaster Recovery
The Nuts and Bolts of Disaster Recovery
 
Brighttalk getting back on track - final
Brighttalk   getting back on track - finalBrighttalk   getting back on track - final
Brighttalk getting back on track - final
 

Viewers also liked

Dit yvol5iss19
Dit yvol5iss19Dit yvol5iss19
Dit yvol5iss19
Rick Lemieux
 
Dit yvol2iss32
Dit yvol2iss32Dit yvol2iss32
Dit yvol2iss32
Rick Lemieux
 
Dit yvol5iss9
Dit yvol5iss9Dit yvol5iss9
Dit yvol5iss9
Rick Lemieux
 
Dit yvol2iss28
Dit yvol2iss28Dit yvol2iss28
Dit yvol2iss28
Rick Lemieux
 
Dit yvol2iss17
Dit yvol2iss17Dit yvol2iss17
Dit yvol2iss17
Rick Lemieux
 
Dit yvol2iss30
Dit yvol2iss30Dit yvol2iss30
Dit yvol2iss30
Rick Lemieux
 
Dit yvol3iss4
Dit yvol3iss4Dit yvol3iss4
Dit yvol3iss4
Rick Lemieux
 
Dit yvol4iss36
Dit yvol4iss36Dit yvol4iss36
Dit yvol4iss36
Rick Lemieux
 
Dit yvol3iss31
Dit yvol3iss31Dit yvol3iss31
Dit yvol3iss31
Rick Lemieux
 
Dit yvol5iss13
Dit yvol5iss13Dit yvol5iss13
Dit yvol5iss13
Rick Lemieux
 
Dit yvol2iss42
Dit yvol2iss42Dit yvol2iss42
Dit yvol2iss42
Rick Lemieux
 
Dit yvol3iss17
Dit yvol3iss17Dit yvol3iss17
Dit yvol3iss17
Rick Lemieux
 
Dit yvol4iss28
Dit yvol4iss28Dit yvol4iss28
Dit yvol4iss28
Rick Lemieux
 
Dit yvol2iss21
Dit yvol2iss21Dit yvol2iss21
Dit yvol2iss21
Rick Lemieux
 

Viewers also liked (14)

Dit yvol5iss19
Dit yvol5iss19Dit yvol5iss19
Dit yvol5iss19
 
Dit yvol2iss32
Dit yvol2iss32Dit yvol2iss32
Dit yvol2iss32
 
Dit yvol5iss9
Dit yvol5iss9Dit yvol5iss9
Dit yvol5iss9
 
Dit yvol2iss28
Dit yvol2iss28Dit yvol2iss28
Dit yvol2iss28
 
Dit yvol2iss17
Dit yvol2iss17Dit yvol2iss17
Dit yvol2iss17
 
Dit yvol2iss30
Dit yvol2iss30Dit yvol2iss30
Dit yvol2iss30
 
Dit yvol3iss4
Dit yvol3iss4Dit yvol3iss4
Dit yvol3iss4
 
Dit yvol4iss36
Dit yvol4iss36Dit yvol4iss36
Dit yvol4iss36
 
Dit yvol3iss31
Dit yvol3iss31Dit yvol3iss31
Dit yvol3iss31
 
Dit yvol5iss13
Dit yvol5iss13Dit yvol5iss13
Dit yvol5iss13
 
Dit yvol2iss42
Dit yvol2iss42Dit yvol2iss42
Dit yvol2iss42
 
Dit yvol3iss17
Dit yvol3iss17Dit yvol3iss17
Dit yvol3iss17
 
Dit yvol4iss28
Dit yvol4iss28Dit yvol4iss28
Dit yvol4iss28
 
Dit yvol2iss21
Dit yvol2iss21Dit yvol2iss21
Dit yvol2iss21
 

Similar to Dit yvol3iss3

Dit yvol5iss6
Dit yvol5iss6Dit yvol5iss6
Dit yvol5iss6
Rick Lemieux
 
Dit yvol1iss7
Dit yvol1iss7Dit yvol1iss7
Dit yvol1iss7
Rick Lemieux
 
Dit yvol1iss2
Dit yvol1iss2Dit yvol1iss2
Dit yvol1iss2
Rick Lemieux
 
Dit yvol2iss29
Dit yvol2iss29Dit yvol2iss29
Dit yvol2iss29
Rick Lemieux
 
Dit yvol2iss10
Dit yvol2iss10Dit yvol2iss10
Dit yvol2iss10
Rick Lemieux
 
Dit yvol2iss48
Dit yvol2iss48Dit yvol2iss48
Dit yvol2iss48
Rick Lemieux
 
Dit yvol1iss4
Dit yvol1iss4Dit yvol1iss4
Dit yvol1iss4
Rick Lemieux
 
Dit yvol2iss1
Dit yvol2iss1Dit yvol2iss1
Dit yvol2iss1
Rick Lemieux
 
Dit yvol2iss43
Dit yvol2iss43Dit yvol2iss43
Dit yvol2iss43
Rick Lemieux
 
Dit yvol2iss24
Dit yvol2iss24Dit yvol2iss24
Dit yvol2iss24
Rick Lemieux
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change Management
Info-Tech Research Group
 
Dit yvol2iss16
Dit yvol2iss16Dit yvol2iss16
Dit yvol2iss16
Rick Lemieux
 
Dit yvol1iss5
Dit yvol1iss5Dit yvol1iss5
Dit yvol1iss5
Rick Lemieux
 
Dit yvol2iss2
Dit yvol2iss2Dit yvol2iss2
Dit yvol2iss2
Rick Lemieux
 
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBookGoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
George Yu
 
Dit yvol2iss49
Dit yvol2iss49Dit yvol2iss49
Dit yvol2iss49
Rick Lemieux
 
Dit yvol2iss40
Dit yvol2iss40Dit yvol2iss40
Dit yvol2iss40
Rick Lemieux
 
Dit yvol3iss12
Dit yvol3iss12Dit yvol3iss12
Dit yvol3iss12
Rick Lemieux
 
Dit yvol2iss14
Dit yvol2iss14Dit yvol2iss14
Dit yvol2iss14
Rick Lemieux
 
Dit yvol3iss6
Dit yvol3iss6Dit yvol3iss6
Dit yvol3iss6
Rick Lemieux
 

Similar to Dit yvol3iss3 (20)

Dit yvol5iss6
Dit yvol5iss6Dit yvol5iss6
Dit yvol5iss6
 
Dit yvol1iss7
Dit yvol1iss7Dit yvol1iss7
Dit yvol1iss7
 
Dit yvol1iss2
Dit yvol1iss2Dit yvol1iss2
Dit yvol1iss2
 
Dit yvol2iss29
Dit yvol2iss29Dit yvol2iss29
Dit yvol2iss29
 
Dit yvol2iss10
Dit yvol2iss10Dit yvol2iss10
Dit yvol2iss10
 
Dit yvol2iss48
Dit yvol2iss48Dit yvol2iss48
Dit yvol2iss48
 
Dit yvol1iss4
Dit yvol1iss4Dit yvol1iss4
Dit yvol1iss4
 
Dit yvol2iss1
Dit yvol2iss1Dit yvol2iss1
Dit yvol2iss1
 
Dit yvol2iss43
Dit yvol2iss43Dit yvol2iss43
Dit yvol2iss43
 
Dit yvol2iss24
Dit yvol2iss24Dit yvol2iss24
Dit yvol2iss24
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change Management
 
Dit yvol2iss16
Dit yvol2iss16Dit yvol2iss16
Dit yvol2iss16
 
Dit yvol1iss5
Dit yvol1iss5Dit yvol1iss5
Dit yvol1iss5
 
Dit yvol2iss2
Dit yvol2iss2Dit yvol2iss2
Dit yvol2iss2
 
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBookGoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
GoToAssist-Be-Mighty-ITIL-Quick-Guide-eBook
 
Dit yvol2iss49
Dit yvol2iss49Dit yvol2iss49
Dit yvol2iss49
 
Dit yvol2iss40
Dit yvol2iss40Dit yvol2iss40
Dit yvol2iss40
 
Dit yvol3iss12
Dit yvol3iss12Dit yvol3iss12
Dit yvol3iss12
 
Dit yvol2iss14
Dit yvol2iss14Dit yvol2iss14
Dit yvol2iss14
 
Dit yvol3iss6
Dit yvol3iss6Dit yvol3iss6
Dit yvol3iss6
 

More from Rick Lemieux

IT Service Management (ITSM) Model for Business & IT Alignement
IT Service Management (ITSM) Model for Business & IT AlignementIT Service Management (ITSM) Model for Business & IT Alignement
IT Service Management (ITSM) Model for Business & IT Alignement
Rick Lemieux
 
Dit yvol5iss41
Dit yvol5iss41Dit yvol5iss41
Dit yvol5iss41
Rick Lemieux
 
Dit yvol5iss40
Dit yvol5iss40Dit yvol5iss40
Dit yvol5iss40
Rick Lemieux
 
Dit yvol5iss38
Dit yvol5iss38Dit yvol5iss38
Dit yvol5iss38
Rick Lemieux
 
Dit yvol5iss37
Dit yvol5iss37Dit yvol5iss37
Dit yvol5iss37
Rick Lemieux
 
Dit yvol5iss36
Dit yvol5iss36Dit yvol5iss36
Dit yvol5iss36
Rick Lemieux
 
Dit yvol5iss35
Dit yvol5iss35Dit yvol5iss35
Dit yvol5iss35
Rick Lemieux
 
Dit yvol5iss34
Dit yvol5iss34Dit yvol5iss34
Dit yvol5iss34
Rick Lemieux
 
Dit yvol5iss31
Dit yvol5iss31Dit yvol5iss31
Dit yvol5iss31
Rick Lemieux
 
Dit yvol5iss33
Dit yvol5iss33Dit yvol5iss33
Dit yvol5iss33
Rick Lemieux
 
Dit yvol5iss32
Dit yvol5iss32Dit yvol5iss32
Dit yvol5iss32
Rick Lemieux
 
Dit yvol5iss30
Dit yvol5iss30Dit yvol5iss30
Dit yvol5iss30
Rick Lemieux
 
Dit yvol5iss29
Dit yvol5iss29Dit yvol5iss29
Dit yvol5iss29
Rick Lemieux
 
Dit yvol5iss28
Dit yvol5iss28Dit yvol5iss28
Dit yvol5iss28
Rick Lemieux
 
Dit yvol5iss26
Dit yvol5iss26Dit yvol5iss26
Dit yvol5iss26
Rick Lemieux
 
Dit yvol5iss25
Dit yvol5iss25Dit yvol5iss25
Dit yvol5iss25
Rick Lemieux
 
Dit yvol5iss24
Dit yvol5iss24Dit yvol5iss24
Dit yvol5iss24
Rick Lemieux
 
Dit yvol5iss23
Dit yvol5iss23Dit yvol5iss23
Dit yvol5iss23
Rick Lemieux
 
Dit yvol5iss22
Dit yvol5iss22Dit yvol5iss22
Dit yvol5iss22
Rick Lemieux
 
Dit yvol5iss21
Dit yvol5iss21Dit yvol5iss21
Dit yvol5iss21
Rick Lemieux
 

More from Rick Lemieux (20)

IT Service Management (ITSM) Model for Business & IT Alignement
IT Service Management (ITSM) Model for Business & IT AlignementIT Service Management (ITSM) Model for Business & IT Alignement
IT Service Management (ITSM) Model for Business & IT Alignement
 
Dit yvol5iss41
Dit yvol5iss41Dit yvol5iss41
Dit yvol5iss41
 
Dit yvol5iss40
Dit yvol5iss40Dit yvol5iss40
Dit yvol5iss40
 
Dit yvol5iss38
Dit yvol5iss38Dit yvol5iss38
Dit yvol5iss38
 
Dit yvol5iss37
Dit yvol5iss37Dit yvol5iss37
Dit yvol5iss37
 
Dit yvol5iss36
Dit yvol5iss36Dit yvol5iss36
Dit yvol5iss36
 
Dit yvol5iss35
Dit yvol5iss35Dit yvol5iss35
Dit yvol5iss35
 
Dit yvol5iss34
Dit yvol5iss34Dit yvol5iss34
Dit yvol5iss34
 
Dit yvol5iss31
Dit yvol5iss31Dit yvol5iss31
Dit yvol5iss31
 
Dit yvol5iss33
Dit yvol5iss33Dit yvol5iss33
Dit yvol5iss33
 
Dit yvol5iss32
Dit yvol5iss32Dit yvol5iss32
Dit yvol5iss32
 
Dit yvol5iss30
Dit yvol5iss30Dit yvol5iss30
Dit yvol5iss30
 
Dit yvol5iss29
Dit yvol5iss29Dit yvol5iss29
Dit yvol5iss29
 
Dit yvol5iss28
Dit yvol5iss28Dit yvol5iss28
Dit yvol5iss28
 
Dit yvol5iss26
Dit yvol5iss26Dit yvol5iss26
Dit yvol5iss26
 
Dit yvol5iss25
Dit yvol5iss25Dit yvol5iss25
Dit yvol5iss25
 
Dit yvol5iss24
Dit yvol5iss24Dit yvol5iss24
Dit yvol5iss24
 
Dit yvol5iss23
Dit yvol5iss23Dit yvol5iss23
Dit yvol5iss23
 
Dit yvol5iss22
Dit yvol5iss22Dit yvol5iss22
Dit yvol5iss22
 
Dit yvol5iss21
Dit yvol5iss21Dit yvol5iss21
Dit yvol5iss21
 

Recently uploaded

Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
Matthias Neugebauer
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
shanihomely
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
ssuser1915fe1
 
kk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdfkk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdf
KIRAN KV
 
Improving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning ContentImproving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning Content
Enterprise Knowledge
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
maigasapphire
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Nicolás Lopéz
 
Gen AI: Privacy Risks of Large Language Models (LLMs)
Gen AI: Privacy Risks of Large Language Models (LLMs)Gen AI: Privacy Risks of Large Language Models (LLMs)
Gen AI: Privacy Risks of Large Language Models (LLMs)
Debmalya Biswas
 
Redefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI CapabilitiesRedefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI Capabilities
Priyanka Aash
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
Google Developer Group - Harare
 
Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3
DianaGray10
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
Zilliz
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
janagijoythi
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
bellared2
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
SelfMade bd
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
Ivanti
 
The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
Razin Mustafiz
 
Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10
ankush9927
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
DianaGray10
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
Jimmy Lai
 

Recently uploaded (20)

Opencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of MünsterOpencast Summit 2024 — Opencast @ University of Münster
Opencast Summit 2024 — Opencast @ University of Münster
 
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
Premium Girls Call Mumbai 9920725232 Unlimited Short Providing Girls Service ...
 
Feature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptxFeature sql server terbaru performance.pptx
Feature sql server terbaru performance.pptx
 
kk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdfkk vathada _digital transformation frameworks_2024.pdf
kk vathada _digital transformation frameworks_2024.pdf
 
Improving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning ContentImproving Learning Content Efficiency with Reusable Learning Content
Improving Learning Content Efficiency with Reusable Learning Content
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
 
Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024Vertex AI Agent Builder - GDG Alicante - Julio 2024
Vertex AI Agent Builder - GDG Alicante - Julio 2024
 
Gen AI: Privacy Risks of Large Language Models (LLMs)
Gen AI: Privacy Risks of Large Language Models (LLMs)Gen AI: Privacy Risks of Large Language Models (LLMs)
Gen AI: Privacy Risks of Large Language Models (LLMs)
 
Redefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI CapabilitiesRedefining Cybersecurity with AI Capabilities
Redefining Cybersecurity with AI Capabilities
 
Google I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged SlidesGoogle I/O Extended Harare Merged Slides
Google I/O Extended Harare Merged Slides
 
Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3Communications Mining Series - Zero to Hero - Session 3
Communications Mining Series - Zero to Hero - Session 3
 
The History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal EmbeddingsThe History of Embeddings & Multimodal Embeddings
The History of Embeddings & Multimodal Embeddings
 
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptxMAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
MAKE MONEY ONLINE Unlock Your Income Potential Today.pptx
 
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
Russian Girls Call Navi Mumbai 🎈🔥9920725232 🔥💋🎈 Provide Best And Top Girl Ser...
 
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdfLeadMagnet IQ Review:  Unlock the Secret to Effortless Traffic and Leads.pdf
LeadMagnet IQ Review: Unlock the Secret to Effortless Traffic and Leads.pdf
 
Patch Tuesday de julio
Patch Tuesday de julioPatch Tuesday de julio
Patch Tuesday de julio
 
The Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - CoatueThe Path to General-Purpose Robots - Coatue
The Path to General-Purpose Robots - Coatue
 
Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10Computer HARDWARE presenattion by CWD students class 10
Computer HARDWARE presenattion by CWD students class 10
 
How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...How UiPath Discovery Suite supports identification of Agentic Process Automat...
How UiPath Discovery Suite supports identification of Agentic Process Automat...
 
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python CodebaseEuroPython 2024 - Streamlining Testing in a Large Python Codebase
EuroPython 2024 - Streamlining Testing in a Large Python Codebase
 

Dit yvol3iss3

  • 1. itSM Solutions® DITY™ Newsletter Reprint This is a reprint of an itSM Solutions® DITY™ Newsletter. Our members receive our weekly DITY Newsletter, and have access to practical and often entertaining articles in our archives. DITY is the newsletter for IT professionals who want a workable, practical guide to implementing ITIL best practices -- without the hype. become a member (It's Free. Visit http://www.itsmsolutions.com/newsletters/DITY.htm) Publisher itSM Solutions™ LLC 31 South Talbert Blvd #295 Lexington, NC 27292 Phone (336) 510-2885 Fax (336) 798-6296 Find us on the web at: http://www.itsmsolutions.com. To report errors please send a note to the editor, Hank Marquis at hank.marquis@itsmsolutions.com For information on obtaining copies of this guide contact: sales@itsmsolutions.com Copyright © 2006 Nichols-Kuhn Group. ITIL Glossaries © Crown Copyright Office of Government Commerce. Reproduced with the permission of the Controller of HMSO and the Office of Government Commerce. Notice of Rights / Restricted Rights Legend All rights reserved. Reproduction or transmittal of this guide or any portion thereof by any means whatsoever without prior written permission of the Publisher is prohibited. All itSM Solutions products are licensed in accordance with the terms and conditions of the itSM Solutions Partner License. No title or ownership of this guide, any portion thereof, or its contents is transferred, and any use of the guide or any portion thereof beyond the terms of the previously mentioned license, without written authorization of the Publisher, is prohibited. Notice of Liability This guide is distributed "As Is," without warranty of any kind, either express or implied, respecting the content of this guide, including but not limited to implied warranties for the guide's quality, performance, merchantability, or fitness for any particular purpose. Neither the authors, nor itSM Solutions LLC, its dealers or distributors shall be liable with respect to any liability, loss or damage caused or alleged to have been caused directly or indirectly by the contents of this guide. Trademarks itSM Solutions is a trademark of itSM Solutions LLC. Do IT Yourself™ and DITY™ are trademarks of Nichols-Kuhn Group. ITIL ® is a Registered Trade Mark, and a Registered Community Trade Mark of the Office of Government Commerce, and is registered in the U.S. Patent and Trademark Office, and is used here by itSM Solutions LLC under license from and with the permission of OGC (Trade Mark License No. 0002). IT Infrastructure Library ® is a Registered Trade Mark of the Office of Government Commerce and is used here by itSM Solutions LLC under license from and with the permission of OGC (Trade Mark License No. 0002). Other product names mentioned in this guide may be trademarks or registered trademarks of their respective companies.
  • 2. Impact Assessment in 5 Simple Steps Instructor Portal Downloads Newsletters --------------------------------------------- DITY™ Newsletter Vol. 3.3 • January 17, 2007 Impact Assessment In 5 Simple Steps Subscribe Its Free! RSS Stay up to date! PDF Pass it around! Print page IT is its own worst enemy—Gartner and others have documented that about 80% of all Incidents occur because of failed change management activities. However, it does not have to be that way. Change Impact Assessment is well known outside of IT... By Hank Marquis Anyone familiar with ITIL® has heard of an “Impact Assessment.” While there are many places in the ITIL that mention assessing impact, this article focuses on assessing the potential impact of changes. Change impact assessment is a systematic approach that seeks to discover possible risks associated with a Request for Change (RFC.) Failure to discover the risks of a proposed change is the top reason for that popular dance, the IT 2step. Everybody knows it, it goes like this "take one step forward, now two steps back..." Seriously though, most failed changes are simply the result of not taking into account current activities, and a failure to communicate anticipated activities. This includes any situation which proposes to alter system configurations, operating practices, http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (1 of 5)1/13/2007 1:44:31 PM
  • 3. Impact Assessment in 5 Simple Steps policies, or procedures, and any new or different activities to be performed. For change impact assessment, or simply impact assessment, to be effective the practitioner has to explore all of the differences between normal operations and any conditions that introduce risks or may contribute to a failed change. Used effectively, impact assessment can proactively manage risk. It is a simple idea that can be implemented quickly using a word processor or spreadsheet -- it requires no complex software. It does require careful adherence to a formal procedure however, and teamwork. Following I describe how to reduce the risks of making changes by introducing a simple, effective, formal change impact assessment procedure based on best practices. Impact Assessment 101 Impact assessment is a fairly mature and formal activity in most organizations outside of IT, the military in particular has deep experience in planning changes. Yet for some reason most IT impact assessment consists of emailing around an RFC and waiting for someone to comment about it, or worse, a lead tech working in isolation on "one little change." Another popular method I see for impact assessment is a meeting, usually the day or two before the change is to occur, where department heads talk about the work upcoming. However, it is clear that existing impact assessment does not work. Every year all the big think tanks always report that IT is its own worst enemy—Gartner and others have documented that about 80% of all Incidents occur because of failed change management activities. However, it does not have to be that way. Change impact assessment is well known outside of IT, and there are models for performing impact assessment. While effective and easily implemented, impact assessment is not a panacea and does not totally replace existing change procedures, instead, you should strive to improve your existing process. The procedure for performing an impact assessment consists of the following five steps: 1. Define the extent of the change proposed 2. Determine key differences in the changed state (proposed) from a point of reference or the original state 3. Focus on the possible effects of the key differences from step #2 4. Sort and prioritize the possible effects (#3) from the key differences (#2) based on risk and possibility 5. Make a decision using the results Sounds easy! So lets actually try to use our new system. Step #1 -- Define Extent of the Change Assuming you have in hand an RFC that wants to "Upgrade Desktops to Vista", prepare a document (word processor is fine) that describes the extent of the change. Be specific, and list all boundaries for all systems. Without a clear understanding of the change, you can't identify risks. Clearly, some of this will be in the RFC already, but you need to make sure to capture all possible descriptions of the environment for the change. Take a tact of tying to identify what will probably occur or be going on before, during, and after the change. Try to consider as many environments or angles as possible. For example: http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (2 of 5)1/13/2007 1:44:31 PM
  • 4. Impact Assessment in 5 Simple Steps Probable Events With "Upgrade Desktops to Vista" q q q Scope: Initial upgrade IT department only, IT non-production workstations only, no servers, no desktops, laptops only. Work Environment r Some IT workers only have laptops r Some workers will be traveling and not in the office Platform Environment r Disk space requires is 300MB r Transition of existing preferences, installations, and configurations r Memory required is 2GB r CPU speed must be at least 1.2GHZ Table 1. Probable Events Your goal here is to describe, as fully as possible, the environment and situation for the change. The more detail, the better. Step #2 -- Determine Key Differences The basis of the impact assessment is to compare the proposed state of the infrastructure or organization after the change with the state before the change. Of course, with something new there is no existing baseline, in which case you can choose a similar situation, or even do research about other implementations. The goal is to identify all of the differences, large and small, between the pre and post -change states. Examine previous changes. Check for similar changes in other systems, departments, technology silos and divisions. Check for failures by reviewing past change records, incident logs, and problem reports. Review the Internet for documents describing what others have found and done. After establishing your reference sources, in a table list out all the differences between the references (failures and success.) Don't try to sort, categorize, or judge them. Your goal is as many types of differences as possible. Common differences include: q Hardware and software models, versions, platforms, etc. q Staff, personnel, vendor, and support persons, etc. q Process, procedures, organization, schedules, time of day, etc. q Environment, location, installation, etc. This step is ideal for use with a group—assemble a team, give them the reference data in advance, have them prepare, then host a meeting where you can lead a brainstorming session to develop as many potential differences as possible. Record them into a table, with references, for use in the next step. Assuming the previous probable events table (like table 1), a possible output (for example purposes only) might look like this: Key Differences Between Normal and "Upgrade Desktops to Vista" q q Work Environment/ Some IT workers only have laptops r they will be working using their laptops (not available to upgrade) r might not be in office at the appropriate time (e.g., work/travel) Platform Environment/ Disk space requires is 300MB r Previous changes needed less disk space (was 512MB) r Several changes backed out due to lack of disk space (had 1GB) Table 2. Key Differences Here it is very important to uncover positive, negative, and neutral trends. This means you should check http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (3 of 5)1/13/2007 1:44:31 PM
  • 5. Impact Assessment in 5 Simple Steps for successful changes as well. Don't forget to consider your regulatory environment, and you can also use theoretical models like the ITIL and others, that describe a “perfect world” and compare the change to it. Step #3 -- Focus on Effects Study each of the differences listed in the table created in the last step (table 2). Ask if this difference has the potential to cause unexpected side effects. Consider the reference materials—has their been a history of fault or failure because of this difference? Has this difference not had any impact? Be sure to imagine positive, negative and neutral affects. This step is also ideal for a group. Impact Assessment of Upgrade Desktops to Vista Risk Mitigation Differences from Normal Some IT workers only have laptops Potential Effects Prevention Steps Ensure accurate listing of all laptops and workers Make sure there is a system They will have work available to users during the to do upgrade They might not be in the office Monitoring Steps Step up inquires about which applications are required Step up inquires about which applications are required Table 3. Possible Effects of Key Differences Your goal here is to consider the differences for each probable event. For each potential effect, try to list out what you can do to detect it (monitor) and prevent it. This forms the basis of the impact assessment, for the starting point for risk assessment. Step #4 -- Sort and Prioritize Using the risk analysis system I presented in “10 Steps to Do It Yourself CRAMM”, make an effort to prioritize potential effect; taking into account the effort, costs, and probability of its occurrence. Of course, full probability assessment is beyond the scope of this article, but you can get pretty close. Your output is a list of recommendations, with pros and cons, to submit to the CAB or whomever requires it. Your work is self-justifying. That is, using plain simple terms, past experience, and formal planning, you will present what is currently happening, what might happen and ways to make sure the bad does not occur. This is all it takes for leaders to make decisions and prepare. Step #5 -- Make a Decision Use the results of the sorted, prioritized risk assessment to identify vulnerabilities and make recommendations to mitigate the risks. Use the recommendations to show how to avoid, or if too costly, respond effectively, should something go wrong with the change. Compare the benefits of following your recommendations to the potential costs of not following them. Decide whether the potential risk is acceptable or not. Summary A formalized approach to change impact assessment is inexpensive and can produce high quality decisions. It requires following a process, and having the time to follow a process. While the approach presented here is well tested and sound, it does have some limitations: q q q This method relies heavily on the references you choose -- choose the wrong reference or miss a reference and it might not work as well Without a CMDB that incorporates organizational learning it is hard to find references Your results will only be as good as the knowledge and skills of the people performing the assessment http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (4 of 5)1/13/2007 1:44:31 PM
  • 6. Impact Assessment in 5 Simple Steps Even with these caveats, this is still probably the easiest and simplest method to formalize change impact analysis. Follow these simple steps, and you just might find yourself out of the “one step forward, two steps back” routine! Subscribe Its Free! RSS Stay up to date! PDF Pass it around! Where to go from here: q q q Subscribe to our newsletter and get new skills delivered right to your Inbox, click here. Download this article in PDF format for use at your own convenience, click here. Use your favorite RSS reader to stay up to date, click here. Related articles: q q 10 Steps to Do It Yourself CRAMM explains how to establish a risk assessment system. Browse back-issues of the DITY Newsletter, click here. Home Methodology http://www.itsmsolutions.com/newsletters/DITYvol3iss3.htm (5 of 5)1/13/2007 1:44:31 PM About Us Products Contact Us