This document outlines the change management process and procedures for XXXXX Information Technology. It defines change levels from Level 1 to Level 4 based on impact and risk, with Level 1 being minor changes and Level 4 being major changes. It describes the approval, lead time, and documentation requirements for each level. It also outlines the roles and responsibilities in the change management process and the workflows to enter, approve, implement, and close a change request.
How to select the right control valvesSowmiya Siva
When selecting control valves, it’s advisable to be sure to evaluate how the valve’s features match the application’s requirements in terms of connectivity for remote monitoring, stable flow control, versatility, and ability to handle a range of flows. Click here to know more http://valvulasfevisa.com/
The document discusses process control systems. It defines a process as a sequence of interdependent steps that transforms inputs into outputs. Control refers to regulating all aspects of a process. There are three main types of processes: continuous, batch, and discrete. A process control system uses sensors, controllers and actuators to monitor and regulate variables like pressure, temperature and flow to maintain efficiency and safety. Common applications include manufacturing plants and wastewater treatment. Advanced process control techniques like model predictive control use dynamic models and optimization to control multiple variables simultaneously.
FoCul developed a browser-based management of change solution for PX Ltd to manage engineering changes at a critical CHP plant in a controlled and auditable way. The solution implemented a multi-stage workflow including concept approval, risk assessment, specification checking, execution, review and closure. It provided configurable risk assessments, action tracking, and reporting dashboards. PX praised the solution for improving efficiency of change management and consistency of applying appropriate risk processes. The external auditors also found the system effective.
Many manufactured products can have a significant impact on the well-being of consumers. As such, it stands to reason that stringent requirements and standards be set firmly in place for their manufacture.
The Critical KPI to drive Manufacturing ProductivityJason Corder
A net reduction in cost of operations directly and positively affects the bottom line. Companies can boost revenue without sacrificing profitability by factoring in long-term debt-to capital ratio. Since finance puts a premium on a company’s ability to maximize productivity and use existing assets, you have to continually measure, analyze, and adjust your processes. This is accomplished by a rigorous practice of productivity gains, cost cutting with increased efficiencies, and maximizing returns on fixed assets.
How To Build A Change Control System with SharePointDux Raymond Sy
Presented by Dux Raymond Sy
meetdux.com
SharePoint Technology Conference
June 24, 2009
Cambridge, MA
Watch Recorded Screencast: http://vimeo.com/5358854
Reliability-centered Maintenance is a maintenance philosophy that includes a systematic approach to determining how to maintain equipment safely and economically. RCM is an invaluable business solution for companies
In situations where equipment failure is inevitable, the structured RCM process will ensure a maintenance strategy that will minimise or eliminate the consequences.
The central problem addressed by the RCM process is how to determine which scheduled maintenance tasks, if any, should be assigned to equipment, and how frequently
This document provides a summary of M Venkata Narayana's professional experience and qualifications. It summarizes that he has over 16 years of experience in maintenance and manufacturing operations. It also lists some of his key accomplishments, including receiving an award for implementing an integrated management system and saving over 30 lakhs annually through energy efficiency initiatives. His experience includes roles at PepsiCo, Mars, Parle Agro, and Pennar Industries in areas like maintenance, production, project execution, and inventory control.
How to select the right control valvesSowmiya Siva
When selecting control valves, it’s advisable to be sure to evaluate how the valve’s features match the application’s requirements in terms of connectivity for remote monitoring, stable flow control, versatility, and ability to handle a range of flows. Click here to know more http://valvulasfevisa.com/
The document discusses process control systems. It defines a process as a sequence of interdependent steps that transforms inputs into outputs. Control refers to regulating all aspects of a process. There are three main types of processes: continuous, batch, and discrete. A process control system uses sensors, controllers and actuators to monitor and regulate variables like pressure, temperature and flow to maintain efficiency and safety. Common applications include manufacturing plants and wastewater treatment. Advanced process control techniques like model predictive control use dynamic models and optimization to control multiple variables simultaneously.
FoCul developed a browser-based management of change solution for PX Ltd to manage engineering changes at a critical CHP plant in a controlled and auditable way. The solution implemented a multi-stage workflow including concept approval, risk assessment, specification checking, execution, review and closure. It provided configurable risk assessments, action tracking, and reporting dashboards. PX praised the solution for improving efficiency of change management and consistency of applying appropriate risk processes. The external auditors also found the system effective.
Many manufactured products can have a significant impact on the well-being of consumers. As such, it stands to reason that stringent requirements and standards be set firmly in place for their manufacture.
The Critical KPI to drive Manufacturing ProductivityJason Corder
A net reduction in cost of operations directly and positively affects the bottom line. Companies can boost revenue without sacrificing profitability by factoring in long-term debt-to capital ratio. Since finance puts a premium on a company’s ability to maximize productivity and use existing assets, you have to continually measure, analyze, and adjust your processes. This is accomplished by a rigorous practice of productivity gains, cost cutting with increased efficiencies, and maximizing returns on fixed assets.
How To Build A Change Control System with SharePointDux Raymond Sy
Presented by Dux Raymond Sy
meetdux.com
SharePoint Technology Conference
June 24, 2009
Cambridge, MA
Watch Recorded Screencast: http://vimeo.com/5358854
Reliability-centered Maintenance is a maintenance philosophy that includes a systematic approach to determining how to maintain equipment safely and economically. RCM is an invaluable business solution for companies
In situations where equipment failure is inevitable, the structured RCM process will ensure a maintenance strategy that will minimise or eliminate the consequences.
The central problem addressed by the RCM process is how to determine which scheduled maintenance tasks, if any, should be assigned to equipment, and how frequently
This document provides a summary of M Venkata Narayana's professional experience and qualifications. It summarizes that he has over 16 years of experience in maintenance and manufacturing operations. It also lists some of his key accomplishments, including receiving an award for implementing an integrated management system and saving over 30 lakhs annually through energy efficiency initiatives. His experience includes roles at PepsiCo, Mars, Parle Agro, and Pennar Industries in areas like maintenance, production, project execution, and inventory control.
Difference Between Quality Control Inspection and Commissioning InspectionOlivia Wilson
Commissioning is a complex process but it's an important process in the transition from construction to the commissioning phase. This is where the documents for QC (Quality Control) and Commissioning Inspections come in. Find here more about these inspections and types: https://www.global-cxm.com/commissioning/
This document summarizes the quality management pillar activities at a company. It discusses the vision, goals, organization structure and targets of the quality management pillar. It then describes the quality management approach, including identifying defects, conducting analysis to determine root causes, and implementing improvements. Metrics such as KPIs and defects are analyzed over time. Future plans include continuing to refine processes and reduce defects.
SoftExpert provides software solutions for advanced product quality planning (APQP) and product part approval processes (PPAP). The document discusses APQP and PPAP, including their purposes and focuses. It then describes SoftExpert's product lifecycle management software, which enables companies to manage all aspects of a product's lifecycle. The software includes features like workflows, bills of materials, documents, inspections, forms, and analytics. Finally, the document provides testimonials from customers who implemented SoftExpert's software to improve their product development and approval processes.
This document discusses preventive maintenance and calibration. It defines preventive maintenance and lists its types. The key benefits are avoiding breakdowns, keeping equipment healthy, and saving costs compared to breakdown maintenance. Calibration ensures instruments are accurate by comparing them to standards. The document outlines the regulatory requirements and the roles and procedures for preventive maintenance and calibration.
This document discusses process control and process variables. It defines key terms like process, process variables, control variables, set points, and manipulated variables. It explains that the objective of process control is to convert raw materials into desired products using available energy sources efficiently while meeting safety, environmental, and economic requirements. It also describes different types of feedback systems used in process control like positive and negative feedback loops and discusses their advantages and disadvantages.
Presentation describes the importance of IT validation from the perspectives of the FDA and our company. It explains GAMP 5, the Validation Life Cycle, good documentation practices, document naming conventions, Change Control, Problem Management, Periodic Evaluation, FDA 483 Warning Letters and 21 CFR Part 11 and a unique Validation Life Cycle.
Advanced control foundation tools and techniquesEmerson Exchange
A new book on advanced control fundamental will be published by ISA in September, 2012. This book addresses all the advanced control products that are included in the DeltaV control system or are planned for a future DeltaV release. In this session two of the authors present and discuss key areas addressed in the book and demonstrate web site that accompanies the book.
Maximo - Management of Change (MOC) Implementation Best PracticesHelen Fisher
BPD Zenith's MOC Presentation covers:
Management of Change – Who owns the Project and why it should be done
MOC – Where to start and how to nail down the business process
MOC – Next Steps – Identify the Roles
MOC – Define the Business Rules
MOC – Why you need a workflow
Recommended Configurations to the System
Suggested Implementation Plan
20080115 03 - Qualimétrie et CMMi dans les applications temps réel embarquéesLeClubQualiteLogicielle
This document provides information about Wavecom's implementation of CMMI and quality processes for embedded software development.
It begins with an introduction of Wavecom as a leading provider of wireless communication solutions. It then outlines Wavecom's software improvement plan to achieve CMMI level 3 compliance globally.
The document discusses key aspects of CMMI, including the maturity levels, process areas, and how CMMI is intended to drive process improvement through measurement and analysis. It proposes how Wavecom will leverage quality assurance and quality control processes focused on both product and process measurement to demonstrate improvements from their CMMI implementation.
Management control systems are important for ensuring that organizational performance meets expectations. The control process involves setting standards, monitoring actual performance, and taking corrective actions for any deviations. A control system has four key elements: detectors that identify the current state, assessors that compare actual to standards, effectors that provide feedback, and communication networks. Feedback control systems react to deviations by waiting for the control loop to complete, while feed forward systems can manipulate outputs based on inputs to preemptively address potential issues. An effective management control system takes a systems approach by integrating interrelated activities within a cohesive framework to achieve goals.
Maximizing the return on your control investment meet the experts sessions pa...Emerson Exchange
The design and commissioning of the controls associated with a continuous or batch process directly impact plant operating efficiency and production quality and throughput. In this session we review techniques that may be used to identify control opportunities to reduce production costs, minimize variations in product quality and to maximize production within the limits set by market demand. Several common application examples from the process industry will be used to illustrate how plant production rate and product quality are directly influenced by process control variation and constraints in plant operation. Starting with an assessment of control loop utilization and automatic control performance, a step by step process is outlined that may be used to identifying and addressing areas where it is possible to justified the time and material costs required to improve control performance. In particular, information will be provided on how to quickly tune single loop control of self-regulating or integrating process and to recognize when variations in control loop performance are not associated with loop tuning. An overview will be provided of tools and techniques that may be used to achieve best control performance over a wide variety of operating conditions. Also, guidance will be provided on when it is possible to justify the cost associated with the installation and commissioning of multi-loop techniques such as feedforward control, ratio and override control. The steps required to commission multi-loop control strategies will be address along with common mistakes to avoid. Also, input will be provided on how to recognize when advanced control techniques such as Fuzzy logic or MPC are needed to achieve the desired control performance. At the end of this session a drawing will be held to give away 10 copies of “Control Loop Foundation – Batch and Continuous Processes”. Many of the ideas discussed in this session are addressed in this book.
The document discusses intelligent maintenance strategies using Siemens' SIMATIC PCS 7 Maintenance Station software. It describes how the software provides a centralized interface for maintenance personnel to monitor asset status across an entire automated plant and process chain. Key information on components is standardized and organized hierarchically for easy access. This allows maintenance to move from a reactive to proactive approach of preventing issues before failures occur to improve productivity and availability.
The term Prestartup Safety Review (PSSR) first received prominence in the process industries with the introduction of the Process Safety Management (PSM) regulations.
ControlTech Automation is a world-class manufacturer of industrial control integration solutions, offering services including control panel design, manufacturing, and certification. It specializes in packaging, process, facilities, utilities, and other industrial applications. ControlTech aims to develop long-term partnerships with clients by providing quality, value, and superior service. It maintains design and manufacturing facilities in St. Louis, MO and Atlanta, GA to serve clients across various industries.
Production System is a collection of people, equipment and procedures organized to perform the manufacturing operation of the company or organization.
Two Type Of Production System:
○Push Production System
○Pull Production System
The document discusses Design Failure Mode and Effects Analysis (DFMEA) which identifies ways failures can occur, estimates their effects and seriousness, and recommends corrective actions. It also discusses reliability prediction and measurement, techniques like standardization and redundancy to optimize reliability, tools for design verification, reliability testing, measurement system evaluation including accuracy, precision, calibration, and process capability evaluation.
Ulfat Hussain has over 12 years of experience as a senior instrumentation and control engineer, working on projects in Karachi and at the Chashma Power Plant in Pakistan. His responsibilities have included maintenance, commissioning, testing, and design of instrumentation and control systems for power plants. Currently he works as a senior I&C commissioning engineer at Karachi Power Plants K-2/K-3, where his roles include commissioning and testing of field instrumentation, PLCs, DCS systems, and other equipment.
Controlling SOA in Support of Operational Improvement (ISPE PE Vol 31 No 4 - ...David Stokes
The document discusses an approach to leveraging GAMP good practices to facilitate the qualification and validation of IT middleware and Service Oriented Architecture (SOA) in the life sciences industry. It presents SOA as a way to more efficiently integrate systems and automate business processes. However, adoption has been limited due to a lack of guidance on how to ensure middleware and SOA are compliant. The article proposes categorizing SOA components as either utility services, which can be qualified as IT infrastructure, or business services, which usually require validation. It provides a framework to help assess and control SOA in a risk-based manner.
The challenges facing in pharmaceutical maintenanceMANUEL PACINI
Maintenance strategies for the pharmaceutical industry.
Maintenance and service-related items are often the second-largest budget element in a laboratory after salaries and benefits
This document provides an overview of leading corporate change and change management. It discusses key principles of change including viewing change as a process, linking change to business goals, building organizational capacity for change, and understanding that behavioral change occurs at the emotional level. It also outlines five key activities for effective change management: motivating change, creating a vision, developing political support, managing the transition, and sustaining momentum. Additionally, it discusses forces for change, resistance to change, and elements to enable change such as change architecture, communication, performance management, and leadership capacity.
1. Compare total costs to total volume growth using regression analysis to identify if costs are increasing faster than volume. Costs should not increase as fast as volume.
2. Separate manufacturing and non-manufacturing costs and analyze cost growth for each to see how value-adding vs non-value adding functions are impacting costs.
3. Perform product-level analysis of cost trends vs volume growth and manufacturing vs non-manufacturing costs to identify opportunities at the product line level.
Difference Between Quality Control Inspection and Commissioning InspectionOlivia Wilson
Commissioning is a complex process but it's an important process in the transition from construction to the commissioning phase. This is where the documents for QC (Quality Control) and Commissioning Inspections come in. Find here more about these inspections and types: https://www.global-cxm.com/commissioning/
This document summarizes the quality management pillar activities at a company. It discusses the vision, goals, organization structure and targets of the quality management pillar. It then describes the quality management approach, including identifying defects, conducting analysis to determine root causes, and implementing improvements. Metrics such as KPIs and defects are analyzed over time. Future plans include continuing to refine processes and reduce defects.
SoftExpert provides software solutions for advanced product quality planning (APQP) and product part approval processes (PPAP). The document discusses APQP and PPAP, including their purposes and focuses. It then describes SoftExpert's product lifecycle management software, which enables companies to manage all aspects of a product's lifecycle. The software includes features like workflows, bills of materials, documents, inspections, forms, and analytics. Finally, the document provides testimonials from customers who implemented SoftExpert's software to improve their product development and approval processes.
This document discusses preventive maintenance and calibration. It defines preventive maintenance and lists its types. The key benefits are avoiding breakdowns, keeping equipment healthy, and saving costs compared to breakdown maintenance. Calibration ensures instruments are accurate by comparing them to standards. The document outlines the regulatory requirements and the roles and procedures for preventive maintenance and calibration.
This document discusses process control and process variables. It defines key terms like process, process variables, control variables, set points, and manipulated variables. It explains that the objective of process control is to convert raw materials into desired products using available energy sources efficiently while meeting safety, environmental, and economic requirements. It also describes different types of feedback systems used in process control like positive and negative feedback loops and discusses their advantages and disadvantages.
Presentation describes the importance of IT validation from the perspectives of the FDA and our company. It explains GAMP 5, the Validation Life Cycle, good documentation practices, document naming conventions, Change Control, Problem Management, Periodic Evaluation, FDA 483 Warning Letters and 21 CFR Part 11 and a unique Validation Life Cycle.
Advanced control foundation tools and techniquesEmerson Exchange
A new book on advanced control fundamental will be published by ISA in September, 2012. This book addresses all the advanced control products that are included in the DeltaV control system or are planned for a future DeltaV release. In this session two of the authors present and discuss key areas addressed in the book and demonstrate web site that accompanies the book.
Maximo - Management of Change (MOC) Implementation Best PracticesHelen Fisher
BPD Zenith's MOC Presentation covers:
Management of Change – Who owns the Project and why it should be done
MOC – Where to start and how to nail down the business process
MOC – Next Steps – Identify the Roles
MOC – Define the Business Rules
MOC – Why you need a workflow
Recommended Configurations to the System
Suggested Implementation Plan
20080115 03 - Qualimétrie et CMMi dans les applications temps réel embarquéesLeClubQualiteLogicielle
This document provides information about Wavecom's implementation of CMMI and quality processes for embedded software development.
It begins with an introduction of Wavecom as a leading provider of wireless communication solutions. It then outlines Wavecom's software improvement plan to achieve CMMI level 3 compliance globally.
The document discusses key aspects of CMMI, including the maturity levels, process areas, and how CMMI is intended to drive process improvement through measurement and analysis. It proposes how Wavecom will leverage quality assurance and quality control processes focused on both product and process measurement to demonstrate improvements from their CMMI implementation.
Management control systems are important for ensuring that organizational performance meets expectations. The control process involves setting standards, monitoring actual performance, and taking corrective actions for any deviations. A control system has four key elements: detectors that identify the current state, assessors that compare actual to standards, effectors that provide feedback, and communication networks. Feedback control systems react to deviations by waiting for the control loop to complete, while feed forward systems can manipulate outputs based on inputs to preemptively address potential issues. An effective management control system takes a systems approach by integrating interrelated activities within a cohesive framework to achieve goals.
Maximizing the return on your control investment meet the experts sessions pa...Emerson Exchange
The design and commissioning of the controls associated with a continuous or batch process directly impact plant operating efficiency and production quality and throughput. In this session we review techniques that may be used to identify control opportunities to reduce production costs, minimize variations in product quality and to maximize production within the limits set by market demand. Several common application examples from the process industry will be used to illustrate how plant production rate and product quality are directly influenced by process control variation and constraints in plant operation. Starting with an assessment of control loop utilization and automatic control performance, a step by step process is outlined that may be used to identifying and addressing areas where it is possible to justified the time and material costs required to improve control performance. In particular, information will be provided on how to quickly tune single loop control of self-regulating or integrating process and to recognize when variations in control loop performance are not associated with loop tuning. An overview will be provided of tools and techniques that may be used to achieve best control performance over a wide variety of operating conditions. Also, guidance will be provided on when it is possible to justify the cost associated with the installation and commissioning of multi-loop techniques such as feedforward control, ratio and override control. The steps required to commission multi-loop control strategies will be address along with common mistakes to avoid. Also, input will be provided on how to recognize when advanced control techniques such as Fuzzy logic or MPC are needed to achieve the desired control performance. At the end of this session a drawing will be held to give away 10 copies of “Control Loop Foundation – Batch and Continuous Processes”. Many of the ideas discussed in this session are addressed in this book.
The document discusses intelligent maintenance strategies using Siemens' SIMATIC PCS 7 Maintenance Station software. It describes how the software provides a centralized interface for maintenance personnel to monitor asset status across an entire automated plant and process chain. Key information on components is standardized and organized hierarchically for easy access. This allows maintenance to move from a reactive to proactive approach of preventing issues before failures occur to improve productivity and availability.
The term Prestartup Safety Review (PSSR) first received prominence in the process industries with the introduction of the Process Safety Management (PSM) regulations.
ControlTech Automation is a world-class manufacturer of industrial control integration solutions, offering services including control panel design, manufacturing, and certification. It specializes in packaging, process, facilities, utilities, and other industrial applications. ControlTech aims to develop long-term partnerships with clients by providing quality, value, and superior service. It maintains design and manufacturing facilities in St. Louis, MO and Atlanta, GA to serve clients across various industries.
Production System is a collection of people, equipment and procedures organized to perform the manufacturing operation of the company or organization.
Two Type Of Production System:
○Push Production System
○Pull Production System
The document discusses Design Failure Mode and Effects Analysis (DFMEA) which identifies ways failures can occur, estimates their effects and seriousness, and recommends corrective actions. It also discusses reliability prediction and measurement, techniques like standardization and redundancy to optimize reliability, tools for design verification, reliability testing, measurement system evaluation including accuracy, precision, calibration, and process capability evaluation.
Ulfat Hussain has over 12 years of experience as a senior instrumentation and control engineer, working on projects in Karachi and at the Chashma Power Plant in Pakistan. His responsibilities have included maintenance, commissioning, testing, and design of instrumentation and control systems for power plants. Currently he works as a senior I&C commissioning engineer at Karachi Power Plants K-2/K-3, where his roles include commissioning and testing of field instrumentation, PLCs, DCS systems, and other equipment.
Controlling SOA in Support of Operational Improvement (ISPE PE Vol 31 No 4 - ...David Stokes
The document discusses an approach to leveraging GAMP good practices to facilitate the qualification and validation of IT middleware and Service Oriented Architecture (SOA) in the life sciences industry. It presents SOA as a way to more efficiently integrate systems and automate business processes. However, adoption has been limited due to a lack of guidance on how to ensure middleware and SOA are compliant. The article proposes categorizing SOA components as either utility services, which can be qualified as IT infrastructure, or business services, which usually require validation. It provides a framework to help assess and control SOA in a risk-based manner.
The challenges facing in pharmaceutical maintenanceMANUEL PACINI
Maintenance strategies for the pharmaceutical industry.
Maintenance and service-related items are often the second-largest budget element in a laboratory after salaries and benefits
This document provides an overview of leading corporate change and change management. It discusses key principles of change including viewing change as a process, linking change to business goals, building organizational capacity for change, and understanding that behavioral change occurs at the emotional level. It also outlines five key activities for effective change management: motivating change, creating a vision, developing political support, managing the transition, and sustaining momentum. Additionally, it discusses forces for change, resistance to change, and elements to enable change such as change architecture, communication, performance management, and leadership capacity.
1. Compare total costs to total volume growth using regression analysis to identify if costs are increasing faster than volume. Costs should not increase as fast as volume.
2. Separate manufacturing and non-manufacturing costs and analyze cost growth for each to see how value-adding vs non-value adding functions are impacting costs.
3. Perform product-level analysis of cost trends vs volume growth and manufacturing vs non-manufacturing costs to identify opportunities at the product line level.
This document provides an overview of change management processes within EVO, Vodafone's global ERP platform. It discusses the role of change management in ensuring SOX compliance and minimizing disruption. Key points covered include:
- Categories of changes (normal, minor, emergency, fast track) and their approval processes
- The change advisory board (CAB) and emergency CAB processes for normal and emergency changes
- Checklists and risk assessments that changes must go through
- New demand process for design changes to EVO
- Key performance indicators around budget compliance, change success rates, and SOX compliance
Learn how to implement a well thought-out management of change process into your operations to lessen impacts on safety, environment and reliability. Putting into place such a process will not only save you money on maintenance costs but help you to recognize and prioritize the changes which carry the most added value for your business. All of this is done, of course, as part of a simple and efficient process.
Designing management of change procedure to act as barriers to major offshore...Jon Skogdalen
Objective of lecture
1. Give an understanding of the elements included in the title; Designing management of change
procedure to act as barriers to major offshore accidents
2. Shortly describe experiences from major accidents
3. Give an understanding of the different steps in designing a management of change (MOC)
procedure
This presentation discusses change management strategies. It defines change management as applying tools, processes, skills and principles to manage people through change to achieve project goals. The key aspects of change management include understanding who is impacted, supporting change teams and strategies, and analyzing risks and resistance. An effective change management strategy considers timing, culture, short-term wins, and clear communication. Strategies include visioning, engaging employees, amending plans based on feedback, committed communication, and managing the change project until the new approach is established.
This document discusses Skybox Security's firewall change management workflow and integration. It describes capturing change requests, performing technical translations, risk assessments, and verifications to identify policy violations and vulnerabilities. The Skybox solution aims to automate these change management processes, reduce time and workload, and provide risk-based prioritization and validation of firewall configuration changes.
Vulnerability and patch management tools allow organizations to assess and remediate security vulnerabilities across their IT infrastructure. By automating vulnerability scans, patch deployment, and compliance reporting, these tools can help audit 100% of systems on a regular basis, speed remediation times, and reduce business risks and costs associated with security breaches. While native OS tools provide some patching and management capabilities, dedicated vulnerability and patch management solutions offer more comprehensive vulnerability assessments, centralized administration and reporting, and scalability needed for large enterprise environments.
This document discusses patch and vulnerability management. It begins with an agenda that covers why patch management matters, its relationship to risk management and penetration testing, how to implement patch and vulnerability management, establish metrics, plan ahead, and draw conclusions. It then discusses key aspects of patch and vulnerability management including monitoring vulnerabilities, establishing priorities, managing knowledge of vulnerabilities and patches, testing patches, implementing patches, verifying implementation, and improving the process. The goal is to reduce risk by addressing vulnerabilities through a structured patch management program.
O documento descreve uma parceria entre uma empresa de auditoria e um instituto para melhorar a gestão de empresas clientes. Eles usarão uma metodologia chamada "Indicare" para analisar orçamentos, finanças e desempenho de empresas e fornecer recomendações para melhorar a qualidade da gestão e rentabilidade. A solução fornecerá métricas e análises para avaliar o desempenho atual e futuro de clientes.
Guia Rápido | Gestão de Mudança - processos, pessoas e produtosCompanyWeb
O documento discute os principais fatores que causam resistência à mudança, como incerteza, falta de confiança e inflexibilidade. Ele também fornece um guia de 10 etapas para gerenciar com sucesso a mudança organizacional, que inclui identificar fontes de resistência, avaliar o impacto, planejar a estratégia e implementar a mudança.
The document appears to be an excerpt from a play depicting scenes between various characters. It includes snippets of dialogue where a ghost demands to know what someone wants, a character expresses love and frustration with a family member, and Hamlet is warned not to go somewhere because he may go crazy. Another character laments being killed by their own blood and taking their girl. Plans are made to spread rumors about Laertes and find out what's wrong with someone's son.
Change management - Organizational Change and Development - Manu Melwin Joymanumelwin
Change management is a structured approach to shifting individuals, teams and organisations from a current state to a desired future state.
It is an organisational process aimed at helping employees to accept and embrace changes in their current business environment.
The document discusses how Shakespeare uses setting and the ghost in Hamlet to develop the play's themes and Hamlet's character. It examines Hamlet's relationships and his soliloquies, analyzing how they advance the plot and themes. Finally, it considers different interpretations of Hamlet's character such as whether he is frozen by doubt, overly moral, depressed, or a hero.
This document discusses various models and approaches for change management. It describes Lewin's model which highlights the stages of change as unfreezing, changing, and refreezing. Kotter's model focuses on establishing a sense of urgency and a guiding coalition. The ADKAR model identifies the key steps for individual change as awareness, desire, knowledge, ability and reinforcement. Guidelines are provided for facilitating change, including understanding employee psychology, defining strategies and measuring progress. Total quality management (TQM) aims to achieve continuous quality improvement through an integrated organizational effort. Business process reengineering involves fundamentally rethinking and redesigning business processes for dramatic performance improvements.
Southern Traditions Outdoors is a free publication providing articles, photography, and places of interest for the outdoor sportsmen in the mid-south. Publications are printed every two months: Jan/Feb, March/April, May/June, July/Aug, Sept/Oct and Nov/Dec, and include articles on hunting, fishing and the outdoors. You can always find sections dedicated to children, veterans, women, and the physically challenged in our publication encouraging outdoor participation. You can find our publication throughout Tennessee, Missouri, Mississippi, Arkansas and Kentucky at any of our advertisers as well as many marinas, vehicle and ATV dealers, TWRA license agents, resorts and outdoor related retailers.
Southern Traditions Outdoors is a free publication providing articles, photography, and places of interest for the outdoor sportsmen in the mid-south. Publications are printed every two months: Jan/Feb, March/April, May/June, July/Aug, Sept/Oct and Nov/Dec, and include articles on hunting, fishing and the outdoors. You can always find sections dedicated to children, veterans, women, and the physically challenged in our publication encouraging outdoor participation. You can find our publication throughout Tennessee, Missouri, Mississippi, Arkansas and Kentucky at any of our advertisers as well as many marinas, vehicle and ATV dealers, TWRA license agents, resorts and outdoor related retailers.
The document provides guidance on assisting with policy development for client support by outlining the steps for modifying a system according to requested changes. It describes leading practices for change management processes including defining change models, roles and responsibilities, the standard change process flow with activities like planning, testing, approval and documentation, as well as approaches for expedited and emergency changes. It stresses the importance of change management tools and implementing a process improvement program to continuously assess and enhance the change processes.
The document provides suggestions for implementing an effective change management process based on ITIL best practices. It recommends establishing extensible workflows, user roles, impact analysis, and auditing to manage the change lifecycle. Key steps include creating templates to track changes, an approval process, change advisory board meetings, and reports to analyze change data and provide oversight of the change management process. Establishing good communication and protocols for notifying users of changes is also suggested.
This document provides guidance on conducting an equality impact assessment when reviewing proposed changes to an organization's pay policies and terms. It outlines a 6-step process for reviewing the changes:
1. Deciding the scope of assessment and collecting relevant data
2. Identifying groups advantaged/disadvantaged by each proposed change
3. Determining if proportions impacted differ significantly by gender/other attributes
4. Justifying any disparate impacts with objective reasons unrelated to protected attributes
5. Implementing the changes and conducting a post-implementation equal pay audit
6. Reporting results of the assessment and ensuring proposed changes comply with equal pay legislation
The goal is to evaluate how proposed changes may differently and disproportionately impact
The document discusses reviewing change requests as part of a system modification process, defining types of changes like application, hardware, software, network, and documentation changes. It provides details on what constitutes a change, that changes are essential for business reasons and competitive advantage, and examples of different types of changes that should be reviewed.
Engineering Change Management - Overview and Best PracticesShobhit Singhal
Overview of the Engineering Change Management process, issues, goals, industry specific challenges, etc. This presentation also covers some successful SAP ECM implementations to help you gain some insight and knowledge about current industry best practices.
View my website www.sapplmworld.com for more information on SAP PLM.
Software Project Management: Configuration ManagementMinhas Kamal
Software Project Management: ResearchColab- Configuration Management (Document-8)
Presented in 4th year of Bachelor of Science in Software Engineering (BSSE) course at Institute of Information Technology, University of Dhaka (IIT, DU).
The document defines Wedgewood Inc.'s IT change management process, activities, and roles. It establishes a framework for managing infrastructure changes through standardized methods and procedures. The objectives are to improve service/support quality, reduce risks and costs from changes, and achieve compliance. Key aspects include a change advisory board, four-phase change lifecycle of initiate/assess, design/build, test, and deploy/validate/close, and roles such as change manager and project sponsors.
Scenario A gaming company has many computer systems but no form.docxinfantkimber
Scenario:
A gaming company has many computer systems but no formal methodology to make changes to these systems.
Create
a 3- to 4-page change management methodology using Microsoft
®
Word that details the steps that should be taken when a change is recommended for any system. Include the following:
IT governance committee you would put in place to review and prioritize changes based on business needs and objectives and the severity of the change.
A mock-up of the form the stakeholder fills out to request a system change (a stakeholder would be an end-user, manager, or IT staff member).
Define the process used to evaluate system changes, including any effect on budgeting and resources, such as time or people, or the severity of the change.
The decision-making process used to determine whether internal staff or contractors should be used to complete a system change. Include IT sourcing and contracting recommended practices.
The importance of configuration management requirements and their impact on a software system.
The methods you would use for handling conflict and other problems as they arise during a project.
The process you would use to evaluate the success of the system change.
...
The document is an operations and maintenance transition plan template to facilitate migrating an application system from development to production. It provides sections and suggestions for including information on the product scope, relationships to other projects, transition strategies and schedule, resource requirements, acceptance criteria, management controls, and reporting procedures. The template also includes a sample work breakdown structure as an appendix.
Service Transition ensures that transition processes are streamlined, effective and efficient to minimize the risk of delay. Where there is major change there will be complexity and risk. The existing change management process may need to be standardized and enforced, with management commitment essential and clearly visible to stakeholders. Since change and risks cannot be avoided, services stakeholders must consider risk tolerance. By managing changes, you manage much of the potential risk changes can introduce.
The document discusses the stages of change management including being oblivious to change, aware of change, announcing change, authorizing change, scheduling change, and verifying change. It describes the main aims of change management as ensuring standardized methods and procedures are used to efficiently handle changes while minimizing their impact. Benefits include evaluating risk, identifying required changes, maintaining change records, and ensuring changes are implemented with minimal disruption. Key roles in change management are identified.
CompTIA exam study guide presentations by instructor Brian Ferrill, PACE-IT (Progressive, Accelerated Certifications for Employment in Information Technology)
"Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53"
Learn more about the PACE-IT Online program: www.edcc.edu/pace-it
Service Transition (ST) ensures new or changed IT services can be effectively operated by validating service designs against requirements. ST manages changes, risks, quality assurance, and implements service designs so operations can manage services and infrastructure in a controlled manner. Key ST processes include transition planning and support, change management, service asset and configuration management, release and deployment, validation and testing, and knowledge management. Change management aims to minimize incidents from unplanned changes by using standardized change procedures, CAB approval, and post-implementation reviews. ST faces challenges in driving cultural shifts toward centralized change control.
Scenario A gaming company has many computer systems but no fo.docxgemaherd
Scenario:
A gaming company has many computer systems but no formal methodology to make changes to these systems.
Create
a 3- to 4-page change management methodology using Microsoft® Word that details the steps that should be taken when a change is recommended for any system. Include the following:
IT governance committee you would put in place to review and prioritize changes based on business needs and objectives and the severity of the change.
A mock-up of the form the stakeholder fills out to request a system change (a stakeholder would be an end-user, manager, or IT staff member).
Define the process used to evaluate system changes, including any effect on budgeting and resources, such as time or people, or the severity of the change.
The decision-making process used to determine whether internal staff or contractors should be used to complete a system change. Include IT sourcing and contracting recommended practices.
The importance of configuration management requirements and their impact on a software system.
The methods you would use for handling conflict and other problems as they arise during a project.
The process you would use to evaluate the success of the system change.
Follow
APA formatting requirements.
...
This document discusses requirements change management. It begins with an introduction stating that requirements often change before a system is deployed, and that changes should be formally documented and controlled. It then describes the requirements change management process, including recording change proposals, analyzing impacts, deciding on changes, and implementing approved changes. It also discusses the importance of requirements traceability. Finally, it concludes that systematic change management helps ensure useful and successful system development.
Lesson 4 Homework 100 points totalDue Tuesday October 18th, .docxLaticiaGrissomzz
This document outlines homework assignments for an IT auditing class. The first assignment asks students to describe what a data flow diagram is and why it is useful for IT auditing in two paragraphs. The second assignment asks students to explain computer-assisted audit techniques (CAATs) and their benefits in one paragraph. The third assignment asks students to describe two techniques CAATs use to define sample size and select samples in two paragraphs. The fourth assignment asks students to explain the importance of flowcharting as an audit analysis tool in one paragraph. The document also outlines a case study assignment on change control management processes due on a later date.
This document discusses Info-Tech Research Group and change management. It provides an overview of Info-Tech as a global leader in IT research and advice. It then discusses the importance of balancing risk and efficiency in change management processes. Having too onerous of a process can lead to changes being implemented without proper review, while not having any process can increase risk. The document emphasizes having a right-sized change management process that incorporates adequate review and approval without being overly burdensome. It also stresses the importance of staff buy-in, tools to track changes, and management support for effective change management.
Software configuration management (SCM) involves identifying and controlling changes to software components, and maintaining the integrity and traceability of changes throughout the software development life cycle. Key aspects of SCM include change control processes, version control, configuration auditing, and reporting. SCM helps manage the inevitable changes to software by establishing procedures for approving changes, checking components in and out for modification, testing and auditing changes, and communicating changes to relevant stakeholders.
Similar to Sample process guide_-_change_management (20)
Ready to Unlock the Power of Blockchain!Toptal Tech
Imagine a world where data flows freely, yet remains secure. A world where trust is built into the fabric of every transaction. This is the promise of blockchain, a revolutionary technology poised to reshape our digital landscape.
Toptal Tech is at the forefront of this innovation, connecting you with the brightest minds in blockchain development. Together, we can unlock the potential of this transformative technology, building a future of transparency, security, and endless possibilities.
Discover the benefits of outsourcing SEO to Indiadavidjhones387
"Discover the benefits of outsourcing SEO to India! From cost-effective services and expert professionals to round-the-clock work advantages, learn how your business can achieve digital success with Indian SEO solutions.
Gen Z and the marketplaces - let's translate their needsLaura Szabó
The product workshop focused on exploring the requirements of Generation Z in relation to marketplace dynamics. We delved into their specific needs, examined the specifics in their shopping preferences, and analyzed their preferred methods for accessing information and making purchases within a marketplace. Through the study of real-life cases , we tried to gain valuable insights into enhancing the marketplace experience for Generation Z.
The workshop was held on the DMA Conference in Vienna June 2024.
HijackLoader Evolution: Interactive Process HollowingDonato Onofri
CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.
In their analysis of a recent HijackLoader sample, CrowdStrike researchers discovered new techniques designed to increase the defense evasion capabilities of the loader. The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to a pipe. This new approach, called "Interactive Process Hollowing", has the potential to make defense evasion stealthier.
2. IT Change Management Procedure
XXXXX Page 2
Preface
The purpose of this document is to outline the procedures that govern the Change
Management process in XXXXX (XX) Information Technology. This document
describes how to use the procedures and provides a definition of the management
controls required and some rationale for instituting those controls.
3. IT Change Management Procedure
XXXXX Page 3
Table of Contents
Preface ........................................................................................................................... 2
Table of Contents.......................................................................................................... 3
Objectives/Purpose....................................................................................................... 5
Scope Inclusion........................................................................................................................6
Scope Exclusion.......................................................................................................................6
Change Management Standards.................................................................................. 7
Status of Changes......................................................................................................... 8
Types of Changes ......................................................................................................... 9
Change Levels............................................................................................................. 11
Change Level Summary Table...............................................................................................17
Risk/Complexity Scoring ........................................................................................................18
Risk/Complexity Scoring Grid.................................................................................................19
Summary of the XX Change Management Procedures............................................ 20
Change Request Flows............................................................................................... 22
High Level Process Flow........................................................................................................22
1. Enter Change Request Flow .............................................................................................23
2. Assign Change Implementer Flow ....................................................................................26
3. Monitor Change Calendar Flow.........................................................................................28
4. Perform Assessments Flow...............................................................................................30
5. Approve Change Flow.......................................................................................................33
6. Commit Change Schedule Flow........................................................................................35
7. Deploy Change Flow.........................................................................................................37
8. Assure Change Quality Flow.............................................................................................39
9. Close Change Flow...........................................................................................................41
Change Request Form................................................................................................ 43
Scheduled Change Windows ..................................................................................... 47
Lead Times for Changes............................................................................................. 48
Unsuccessful Changes............................................................................................... 49
Roles and Responsibilities......................................................................................... 51
Change Review Board ...........................................................................................................51
Change Coordinator...............................................................................................................52
4. IT Change Management Procedure
XXXXX Page 4
Change Requester .................................................................................................................53
Change Implementer..............................................................................................................54
Change Management Process Owner ...................................................................................55
Service Center Administrator .................................................................................................56
Change Controller ..................................................................................................................57
Change Scheduler .................................................................................................................58
XX Change Review Board........................................................................................... 59
Change Review Definition......................................................................................................59
Change Approver Table .........................................................................................................60
Meetings.................................................................................................................................61
XX Change Review Board Meeting Agenda ..........................................................................62
Measurements ............................................................................................................. 64
Glossary.......................................................................................................................65
5. IT Change Management Procedure
XXXXX Page 5
Objectives/Purpose
Change Management is the process of planning, coordinating, implementing and
monitoring changes affecting any production platform within Information Technology’s
control. The objectives of the Change Management process are to:
Ensure that changes are made with minimum disruption to the services IT has
committed to its users.
Support the efficient and prompt handling of all changes.
Provide accurate and timely information about all changes.
Ensure all changes are consistent with business and technical plans and
strategies.
Ensure that a consistent approach is used.
Provide additional functionality and performance enhancements to systems
while maintaining an acceptable level of user services.
Reduce the ratio of changes that need to be backed out of the system due to
inadequate preparation.
Ensure that the required level of technical and management accountability is
maintained for every change.
Monitor the number, reason, type, and associated risk of the changes.
The Change Management procedure for the XX Information Technology Division
defines how the change process is implemented in all of the IT platform environments.
The objectives of the operating procedures, in addition to those detailed above are to:
Provide documentation that allows XX IT management to understand, at any
point in time, the configuration of the IT environment.
Minimize the bureaucratic impact on the development community while
maintaining control of the environment.
Activities of the Change Management Process at XXXXX include:
Receiving change requests from the Request for Service process
Determining whether or not the change is in the best interests of XX
Assigning the change to resources within IT for solution identification, sizing
and risk analysis
Accepting or rejecting the requested change
Assigning the change to solution development resources
Reviewing the solution prior to implementation
Scheduling the change
Communicating change status as required to all interested parties
Closing the change
6. IT Change Management Procedure
XXXXX Page 6
Scope Inclusion
The management of any installation or alteration to hardware, network, system or
application software, procedure or environmental facilities which adds to, deletes from
or modifies the service delivery environment.
Scope Exclusion
Activities required to develop, test and deploy the change.
7. IT Change Management Procedure
XXXXX Page 7
Change Management Standards
• All substantive changes to the IT Environment must adhere to the XX change
Management process. A substantive change has the potential to affect the ability
of users and systems to interact with each other.
• All changes must conform to the published guidelines that dictate the “look and
feel” of the XX web environment.
• All web page content changes must have the approval of the web page owner
prior to change implementation.
• All changes to the production systems within IT will have a corresponding set of
documentation that describes the change, the business reason for the change
and the disposition of the change. This includes emergency and exception
changes.
• The risk and/or impact ratings of the requested change will determine which of
the four phases of the change workflow (Analysis, Design, Testing and
Implementation) will be required to promote the change into production. For
“minor” changes only Analysis and Implementation will be required.
• Anyone with a valid XX Notes access will be able to enter a change into the
Change Request process. Only authorized approvers will be able to accept a
change request into the Change Management process.
8. IT Change Management Procedure
XXXXX Page 8
Status of Changes
The following status codes are used to reflect the status of a change request:
• Open – The change has been received and accepted but has not been assigned
• In-Progress – The change has been received, acknowledged and assigned.
Work is in progress to fulfill the change request.
• Approved – The business and technical assessments have been completed and
the change has been approved and committed to the change scheduler.
• Rejected – The change has been rejected and will be routed back to the
Request for Service process and sent back to the customer with an explanation
and a recommended course of action.
• Closed – The change request has been closed.
• Canceled – The change request has been canceled.
9. IT Change Management Procedure
XXXXX Page 9
Types of Changes
The Change Management Procedure applies to all types of changes related to the XX
IT environment. The following is a description of each of the types of changes that can
take place and the rules that apply to each.
Application Changes - Changes to any application code that is running on or linked
to by any hardware or software in the XX IT environment. These changes are
typically made to enhance the function or performance of or to fix a known error in
the IT application environment. These changes cannot be implemented without
approval of the owner of the application and cannot be requested by any
programmer other than the one assigned to the program. Assignment of Risk
Category Level of the change is to be a joint effort of both the owner and the Change
Implementer.
Hardware Changes - All XX IT and IT support equipment installations,
discontinuances and relocations are controlled by the Change Management
Procedure. This activity can be requested by anyone but must have the approval of
the Operations Manager.
Visual Image Changes – Changes to the “artistic” presentation of web pages are
not required to make entries into the Change Management system. Changes to
“Active” areas of the web page are required to use the XX Change Management
procedure.
Software Changes - The criteria for entering a software change into the Change
process are based upon the effect that the changes may have on the IT support
resources. If the changes affect the system, users or the support staff there is a
requirement to enter it into the Change process. If the change is made for the
exclusive benefit of the requester and if failure could not affect anyone else, that
change would be exempt from the Change Process. For example, a change made
by a programmer affecting a procedure or a program under development on a test
application requires no entry. However, when stand-alone test time is required on a
production system, a change request form is required.
o Typically, software changes would include changes to the Operating
System, Vendor supplied Program Products, e.g., Visual Studio, Java, etc.
or common application support modules. However, during the last two
and first five workdays of each month changes are restricted to
emergency and critical necessities as determined by the Director of
Information Technology.
Network Changes - All installations, discontinuances and all relocations of
equipment used for IT teleprocessing communications are entered into the change
process. This includes all routers, switches and telephone lines as well as Personal
Computers if they are connected to the network.
Environmental Changes - Environmental changes normally involve the facilities
associated with the IT Installation. These facility changes include items such as air
conditioning, chilled water, raised flooring, security, motor generators, electricity,
plumbing and the telephony system for voice and data. For example, when there is
10. IT Change Management Procedure
XXXXX Page 10
a planned weekend power outage initiated by the local power company this
information is submitted to the Change Management Process a minimum of two
weeks prior to the scheduled outage and communicated to management, staff and
the user community.
Documentation Changes - All procedural changes to the standard operating
procedures will be implemented through the Change process. Also, all permanent
deviations from the published schedule time for running of production applications
will be communicated through the Change Management system.
11. IT Change Management Procedure
XXXXX Page 11
Change Levels
The following guidelines for definition of Change risk levels are provided for consideration
during the planning cycle. It must be clearly understood that these requirements are the
minimum for each of the defined levels. The Requester may wish to plan additional lead times,
documentation or reviews to insure that targets can be met and planned implementation
schedules can be achieved.
All changes are tracked, correlated and used for management reporting, statistiXX,
trending, etc., to identify when and where additional resources should be provided. For
any change that fails, the Change Requester must enter an explanation in the
comments section of the Change Record for that change and notify the Change
Coordinator. The Change Coordinator will then close the change with the appropriate
close status. If the change is to be attempted at a later time, the Change Requester
should reenter the change with the new date. Changes that cause a Platform outage
will be reviewed at a Quality Measurement Meeting.
Level E Changes
Emergency changes are those changes that are vital in order to ensure that IT’s
committed service levels are maintained. An Emergency change should not be used in
order to bypass the appropriate lead-time for a change that has been entered into the
system.
Exception changes are those changes that are a result of a business need and must
be installed prior to the required lead-time.
These types of changes proceed to the implementation phase when the requester's
manager and the Director of Information Technology acknowledge that an Emergency
or an Exception situation exists and authorize the modification planned. These changes
will be post-reviewed to assure successful implementation, along with identification of
any external impacts or new requirements. Post-review will also evaluate the reason for
the Level E change request and try to determine a way of eliminating this requirement in
the future. The post-review will also evaluate if, in fact, the change addressed a real or
a perceived emergency condition. In all cases, the review must determine if additional
action is required, what that action should be and who will be responsible for the action.
Documentation requirements for Emergency changes are the same as any change.
The Requester is responsible for meeting all requirements for the change
documentation within one week of the implementation.
How do you know that the change falls under Level E?
12. IT Change Management Procedure
XXXXX Page 12
For non-application changes:
Is the change needed to restore immediate service to the end user?
Is the change necessary to fix an existing problem immediately?
Is this a change that must be installed immediately but the need for it was not
recognized early enough to be approved through the regular process?
For application changes:
Must this change be done immediately to fix problems for jobs that ABENDed during
the previous night or are required to run in order to bring up on-line systems?
What types of management approval is required for Level E changes?
Approval required by:
• Director of Information Technology or her designee
• Change Management Process Owner or his designee
• Manager of the user department requesting the change
Depending on the scope and impact of the proposed change, approval by one or more
of the following individuals may be required.
• Operations Manager
• Application Development Manager
• Network & Technical Services Manager.
Level 4 Changes
A Level 4 Change would have a major impact on IT services if a problem occurs during
install. The install time is lengthy and the backout is very difficult or impossible.
Level 4 Change Requests are to be entered into the Change Management Data Base at
least thirty (30) business days prior to the planned implementation date.
The Requester or representative for a Level 1 change is required to attend the Change
Communication meeting immediately prior to implementation so that any questions or
concerns may be addressed.
Whenever a Level 4 change must be expedited to address a critical timing situation, a
special meeting must be held. To expedite a Level 4 change, all parties that may be
affected by this change must be present or represented at the special meeting. It is the
responsibility of the change requester to arrange the meeting and assure attendance by
the required groups or individuals. If the required groups or individuals cannot be
assembled, the change cannot be expedited and an escalation will be required.
How do you know that the change falls under Level 4?
13. IT Change Management Procedure
XXXXX Page 13
For non-application changes:
From the end user's eyes, is it possible for the change to have a major impact on
services if problems occur?
Is the change visible to all end users?
Is this a high-risk change?
Is this the first time this change has been done?
Is the change difficult or impossible to backout?
Is it extremely difficult to install the change?
Does the change involve a lengthy install time?
For application changes:
Would failure of the job being changed stop the flow of all jobs for critical files or an
application system?
What types of management approval is required for Level 4 changes?
Approval required by:
• Change Review Board
• Manager of user department requesting change
Depending on the scope and impact of the proposed change, approval by one or more
of the following individuals may be required.
• Operations Manager
• Application Development Manager
• Network & Technical Services Manager.
Level 3 Changes
A Level 3 Change may impact a large number of end users. It is a high-risk change that
requires a significant effort to backout.
Level 3 Change Requests must be entered into the Change Management database
fifteen (15) business days prior to implementation.
All Level 3 changes will be communicated via the Change Management reporting
system.
The requester or representative for a Level 3 change is required to attend the Change
Communication Meeting immediately prior to implementation so that any questions or
concerns may be addressed.
14. IT Change Management Procedure
XXXXX Page 14
How do you know that the change falls under Level 3?
For non-application changes:
Will the change be visible to a large number of end users?
Is this a high-risk change?
Has the change been done only infrequently?
Will a significant effort be required to backout the change?
Is it difficult to install the change?
For application changes:
Would failure of the job being changed stop the flow of jobs for non-critical
files or applications?
What types of management approval is required for Level 3 changes?
Approval required by:
• Manager of user department requesting change
• Network & Technical Services Manager
• Change Review Board
Level 2 Changes
A Level 2 Change is not transparent, but is minimal in risk and impact. It is the
responsibility of the Requester to notify any areas of a potential impact. The change is
a Level 2 if it requires an IPL of a system, subsystem or the restart of a critical
component on a production system. Level 2 Change Requests must be entered into the
Change Management database prior to the Scheduled Change Window being
requested.
The Requester or representative for a Level 2 change is required to attend the Change
Communication meeting immediately prior to planned implementation so that any
questions or concerns may be addressed.
All Level 2 changes will be communicated via the Change Management reporting
system and will be tracked and reported by the Change/Problem Coordinator.
Examples of Level 2 changes:
• Single fixes - APAR, PTF, etc.
• Low usage program product upgrades, installations
• PARMLIB updates which require an IPL to implement
• Regular maintenance updates to system or application libraries
• Hardware Preventative Maintenance
• Data management to critical volumes
15. IT Change Management Procedure
XXXXX Page 15
How do you know that the change falls under Level 2?
For non-application changes:
Will the change have only minor impact on services provided to the end users if
problems occur?
Will the change be visible only to a small group of end users?
Is this a moderate risk change?
Is the change relatively simple to install?
Has the change been implemented successfully a number of times before?
Does it require only a moderate effort to backout the change quickly?
Will it require only an IPL, recycle of major application or reloading of an NCP
to implement or backout?
For application changes:
Is this the first time the job has been installed?
Must this job be fixed to run tonight?
What types of management approval is required for Level 2 changes?
Approval required by:
• Manager of user department requesting change
• Change Review Board
Level 1 Changes
A Level 1 Change has little or no external visibility, no external dependencies or no
operator intervention. There is no associated risk or impact with the change, either to
the system if the change is incompatible or to the Requester if the change
implementation is delayed. The change does not require an IPL or recycle of an
application to implement or backout.
Level 1 changes are entered into the Change data base and will be communicated daily
to any affected areas where impact or interest can be identified outside of the
Requester's own area.
How do you know that the change falls under Level 1?
For non-application changes:
Will the change have only minimal or no impact on services provided to the end
users if a problem occurs?
Is the change familiar or common to those who will implement it?
Is the change reliable and low risk?
16. IT Change Management Procedure
XXXXX Page 16
Is the change easy to backout if a problem occurs?
Can it be backed out without an IPL, recycle of a major application, or
reloading of an NCP?
For application changes:
Would failure of the job stop just this job?
Is this a low priority job (target within three days)?
What types of management approval is required for Level 1 changes?
Approval required by:
• Manager of user department requesting change
• Change Review Board
17. IT Change Management Procedure
XXXXX Page 17
Change Level Summary Table
The following table is a guide for establishing the initial change level.
Considerations Level 1
(Minimal Risk)
Level 2
(Low Risk)
Level 3
(Medium Risk)
Level 4
(High Risk)
Organizational
Visibility of Change
or Financial
Exposure
Routine IT activity
or minimal financial
exposure
Visible to Directors
or Principals or low
financial exposure
Visible to the Board
level or medium
financial exposure
Visible to the Board
level, high financial
exposure or
negative external
publicity
Impact to other
Systems or
Applications
None 1 other system or
application related
to change
2 - 3 other systems
or applications
related to change
4 or more systems
or applications
related to change
Back Out
Effort
Minimal Back out In place
and easily executed
Back out possible,
though not easily
executed
Back out difficult,
impossible or
undesirable
Business Process
Change
Minimal Little change
required
Moderate change
required by IT
and/or customers
Considerable and
complex change
required by IT
and/or customers
Scope of Change
Single component,
such as hardware,
software or network
on one platform
Two such
components on one
platform
Hardware &
software & network
on one platform
Hardware &
software & network
across platforms
Degree of Visibility
to IT Customers
Minimal Low Medium High
Change
Experience
Existing
technology,
considerable
experience
Existing
technology, some
experience
New technology,
limited experience
New technology, no
experience
Expected Time to
Complete
1 month or less 1 quarter or less 6 months or less Greater than 6
months or
mandated due date
18. IT Change Management Procedure
XXXXX Page 18
Risk/Complexity Scoring
The following matrix is designed to assist the Change Sponsor, Change Implementer,
Change Requester and the Change Review Board in determining the appropriate
assignment of the change category. This is only a guideline, as changes may be
categorized at a different level based on management judgment of the risk/complexity
involved.
Factor: Points
Organizational Visibility of Change or Financial Exposure:
Visible to Executive Vice President level, high financial exposure or
negative external publicity
1
Visible to Senior Vice President level or medium financial exposure
2
Visible to First Vice President level or low financial exposure 3
Routine IT Activity or minimal financial exposure
4
Impact to other Systems or Applications:
4 or more systems or applications related to change
1
2 - 3 other systems or applications related to change
2
1 other system or application related to change
3
None
4
Back Out Effort:
Back out difficult, impossible or undesirable
1
Back out possible, through not easily executed
2
Back put in place and easily executed
3
Minimal
4
Business Process Change:
Considerable and complex change required by IT and/or the customers
1
Moderate change required by IT and/or the customers
2
Little change required
3
Minimal
4
Scope of Change:
Hardware & software & network across platforms
1
Hardware & software & network on one platform
2
Two components on one platform
3
19. IT Change Management Procedure
XXXXX Page 19
Factor: Points
Single component
4
Degree of Visibility to IT Customers:
Minimal
1
Low
2
Medium
3
High
4
Change Experience:
New technology, no experience
1
New technology, limited experience
2
Existing technology, some experience
3
Existing technology, considerable experience
4
Expected Time to Complete:
Greater than six months or mandated due date
1
6 months or less
2
1 quarter or less
3
1 month or less
4
Risk/Complexity Scoring Grid
If the Total Score Equals: Then Risk/Complexity Level Assigned is:
8 - 14
4(Maximum)
15 - 20
3
21 - 26
2
27 - 32
1(Minimum)
20. IT Change Management Procedure
XXXXX Page 20
Summary of the XX Change Management Procedures
The following are the procedures to be used when implementing changes in the XX IT
environment. A more detailed explanation of these procedures is contained in the
following pages:
A change request form will be filled in for all changes to be implemented.
This is done to ensure that all changes are sufficiently communicated to all
potentially impacted parties as well as for future reference. All changes must
have management approval commensurate with their risk assessment levels
(see Change Request Form section).
There is a group called the Change Review Board (CRB) that meets
periodically to review requests for change to the IT environment, change
assessments and implementation of changes (see XX Change Review Board
section).
All requested changes will be entered into the Change Management System
prior to implementation. This includes Emergency and Exception Changes.
The requester will assign the appropriate risk assessment category (1, 2, 3, 4,
or E), taking into account the impact to the user community in the event of
failure of the change upon implementation (see Change Level section).
Once the request is submitted, a Technical Assessment will be scheduled.
This is a review of the request by appropriate parties to determine the
technical impact of the change to the environment. This review will
encompass:
Technical Impact/Risk Analysis
Technical Adequacy of plans
Dependencies and/or conflicts
Ensuring compliance with existing Strategies, Plans and Change
Management Standards
The resulting analysis of this assessment is a key input into the change
approval process.
A Business Assessment is then done to determine the business impact of
installing or not installing the change. The resulting analysis also becomes a
key input into the change approval process.
Once the Technical and Business Assessments are successfully completed,
change approval can be given. This is done at any one of the three Change
Team meetings which take place weekly (see Meetings section). At this time,
the change team assigns a date and time for change implementation. As part
of the approval process, it is assumed that, as one of the criteria for approval
of the change request, the requester's manager has ensured that the proper
testing procedures have been followed and that there was a successful test
completed (see Management Approval section).
The change implementation is complete when the requester validates that the
acceptance criteria, defined prior to the change install, have been
successfully met.
21. IT Change Management Procedure
XXXXX Page 21
Tracking of the change by the change team stops after the change has been
installed and is verified as successful.
22. IT Change Management Procedure
XXXXX Page 22
Change Request Flows
High Level Process Flow
1. Enter
Change
Request
5. Approve
Change
6. Commit
Change
Schedule
7. Deploy
Change
8. Change
Quality
Assurance
2. Assign
Change
Implementer
2. Assign
Change
Implementer
3. Monitor
Change
Calendar
4. Perform
Assessments
9. Close
Change
9. Close
Change
23. IT Change Management Procedure
XXXXX Page 23
1. Enter Change Request Flow
Description
The Enter Change Request flow begins when a change request is submitted. In this
activity, all required information about the change and supporting documentation is
entered into the Change Management system. The change request should be
submitted in accordance with the time frame required by the initial impact assessment.
Scope Inclusion
• All changes, including software, hardware, control mechanisms, configurations,
environments, facilities, databases, business applications, processes, and
procedures.
Scope Exclusion
• Development activities that produce the actual change content.
• The coordination of sets of changes (i.e., project coordination).
• Testing of the change package.
Goal(s)
• To introduce changes into the environment with minimal disruption to information
technology and its users.
• To communicate such that all affected users are aware of changes.
• To log all changes into the change management system.
• To ensure all pertinent change information is collected.
• To ensure all changes meet lead time criteria.
Start Trigger
• Change Request
Stop Trigger
• Fully documented and approved change request.
24. IT Change Management Procedure
XXXXX Page 24
Workflow Diagram for Enter Change Request
Workflow Details for Enter Change Request
• Document and Submit Change Request
Collect system change request and begin preliminary review of the change.
• Valid Request?
Notify Requester Change
Request received –
email [Open CR]
Notify Requester Change
Request rejected –
phone call or e-mail
Assign request
to IT analyst
Conduct Technical
Assessment
Valid
Request?
Valid
Request?
Close Change
Yes
Yes
No
No
22
Complete Change Record
to Request Level
Establish Initial Impact
Document and Submit
Change Request
25. IT Change Management Procedure
XXXXX Page 25
Determine whether or not to submit change request into change management
system based on whether the request form has a managers signature, it is within
IT responsibility, and filled in correctly.
• Notify Requester Change Request rejected – phone call or e-mail
If change request is rejected, provide a form of notification.
• Notify Requester Change Request received – email [Open CR]
If change request is approved for the change management system, a change
record is opened and a change number is assigned. A notification is auto-sent to
the change requester by Peregrine.
• Assign request to IT analyst
Assign the change request to an initial analyst to review the change record.
• Establish Initial Impact
Determine impact of the change to the customer community. This will include
times when service is not available, testing time, new procedures, new support
requirements, and any other impact that may occur as a result of the change.
• Conduct Technical Assessment
Determine the feasibility of the change from a technical perspective. This
assessment will include the amount of resources, level of knowledge, and skills
necessary for the change.
• Complete Change Record to Request Level
Based on initial impact and technical assessment, determine the type and
category level of change, and complete all descriptive fields. Additionally, the
completeness of the change success criteria is validated.
• Valid Request?
Based on the initial assessments, determine whether to perform this change.
This decision is based on the change conforming to the strategy, resources being
available, and whether or not it is already being worked on.
• Close Change
Mark change record as closed when it doesn’t pass validation requirements.
26. IT Change Management Procedure
XXXXX Page 26
2. Assign Change Implementer Flow
Description
The Assign Change Implementer flow begins once a change request has been
documented and selected for the change management process. During this workflow, a
change record is assigned to an appropriate owner, the change record is updated with
this assignee information, and the change is sent to the assignee.
Scope Inclusion
• All changes reviewed by the Change Review Board.
Scope Exclusion
• Changes not accepted by the Change Management process or Changes not
reviewed by the Change Review Board.
Goal(s)
• To ensure that change requests are assigned to appropriate implementers.
• To ensure that the change management workload is allocated by area of
expertise.
• To balance workload within an area of expertise.
Start Trigger
• Initial change record.
Stop Trigger
• Initial change record is assigned to an owner.
27. IT Change Management Procedure
XXXXX Page 27
Workflow Diagram for Assign Change Implementer
Workflow Details for Assign Change Implementer
• Update Change Record w/ Assignee
Assign the change an owner based on the classification of the change.
• Send Change to Assignee
Place the assignee information into the change record and send an e-mail
notification to the assignee.
11
Update Change
Record w/
Assignee
Send Change to
Assignee
33
28. IT Change Management Procedure
XXXXX Page 28
3. Monitor Change Calendar Flow
Description
The Monitor Change Calendar flow determines the scheduling for changes to be
deployed. During this workflow, changes are penciled into a calendar, and the schedule
is monitored for changes that are completed or have run out of time in their scheduled
change deployment window. If time has expired for a change then it can be escalated
and rescheduled based on escalation standards.
Scope Inclusion
• Changes that are formally put into the change calendar.
Scope Exclusion
• Changes that are not formally put into the change calendar.
Goal(s)
• Monitor the change calendar for changes that have not been completed and
have run out of time for the purpose of change escalation.
• Allow for changes to be rescheduled.
• Allow for changes to be removed from the change calendar upon completion.
Start Trigger
• A change request has been assigned an owner and has been sent to that
assignee.
Stop Trigger
• A change is complete and removed from the calendar.
29. IT Change Management Procedure
XXXXX Page 29
Workflow Diagram for Monitor Change Calendar
Workflow Details for Monitor Change Calendar
• Change Complete?
Monitor the change calendar for change work that has been completed.
• Time Expired?
Determine whether a change record that is incomplete has run out of time.
• Escalate Change
Reclassify the change to a higher change category level if time has expired.
• Reschedule Change
Update the calendar with a schedule for the change after it has been escalated
or if the change package is incomplete.
2
Change
Complete?
Escalate Change
Time
Expired?
Yes
Yes
No
No
Reschedule
Change
4
22
Change
Complete?
Escalate Change
Time
Expired?
Yes
Yes
No
No
Reschedule
Change
44
30. IT Change Management Procedure
XXXXX Page 30
4. Perform Assessments Flow
Description
The Perform Assessments flow involves conducting both a business and technical
review of the change package. The assessments determine if the change package is
complete and can therefore continue through the change management process.
Specifically, the perform business assessment flow involves validating the impact of the
proposed change on XX from a business perspective, evaluating the completeness of
the success criteria and communication plan and reviewing the backup / backout /
recovery plans. The assessment looks at the proposed timing of the change and
ensures that the customer’s management has given the agreement necessary for the
change to be approved and scheduled. Standards, business requirements, and SLAs
are reviewed and a recommendation is made to approve, reject, or reschedule the
change.
The perform technical assessment flow reviews the completeness of the change plan,
test plan, backup / backout / recovery plans, platform impact assessment, estimated
install time, etc. from a technical perspective. The change success criteria are validated
and the impact of the change to the environment is reviewed to ensure it has been
accurately evaluated. Technical standards are enforced and a decision is made to
approve, reject, or reschedule the change.
Scope Inclusion
• All documented changes with a change category that requires a formal business
or technical assessment.
Scope Exclusion
• Changes with change categories that specifically do not require formal business
or technical assessments.
Goal(s)
• To ensure that all factors have been taken into consideration in terms of the
business aspects of the change.
• To ensure that all factors have been taken into consideration in terms of the
technical aspects of the change.
• To ensure that everything required to deploy the change and to maintain service
is included in the change request.
Start Trigger
• Fully documented change record.
31. IT Change Management Procedure
XXXXX Page 31
Stop Trigger
• Assessed (business or technical) change
Workflow Diagram for Perform Assessments
Workflow Details for Perform Assessments
• Business Review of Change Package
Review the change package for the following points:
o Ensure that the business requirements will be met.
o Verify existence and completeness of backup / backout recovery plans.
o Verify existence of test plans, including the testers names and expected
results.
o Ensure that the change conforms to business standards and policies.
o Determine whether the change conforms to service level agreements.
o Review communication plan for change.
• Technical Review of Change Package
Review the change package for the following points:
o Determine the impact on the technical environment.
o Ensure that the change conforms to technical standards.
o Verify the completeness of the change plan.
• Package Complete?
Business Review
of Change
Package
Package
Complete?
55
Return to Assignee
Yes
No
33
Technical Review
of Change
Package
32. IT Change Management Procedure
XXXXX Page 32
Make a decision on whether the package is complete based on the results of the
business and technical reviews.
• Return to Assignee
If the package is determined not complete than the change is returned to the
assignee and can be rescheduled.
33. IT Change Management Procedure
XXXXX Page 33
5. Approve Change Flow
Description
The Approve Change flow is initiated as soon as both the business and technical
assessments have been completed. If the change is approved, it is passed on to the
next sub-process to finalize scheduling. If the change is rejected or determined to be
rescheduled, it may be sent back to the business or technical assessment sub-
processes once the necessary actions are taken. All parties that have been involved to
this point in the process should be notified of the approval, rejection or rescheduling.
Scope Inclusion
• All changes that have been forwarded for approval from a business and technical
perspective and whose change categories indicate the requirement for formal
approval.
Scope Exclusion
• Changes with change categories that specifically so not require formal approval.
Goal(s)
• To ensure that appropriate approval is obtained for change requests.
• To ensure that the change record is properly updated.
• To minimize service interruption.
Start Trigger
• Completed change record with business and technical review including
recommendation.
Stop Trigger
• Approval for change deployment.
34. IT Change Management Procedure
XXXXX Page 34
Workflow Diagram for Approve Change
Workflow Details for Approve Change
• Final Change Review
Final review of change prior to acceptance and scheduling.
• Accept Change?
Based on the result of the final change review, determine whether to go ahead
with or close the change.
• Close Change
If it is decided not to continue with change, then change record is closed by
change coordinator.
• Notify Requester Change Request rejected – phone call or e-mail
44
Final Change
Review
Accept
Change?
Yes
No Notify Requester Change
Request rejected –
phone call or e-mail
Close Change
66
35. IT Change Management Procedure
XXXXX Page 35
6. Commit Change Schedule Flow
Description
During this sub-process, a consolidated change schedule is compiled for all approved
changes for a particular period of time. Any conflicts between changes are resolved at
this point and a final schedule is produced. This sub-process is also responsible for
performing the activities needed to communicate the change schedule and gain
agreement from the Change Implementers and Requesters regarding implementation
dates. All affected parties are given final notification.
Scope Inclusion
• Includes scheduling around resource constraints and backout times.
• The combination of all approved changes to ensure there are no conflicts during
a given period of time.
• Negotiation of schedule changes due to conflicts.
Scope Exclusion
• Emergency changes.
• Changes not requiring scheduling (i.e., those changes which have no impact on
business / users – adding printers, adding users)
• Assignment of personnel or resources
Goal(s)
• To ensure all changes are properly scheduled for a particular period of time.
• To ensure those responsible for service delivery are informed about the final
change.
Start Trigger
• Approved change record with completed technical and business reviews.
• Current consolidated change schedule.
Stop Trigger
• Scheduled change.
36. IT Change Management Procedure
XXXXX Page 36
Workflow Diagram for Commit Change Schedule
Workflow Details for Commit Change Schedule
• Schedule Change
Commit the change to the change schedule.
Schedule Change
55
77
37. IT Change Management Procedure
XXXXX Page 37
7. Deploy Change Flow
Description
The deploy change flow is where the change is actually implemented. Upon the
completion of the implementation, a user acceptance test is conducted to determine
whether or not the change was successfully installed. If the change implementation is
not successful, then it is determined if it can be fixed. If it can be, then it is re-
implemented and acceptance tested.
Scope Inclusion
• Change requests that require a formal implementation and user acceptance
testing process.
Scope Exclusion
• Change requests that do not require formal implementation and user acceptance
testing processes.
Goal(s)
• To determine whether the deployed change was successful or not.
• Allow for the unsuccessful change installations to be fixed and re-tested.
Start Trigger
• A change request has been scheduled for deployment.
Stop Trigger
• A change request has been successfully deployed.
38. IT Change Management Procedure
XXXXX Page 38
Workflow Diagram for Deploy Change
Workflow Details for Deploy Change
• Implement Change
Deploy the change and execute the test plan.
• Conduct User Acceptance Test
Perform a user acceptance test to determine whether or not the change was
deployed successfully.
• Successful Change?
• Can be fixed during install?
Determine whether or not a change can be fixed during install or if it needs to be
rejected and removed.
• Fix change
Modify the change record to record any change fixing activity. Perform the fixes
and then re-deploy and re-test.
• Reject change and remove from install
Send out notifications to requester that the change has been rejected.
Determine whether or not the change will be rescheduled or restarted.
88
Implement Change
Conduct User
Acceptance Test
Successful
Change?
Reject change and
remove from install
Can be fixed
during install?
Fix change
Yes
Yes
No
No
66
39. IT Change Management Procedure
XXXXX Page 39
8. Assure Change Quality Flow
Description
The Assure Change Quality flow is a post-change workflow that reviews the change
request process. During this workflow, the change management process can be
updated and lessons learned are collected. This information is used to make
continuous improvements on the change management process.
Scope Inclusion
• Changes that formally go through the change management process.
Scope Exclusion
• Changes that do not formally go through the change management process.
Goal(s)
• Ensure that the change management process is continuously improved.
• Allow a mechanism to collect lessons learned for future change management
updates.
Start Trigger
• A change is deployed or cancelled.
Stop Trigger
• A post-change review has been conducted and process improvements and
lessons learned have been extracted.
40. IT Change Management Procedure
XXXXX Page 40
Workflow Diagram for Assure Change Quality
Workflow Details for Assure Change Quality
• Conduct Post-Change Review
Conduct a review of the change management process to determine what went
wrong, what went right, and what changes to make to the process.
• Process Changes?
• Updated Change Process
If changes to the process are identified, then recommend these changes be
made to improve the process.
• Lessons Learned?
• Document Lessons Learned
Document any lessons learned that were uncovered during the post-change
review. Use the lessons learned to recommend changes to procedures.
77
Conduct Post-
Change Review
Process
Changes?
Yes
No
Update Change
Process
Lessons
Learned?
Yes
No
Document Lessons
Learned
99
41. IT Change Management Procedure
XXXXX Page 41
9. Close Change Flow
Description
The Close Change flow is used to close changes that have been deployed or cancelled
following a post-change review. After a change is closed, the problem management
system is notified of change activity and requesters are notified of change closure.
Scope Inclusion
• All deployed changes
• All cancelled changes
Scope Exclusion
• None
Goal(s)
• To close change records with all required information.
Start Trigger
• Change record where deployment has been indicated as complete.
• Cancelled change record.
Stop Trigger
• Closed change request.
42. IT Change Management Procedure
XXXXX Page 42
Workflow Diagram for Close Change
Workflow Details for Close Change
• Update Change Records
Update the change records with emergency change documentation,
implementation activity, and problem activity.
• Close Changes
Change coordinator changes the status of the change record to closed.
• Notify Problem Management system of Change activity
The problem management system is notified of changes so that the help desk
can notify appropriate backout / recovery personnel if needed.
• Notify Requestors of Change Closure
Send an automated e-mail to the change requester to inform them of change
closure.
Update Change
Records
Close Changes
Notify Requesters of
Change Closure
Notify Problem
Management
system of Change
activity
88
43. IT Change Management Procedure
XXXXX Page 43
Change Request Form
The following page contains the Request for Change form. The following is a description of what should
be entered into each section of that form:
• DATE REQUESTED - The date the request was submitted to the Change Review Board
(MM/DD/YY)
• DATE PLANNED - The date the requester would like to implement the change (MM/DD/YY)
• PEREGRINE NUMBER - The unique Change Request number assigned by the Change
Management System. This number should be used in all communications pertaining to this
change.
• REASON FOR CHANGE - The business and/or technical justification for the change.
• DESCRIPTION OF CHANGE - A detailed description of what the requester wishes to change and
what is to be accomplished as a result of the change.
• REQUEST CATEGORY – The scope of the change, i.e., to which environment it applies
• PROJECT CATEGORY – The size or complexity of the project.
• CHANGE TYPE – Whether the change applies to the Administrative environment or the
Instructional environment
• RISK ASSESSMENT CATEGORY - The category of risk that the requester has determined the
change should be assigned.
• USER ACCEPTANCE CRITERIA DEFINED AND AGREED TO? – This YES or NO question is to
insure that the individual responsible for accepting the change on behalf of the users has defined
the means for IT to judge the quality of the installation.
• CHANGE REQUESTED BY - The name of the person requesting the change.
• LOCATION – Location of the requester or location of the change (system)?
• CHANGE AUTHORIZED BY - (For applications or systems changes where there is an owner (e.g.,
Chauncery or SIS) - The signature of the Owner of the system or application.
• CHANGE APPROVED BY - The signature of the approver(s) of the change. This may be singular
or multiple based on the risk category of the change.
• DISPOSITION – The status of the change after review by the approver. Can be approved,
conditionally approved or rejected.
• INDIVIDUAL RESPONSIBLE FOR IMPLEMENTATION - The name of the person responsible for
actually implementing the change. This is, quite often, different than the requester.
• INDIVIDUALS RESPONSIBLE FOR TEST - The name(s) of the person responsible for the unit and
systems test as well as the name of the user responsible for user acceptance test.
• TEST SCHEDULE - The end dates the unit, system and user acceptance testing will be completed
(MM/DD/YY).
• COMMUNICATION PLAN - The plan to notify all potentially affected users of the change.
• USER MANUALS AND OPERATING INSTRUCTIONS UPDATED - The manuals and instructions
which have to be updated as a result of the change and the target completion date for those
updates.
• FALLBACK PROCEDURE - The actions to be taken by the operations staff in case of unsuccessful
implementation of the change.
44. IT Change Management Procedure
XXXXX Page 44
• DATE IMPLEMENTED - The date that the change was implemented or tried to be implemented
(MM/DD/YY).
• TIME IMPLEMENTED - The start time of the implementation (HH:MM).
• CHANGE IMPLEMENTED BY - The person who performed the implementation.
• CHANGE ACCEPTED BY – The person accepting the change on behalf of the change requester.
• DATE CHANGE RECORD CLOSED – The date that the Change Request was closed in the
Change Management system and the person closing the change request.
The {blue text} on the form indicates that the item appears on the XX-0028 form but not on the XXX form.
It should be added to the XX Change Record.
The (red text) on the form indicates items that are not on the XX-0028 from but are on the XXX form. The
items should be on the XX Change Record.
The black text on the form indicates that the item appears on both forms and the [bracketed text] is the
name of the item on the XX-0028 form.
45. IT Change Management Procedure
XXXXX Page 45
CHANGE REQUEST FORM
DATE REQUESTED ___[Date]__________ DATE PLANNED_[Target Completion Date]_____________
PEREGRINE CHANGE NUMBER ___________ [Control
No.]___________________________________
REASON FOR CHANGE _________________[Justification for Request]__________________________
___________________________________________________________________________________
_
DESCRIPTIONS OF CHANGE __________[Nature of Request]_________________________________
___________________________________________________________________________________
_
{REQUEST CATEGORY:___LOCAL ___DISTRICT MISSION ___STATE ___FEDERAL ___OTHER}
{PROJECT CATEGORY: ____MAJOR ____MODERATE ____MINOR ____AD HOC}
{CHANGE TYPE: ADMINISTRATIVE_________ INSTRUCTIONAL________}
(RISK ASSESSMENT CATEGORY
_______________________________________________________)
(USER ACCEPTANCE CRITERIA DEFINED AND AGREED TO? YES____ NO____)
CHANGE REQUESTED BY _______[Submitted by:]__________________________________________
{LOCATION
_________________________________________________________________________}
CHANGE AUTHORIZED BY ______[Approved by:]___________________________________________
(CHANGE APPROVED
BY______________________________________________________________)
{DISPOSITION: ____APPROVED FOR IMMEDIATE WORK
____APPROVED AS PRIORITIZED
____APPROVED FOR FURTHER INVESTIGATION (Cost/Benefit, Impact Analysis)
____REQUEST REJECTED
Explanation:______________________________________________________}
{TARGET BEGIN DATE:______________}
INDIVIDUAL RESPONSIBLE FOR IMPLEMENTATION _____________[Assigned to:]_______________
(INDIVIDUAL RESPONSIBLE FOR UNIT TEST
_____________________________________________)
(INDIVIDUAL RESPONSIBLE FOR SYSTEM TEST _______________________________)
(INDIVIDUAL RESPONSIBLE FOR USER ACCEPTANCE TEST ______________________)
(TEST SCHEDULE - UNIT TEST END DATE __________________________________)
( SYSTEM TEST END DATE ________________________________)
( USER ACCEPTANCE TEST END DATE _______________________)
(COMMUNICATION PLAN ___________________________________________________)
(______________________________________________________________________)
(USER MANUALS AND OPERATING INSTRUCTIONS TO BE UPDATED_________________)
(______________________________________________________________________)
(FALLBACK / BACKOUT PROCEDURE _________________________________________)
(______________________________________________________________________)
46. IT Change Management Procedure
XXXXX Page 46
(DATE IMPLEMENTED - _______________________ TIME IMPLEMENTED - __________)
(CHANGE IMPLEMENTED BY - ___________________ ACCEPTED BY - ______________________)
(IMPLEMENTATION COMMENTS - ______________________________________________)
(DATE CHANGE RECORD CLOSED - ________________ BY ________________________________)
47. IT Change Management Procedure
XXXXX Page 47
Scheduled Change Windows
To maintain 7x24 stability and achieve IT Service Level Commitments, Information
Technology has established predetermined dates and times for implementing changes.
These dates and times are as follows:
Wednesday Night/Thursday Morning Change Window
• Midnight - 08:00
Friday Night through Monday Morning Change Windows
• Midnight Friday - 08:00 Saturday
• Midnight Saturday 08:00 Sunday
• Midnight Sunday - 08:00 Sunday
When requesting a stand-alone window, please notify the Change/Problem Coordinator
at least two weeks prior to the requirement. The Wednesday/Thursday change window
is for quick problem repair and Level 3 and 4 changes. Changes that require detailed
activity or extensive programmer hands-on time or intervention should be scheduled in
the weekend windows.
Emergency changes that fall outside the change windows and can be performed by
Operations should be scheduled on second or third shift.
48. IT Change Management Procedure
XXXXX Page 48
Lead Times for Changes
The following guidelines for entering a change request allow time for changes to be
coordinated more efficiently. These guidelines highlight the number of days from initial
request until installation. The earlier a change is entered into the system, the better
communication it will receive through the Change Process. Coordination with other
affected departments and notification of users remains a responsibility of the requester.
• Level 4 - 1 workday
• Level 3 - 3 workdays
• Level 2 - 15 workdays
• Level 1 - 30 workdays
49. IT Change Management Procedure
XXXXX Page 49
Unsuccessful Changes
The following guidelines will be used to determine if a change has been unsuccessful
(CU) or caused an outage (CO) to service.
Expected results did not occur.
Change caused an impact to the User or Operations.
Change must be backed out.
Incomplete instructions or inaccurate documentation provided to
Operations.
Change could not be installed in requested time period.
Problem opened as a direct result of the change
Level E Change - problem severity 1,2,3,4
Level 1 Change - problem severity 1,2,3
Level 2 Change - problem severity 1,2,3
Level 3 Change - problem severity 1,2
Level 4 Change - problem severity 1,2
Unsuccessful Changes
For any change that is closed CU (Change Unsuccessful), the Change Requester must
enter into the Change Request the reason(s) why the change was unsuccessful. The
requester must also enter another change request into the system before the change
will be attempted or scheduled again. The level of the new change request will be the
same as the original; however, the new change request will have to cycle through the
complete approval process again.
Changes Causing Outages
A change that was attempted or implemented and caused a disruption of committed
service delivered by Information Technology to the user will be closed as causing an
outage (CO). For any change which is closed as CO, the Change Requester must
enter into the Change Request the reason(s) why and how the outage occurred. The
requester must enter another change request into the system before it will be attempted
or scheduled again. The level of the new change request will be the same as the
original; however, the new change request will have to cycle through the approval
process again.
Changes Causing Intervention
The Closed Intervention (CI) status will be used to indicate a change that was installed
successfully but required unplanned intervention from applications programmers,
systems programmers, users, analysts or operations personnel after normal business
hours.
50. IT Change Management Procedure
XXXXX Page 50
Canceled Changes
A change that was entered and later canceled will be closed as Change Canceled
(CC). For any change that is closed CC, the Change Requester must enter into the
Change Request the reason(s) why the change was canceled. The Requester must
enter another change in the system before it is attempted again. The level of the new
change request will be the same as the original. The resubmission requirements for
the new change will be negotiated between the Change Coordinator and the Change
Requester.
Postponed Changes
A change that was scheduled but during the installation process could not be safely
promoted (ran out of time, potential scheduling impact found, etc.) will be coded as a
Postponed Change (PC). The change will be automatically rescheduled for the next
Change Window.
51. IT Change Management Procedure
XXXXX Page 51
Roles and Responsibilities
Change Review Board
The Change Review Board (CRB) is a team of people made up of IT management and
subject matter experts, members of the user community, vendors and outside
consultants. It is chaired by the Change Coordinator.
The mission of the Change Review Board is to plan and monitor all changes introduced
into the IT environment. Responsibilities include ensuring the following things are
present for every change:
The Change Request has been submitted with the required information
There is a business reason for the change
A user has been identified who is totally accountable for the change
A viable Change Plan exists
A viable Recovery Plan exists
A viable User Acceptance Plan exists
A Technical Impact Assessment has been done
A Business Impact Assessment has been done
A Communications Plan has been developed ensuring communication to the
IT and user communities of the intended change and the potential impact to
them in case of failure of the implementation.
Appropriate management approval has been obtained based on the risk
assessment category.
A post installation review of the completed change to ensure proper and
successful implementation.
52. IT Change Management Procedure
XXXXX Page 52
Change Coordinator
The Change Coordinator acts as the user’s primary interface into the change process
and represents their interests and the IT requirement to meet service commitments.
The Change Coordinator’s responsibilities for specific changes include:
Owns, maintains and ensures accuracy and timeliness of the consolidated change
schedule
Ensures that all changes are appropriately planned and communicated
Reviews change requests for procedural compliance, information quality and
completeness
Ensures that accurate priority and impact are assigned to change requests
Coordinates and owns the change approval and rejection process which
incorporates routing to reviewers, receiving reviewer responses and relaying
appropriate information to requesters. This also includes negotiation with both
parties and final ruling
Undertakes post change reviews and owns the sign off mechanism
Schedules and attends all meetings concerning the Change Management process
Ensures that asset and configuration updates are only permanently applied as a
result of successful and signed-off changes
Participates in project meetings with applications development teams and the
business where the subject is change impact analysis, implementation and
scheduling of large changes
Responsible for owning efficient and quality problem resolution, where Change
Management service expertise is required
Responsible for escalation and exception reporting to the Change Management
Process Owner
Complies with Change Management service standards, process and procedures as
required
Provides input to Change Management service improvement
Provides and is responsible for the accuracy of appropriate Change Management
service input to knowledge bases as a result of changes and problem resolution
Responsible for contract management and day to day maintenance management of
third party technology suppliers as a result of Change Management issues with the
service
Initiates and is a technical resource to the IMAC service where Change
Management service expertise is required
Provides a technical resource to Project Requests where Change Management
service expertise requirement forms an element of the project
Captures and reports appropriate Change Management service measurement data
Attends appropriate problem escalation / resolution, project development and
service support reviews, where Change Management service expertise is required
53. IT Change Management Procedure
XXXXX Page 53
Change Requester
The Change Requester initiates and completes the Change Management process and
has overall responsibility for accepting changes. Standards dictate who can act as a
change requester. Change Requester responsibilities for given changes include:
Owns individual changes requested and is ultimately responsible for the success of
the change
Review change request with department manger for approval
Assess the change for risk/impact and ensure the appropriate risk category has
been applied.
Ensure that the change request is complete with accurate information at a sufficient
level of detail to implement the change without intervention.
Ensure Proper lead-time for changes is allowed. (See "Lead Time for Changes"
section in this document).
Conduct User Acceptance testing of change.
Convene the Level 1 Expedite meeting as required.
Communicate intention of change to all potentially affected parties.
Notify the Change Coordinator of any change in date or time of implementation
before the target date is reached.Initiates the Change Control service by completing
and distributing a completed change request
Responsible for obtaining appropriate resource for all change tasks requiring
completion for change success
Co-ordinates task documentation within a change request with other participating
staff as appropriate
Ensures that pre and co-requisites for the change are considered and completed
Ensures completeness of reviewer distribution list as much as possible
Attends change assessment, scheduling and review meetings, as appropriate
Responsible for accurate representation of priority, impact and change window / time
requirements
Ensures all owned rejected changes are placed into a ‘fit state’ for re-submission
Co-ordinates implementation tasks where appropriate and is responsible for any
backout decisions for owned changes in conjunction with Change Control
Updates owned change requests as required and requested
Responsible for undertaking change tasks within the change implementation as
required
Participates in change task co-ordination meetings as part of change implementation
planning
54. IT Change Management Procedure
XXXXX Page 54
Change Implementer
The Change Management Implementer has overall responsibility for understanding the
requested change; documenting its implications on both the business and the IT
environments; creating, with other resources as required, the coding, system, procedure
and/or process modifications required to implement the change; with the Change
Requester, representing the change to the Change Review Board; monitoring and/or
testing the code prior to final promotion into production and requesting change closure
by the Review Board. Specific Change Implementer responsibilities include:
Monitoring the Change Assignment process for assigned Changes
Meeting with the Change Requester to understand the requested change and to
complete the Change Request documentation
As required, assisting the Change Requester in the preparation of a business case
for the change
With the Change Requester, presenting the Change to the Change Review Board
from a technology and IT architecture perspective for approval to proceed
Developing technology and operations impact statements
Developing backup and/or back out plans
Identifying and assembling the team required to create the change
Designing and creating the code, procedures or process modifications required to
effect the change
Designing and developing the tests required to demonstrate the quality and
usefulness of the change
With the Change Requester, presenting the completed change to the Change
Review Board for approval to promote into production
Monitoring the promotion (on site or remotely) of the change into production
Resolving issues associated with promoting the change into production, where
possible
With the Change Requester (as appropriate), participating in the review of the
promotion of the change
Requesting closure of the successful change from the Board
55. IT Change Management Procedure
XXXXX Page 55
Change Management Process Owner
The Change Management Process Owner has overall responsibility for ensuring the
quality of the Change Management process. Specific Change Management Owner
responsibilities include:
Is responsible for and owns the Change Management service
Is responsible for development and implementation of Change Management mission
and strategy, in line with XXXXX and IT strategies
Escalates to senior management exceptions as appropriate
Ultimately responsible for resolving Change Management service dissatisfaction
Ensures compliance with Change Management process standards and procedures
Has a nominated deputy to cover for service owner absence
Sponsors and/or manages internal improvement projects to implement new
technology and process improvement
Communicates Change Management service procedures and working practices and
changes to internal standards, processes, procedures and technology
Coordinates and sets annual service requirements, objectives and targets for the
Change Management service in conjunction with other IT Process Owners
Finalizes annual service requirements, objectives and targets with the Service
Request, Call Center and Problem Management Process Owners
Attends appropriate senior management level service support and development
reviews
Involved in development of and subsequent agreement on service level targets and
target improvements related to the Change Management service
Develops requirements for Change Management standards, procedures,
measurements, tools and technology in conjunction with other IT Process Owners
Approves and sponsors Change Management improvement ideas
56. IT Change Management Procedure
XXXXX Page 56
Service Center Administrator
The Service Center Administrator has overall responsibility for monitoring and
configuring the Change and Problem Management processes. Specific Change
Management responsibilities include:
Developing requirements for Change Management standards, procedures,
measurements, tools and technology in conjunction with other IT Process Owners
Managing the tools and procedures that support Change Management
Identifying process, procedure and tool improvements that may benefit XXXXX to
the Change Review Board
Making changes to the processes, procedures and tools that support the Change
Management process as directed by the Change Review Board
Escalating to XX senior management issues as appropriate
Ensuring compliance with Change Management process standards and procedures
Communicating changes to Change Management internal standards, processes,
procedures and technology
Attending appropriate senior management level service support and development
reviews
57. IT Change Management Procedure
XXXXX Page 57
Change Controller
The Change Controller is responsible for scheduling and overseeing all changes
introduced into the IT production environments and service delivery infrastructure to
ensure that the risk of impacting the availability of services is minimized. Specific
responsibilities include:
Monitoring Change Categories and Service Risks
Ensuring that all Information Technology customer and Company interests are
protected
Building and maintaining the Consolidated Change Schedule:
Integrating new changes into the existing change schedule
Identifying conflicts in the schedule, and negotiating adjustments with the relevant
parties
Notifying affected parties that changes are scheduled and ready for implementation
Monitoring the implementation of changes
Handling schedule slips and escalating the appropriate parties to recover the
schedule
Identifying and resolving change assignment issues
Managing change approval
Facilitating the Change Review Board meetings
Managing exceptions of rejected records
Resolving day-to-day change coordination actions
Accepting and managing external change input
Monitoring regular change control measurements
Creating, coordinating, consolidating, and monitoring the change schedule.
58. IT Change Management Procedure
XXXXX Page 58
Change Scheduler
The Change Scheduler is a delegate of the Change Controller, responsible for the
creation, coordination, consolidation, and monitoring of change schedules.
Performs duties delegated by the Change Controller
Represents the Change Controller on initial issues relating to the Change Schedule
Responsible for the creation, coordination, consolidation, and monitoring of change
schedules.
59. IT Change Management Procedure
XXXXX Page 59
XX Change Review Board
Change Review Definition
The Change Review Board (CRB) is a team of people made up of IT team members
supplemented, as required, by members of the user community, vendors and outside
consultants. It is chaired by the Change Coordinator.
In addition to these members, other members will be included depending on the change
being analyzed. For instance, if the team is analyzing a change to the Network, a
Network Specialist or his or her designee will be present to help that analysis.
The mission of the Change Review Board is to plan and monitor all changes introduced
into the IT environment. Responsibilities include ensuring the following things are
present for every change:
The Change Request has been submitted with the required information
There is a business reason for the change
A user has been identified who is totally accountable for the change
A viable Change Plan exists
A viable Recovery Plan exists
A viable User Acceptance Plan exists
A Technical Impact Assessment has been done
A Business Impact Assessment has been done
A Communications Plan has been developed ensuring communication to the
IT and user communities of the intended change and the potential impact to
them in case of failure of the implementation.
Appropriate management approval has been obtained based on the risk
assessment category.
A post installation review of the completed change to ensure proper and
successful implementation.
60. IT Change Management Procedure
XXXXX Page 60
Change Approver Table
Change Category Category Definition Approver(s)
Cable / Facilities – Major
Wiring for servers, desktops,
telephony, networks
Cable / Facilities – Minor
Firmware Upgrade – Major
Engineering changes to a device
chip
Firmware Upgrade – Minor
Mainframe Application
Software – Major
Mainframe Application
Software – Minor
Mainframe Operating System
Upgrade – Major
Changes to CIXX, OS/390…
Network System Software –
Major
Netview, VTAM
Network System Software –
Minor
Network Hardware – Major
Changes to 8265’s, 8271’s,
3Com switches
Network Hardware – Minor
Network Security – Major Firewalls, authentication
Network Security – Minor
Server Application Software
Rollout – Major
Server Application Software –
Major
Server Application Software –
Minor
Server Hardware – Major
Netfinity, disk drives,
communication adapters,
memory, CPU, CD drive
Server Hardware – Minor
Server Hardware Rollout –
Major
Server System Software –
Major
Windows 2000, Windows NT,
Windows XP, AIX, Linux, etc.
Server System Software –
Minor
Telephony PBX – Major PBX changes
Telephony PBX – Minor
Telephony VoIP – Major Voice over IP changes
Telephony VoIP – Minor
Desktop – Major
XXX, MaXX, Dell, desktop
software and hardware
Desktop – Minor
61. IT Change Management Procedure
XXXXX Page 61
Meetings
The major scheduled meetings of the Change Management Process are the Change
Review Board meeting. These meetings are held every Monday, Wednesday and
Friday with specific agendas for each day's meeting as follows:
Monday
The Monday morning meeting of the Change Review Board is called to analyze the
change activity from the previous weekend. The analysis is based on successful or
unsuccessful change activity. When unsuccessful changes occur, the Change Review
Board develops a plan at this meeting to address the issue. All requesters with
category 1 or 2 changes scheduled for the preceding weekend or any requester whose
change caused problems during the install process are represented at this meeting in
addition to the Change Review Board. It takes place at 9:00 A.M. every Monday
morning in the IT Conference Room.
Wednesday
The Wednesday meeting of the Change Review Board is called to plan future changes.
All requests for change are presented at this time for consideration. Permanent
members of the Change Team may present category 3 and 4 changes. The requester
or his/her manager must present category 1 and 2 change requests. All members of
the Change Review Board and any Category 1 or 2 change requesters attend this
meeting. It is held every Wednesday at 9:00 A.M. in the Information Technology
Conference Room. Any change to be implemented in the IT environment must be
reviewed at a Wednesday or Friday meeting.
Friday
The Friday meeting of the Change Review Board is called to plan the following
weekend's change schedule and analyze the change installation activity from
Wednesday. The analysis is based on successful or unsuccessful change activity.
When unsuccessful changes occur, the Change Review Board develops a plan at this
meeting to address the issue. All requesters whose changes caused problems during
the Wednesday installation must be present at the meeting.
Anyone expecting to have a change implemented over the weekend must be present at
this scheduling meeting to ensure that all prerequisites have been accomplished prior to
implementing the change. Category 3 or 4 change requests may be represented by
permanent members of the Change Review Board on behalf of the requester; however,
if total representation cannot be achieved by these substitutes, then the change will not
be scheduled for that weekend. Requesters of Level 1 and 2 changes must be present
for their changes to be considered for weekend implementation. This meeting is held
every Friday morning at 9:00 A.M. in the Information Technology Conference Room.
62. IT Change Management Procedure
XXXXX Page 62
XX Change Review Board Meeting Agenda
1. Review of most recent promotion into production activity
The planned promotion activity is compared to the actual activity and deviations are
noted and discussed. When issues or concerns are identified that have not already
been documented this activity will document them. Process quality issues are raised
here.
2. Review of outstanding issues (including E-Change issues)
Issues that have been raised by the above review, the most recent promotion into
production, and previous Review Board meetings are reviewed for relevance, progress
toward resolution and escalation.
3. Assignment of issues or resolution of issues
Issues are assigned to individual board members for resolution. Issues that can be
resolved by the Board without further assignment are resolved and documented. Issues
that have been resolved are approved for closure.
4. Review of E-Change activity since last promotion
All E-Change activity since the last scheduled promotion into production window are
reviewed to determine if the Emergency or Expedite status was warranted, if the
packages prepared in support of the changes are complete and if the quality associated
with the E-Changes is in line with the quality of Board scheduled changes.
5. Identification and assignment of issues related to recent E-Change activity
Issues with either the work done in support of individual changes or the E-Change
process itself are raised, documented and assigned for resolution.
6. Review changes proposed for inclusion in the next Change Window
The changes proposed by the Change Management system are reviewed for
completeness, sponsorship, business impact and technical feasibility. Together,
Implementers and Change Requesters present their proposed changes to the Board for
approval to proceed.
7. Review the proposed Change Schedule for potential impacts to service
Examine, with the help of technical staff, the proposed implementation schedule for the
proposed changes.
63. IT Change Management Procedure
XXXXX Page 63
8. Approve, reject or reschedule changes
Where business or technical impacts are likely to occur, evaluate the business case for
proceeding and, if the risks are acceptable, approve the promotion. Authorize
communication to all affected parties to apprise them of the potential impact. If the risk
is not acceptable, remove the change from the promotion package. Where no business
or technical impact is anticipated approve the Change for promotion.
9. Review the Change Calendar to assess its integrity
Receive requests to formally enter changes into the Change Management system.
Examine the requests for completeness, business justification and technical feasibility.
Review the Change Calendar for potential impacts with either the customer environment
or planned change activity. Schedule a preliminary promotion date on the calendar.
10. Review the Change productivity and quality measurements
Review the metriXX for the most recent promotion activity including, number of changes
promoted, number of successful changes promoted, number of changed promoted with
modification, number of changes backed out of the promotion schedule and number of
incident records associated with changes promoted.
11. Identify and assign for resolution issues associated with the Change Process
Evaluate the trends and, as required, modify the metriXX, the measurements, the
procedures or the Change Process.
12. Review communications planned as a result of the meeting (rejections,
approvals, concerns and issues)
Review with the Change Coordinator, the communications that will proceed from the
meeting to ensure that all issues are communicated, all parties are included and what is
being communicated is the intent of the Board.
64. IT Change Management Procedure
XXXXX Page 64
Measurements
A number of standard reports on all changes activity are available from the Change
Control Coordinator. These reports are available to anyone who has a need for the
information. If interested in seeing what is available, please contact the Change
Coordinator.
In addition to the standard reports available, all change activity is reported on a monthly
basis in the standard Information Technology Monthly Measurement Meeting. These
measurements include, at minimum, the following:
Changes logged versus not logged
Changes with incomplete information
Types of changes by category
Number of approved, rejected or rescheduled changes by type
Number of changes by risk / impact
Number of unsuccessful changes by failure type
Number of changes with inadequate information
Number of successful changes by category
Hours of outage caused by changes
Number of rescheduled changes
Other measurements periodically appear in the Monthly Measurements based on
management requests.
65. IT Change Management Procedure
XXXXX Page 65
Glossary
This section contains definitions of terms relevant to the Change Management process.
Term Definition
Activation Status
Information about the result of change activation activities (that is,
status and level of success / completeness of the activation).
Approval Lead
Times
See Lead Times.
Approved Change
Request
A change request that has been accepted, assessed and approved,
and scheduled for execution.
Authorized Change
Initiator
An individual authorized to the Peregrine Service Center to enter
changes into the system.
Back out Execution
Status
Information about the result of back out procedures.
Back out Plan
For failed changes, a plan that restores service to previously existing
levels.
Back out Problem
Notification
Defect information created and sent to the Problem Management
process as a result of executing back out procedures.
Back out Request
A request to execute appropriate back out procedures, as defined in
the change back out plan. This request is issued when the completion
criteria of an implementation step has not been met.
Business Policy
Business considerations and rules that may influence the way
processes are managed and executed.
Change
A Change consists of any installation or alteration of hardware, system
or application software, procedures, or environmental facilities, which
adds to, deletes from or modifies the Information Technology
environment or its attached network.
Reasons for making changes could be:
Addition of a new function
Performance improvement
Growth
Technology change
Problem resolution or prevention
Change Calendar
The change calendar is a list of accepted changes and their proposed
implementation dates.
Change Level
Change levels define the importance of the change being handled
within the process. Different levels receive different treatment. There
are five levels which represent the implementation complexity and
risk:
1 Major
2 Medium
3 Minor
4 Business as Usual
5 Emergency or Exception (E-Change)
Changed
Environment
The Information Technology managed resources and environment
modified as the result of the change implementation.
Change Status
Information about the change implementation activities, including
problem resolution status.
Change Flow
A change flow shows the activities and the order that those activities
must be completed within the change management process.
66. IT Change Management Procedure
XXXXX Page 66
Term Definition
Change Standards
Principles, rules, specifications and prescribed steps to plan, control
and execute changes.
Change Record
The formal document within the change management system that
displays change details and the status of the change.
Change Reports
Formatted information about the result of change planning and
implementation activities, communicated to users and customers of
the process. This includes information about the progress of change
requests (for example, approval status), change plans (for example,
Consolidated Change Schedule), change results (for example,
problem resolution), process health, etc.
Change Request
A request identifying the IT resource(s) to be changed and a
description of the change. Change requests may be submitted by any
authorized change initiator.
Change Request To
Be Rescheduled
A change request which was not approved because the proposed
schedule cannot be accepted.
Business
Assessment
A validation of the impact of the proposed change on XX from a
business perspective, an evaluation of the completeness of the
success criteria and communication plan and a review of the backup /
backout / recovery plans.
Technical
Assessment
A review of the completeness of the change plan, test plan, backup /
backout / recovery plans, platform impact assessment, estimated
install time, etc. from a technical perspective.
Change Type
There are three change types:
Emergency: Changes that are vital to meeting a business need
and cannot conform to the normal change process, particularly the
assessment and approval phases.
Exception: Changes that are vital to meeting a business need but
cannot conform to the normal change process, particularly lead
times.
Normal: Changes that follow the change process to the letter.
Change Window
Scheduled time periods established for implementing changes so as
to minimize the impact to services and their users. Change windows
may vary, depending on the account, on the services, and on the
technical environment. The change windows are documented and
made available to all individuals involved in the change process.
Consolidated
Change Schedule
A report of all changes to be implemented during a given period of
time (for example, a week or month), specifying the date and time
when each change is scheduled be implemented. The Consolidated
Change Schedule also contains information about change
dependencies and interactions.
Emergency Change
A change that is vital to meeting a business need and cannot conform
to the normal change process, particularly the assessment and
approval phases. Emergency changes must be approved or endorsed
by either the Director of Information Technology or the Change
Management Process Owner prior to implementation.
Endorsement
The endorsement of a change may be necessary where exceptional
circumstances dictate that the normal change process cannot be
followed. Endorsement includes the authorization to proceed for
changes that are not fully approved, and the authorization to stop a
scheduled change from proceeding, pending rescheduling. Who is
authorized to endorse must be documented and must be reachable at
all times.
Escalation
Referring unresolved issues that arise during process activities to
appropriate and increasing levels of authority to obtain resolution.
67. IT Change Management Procedure
XXXXX Page 67
Term Definition
Exception Change
Changes that are vital to meeting a business need but cannot conform
to the normal change process, usually lead times.
IT Change Standard
Information Technology standards that may influence the way
changes are introduced and managed in the Information Technology
environment.
Initial Change
Request
A change request which has been accepted by the Change
Coordinator. Acceptance includes checking that all required data
elements, as defined by the Information Technology change policy for
administration, have been completed. Acceptance also commits this
request to the change process and all associated activities.
Initial Impact
The Change Requesters documentation of the potential impact of the
change on XX.
Lead Times
The time intervals required to allow proper analysis and approval of
changes prior to their scheduled implementation. There are two lead
times, which must be defined for each Change Category to meet
Information Technology Requirements.:
Analysis Times are based on the category of the change and
reflect the time interval from when the change request is submitted to
when it is available for review. This lead time is to ensure that there
is sufficient time between raising and accepting a change request to
allow the organization to properly analyze its implications.
Approval Lead Times shows the time before the scheduled
activation date that changes should be approved. This period is to
allow the proper management and control of the change activation to
be set up.
Normal Change A change that follows the change process to the letter.
Operating
Environment
The environment in which an organization performs day-to-day
operating activities.
Original
Environment
The Information Technology managed resources and environment
before the change is implemented.
Outage A disruption of service in a system.
Problem
A problem is any deviation from an expected norm. That is, a problem
is any event resulting in a loss or potential loss of the availability or
performance to a service delivery resource and / or its supporting
environment. This includes errors related to systems, networks,
workstations and their connectivity; hardware, software, and
applications. The recognition of problems can come from any point in
the environment and can be identified using a variety of automated
and non-automated methods.
Problem Notification
Defect information about a failing IT resource or service sent to the
Problem Management process for resolution.
Process Compliance
Issue
A non-approved deviation from a formally documented Information
Technology process. Process compliance issues are documented in
detail and submitted to the Change Review Board for resolution.
Process
Improvement
A required improvement to one or more related processes associated
with delivery of contracted services or support of the Information
Technology infrastructure environment. Required process
improvements are documented in detail and submitted to the Change
Review Board for further handling.
Process Trend
Any process tendency, positive or negative, discovered as a result of
analyzing completed requests and reviewing process measurements
and reports.
Production Platform
A system or component of a system that is responsible for the actual
running of a business function.
68. IT Change Management Procedure
XXXXX Page 68
Term Definition
Quality Assurance
The process of determining whether a process, product, or service
met its requirements within the given constraints in the most efficient
manner possible.
Rejected Change
Request
Notification that the request does not comply with change process
criteria and, therefore, was rejected.
Request (To
Another Process)
A request for action issued by the Change Management process to
another process (for example, to the Problem Management process to
log and handle Change related problems).
Requester
Information
Information identifying the requester of the change (for example,
requester’s name, area / department, phone, e-mail address, etc.).
Restored
Environment
The Information Technology managed resources and environment
that are returned to their original condition as the result of the
execution of change back out procedures.
Scheduled Change
Request
A change request proposed for execution at a certain date and time.
The date and time need to be assessed and approved before
execution can actually start. If the proposed date and time are
rejected during the approval step, then the request must be
rescheduled.
Service Delivery
Environment
The hardware, software, network, procedures required for IT to deliver
services to end-users.
Service Level
Commitments
Thresholds and service windows that may influence the way
Information Technology processes are managed and executed.
Target Lead Times See Lead Times.
Technical
Assessment
Standards
Principles, rules, and specifications that must be taken into account
when considering the technical impact of a change.
Technical
Information
Technical documentation about products involved in the change, as
provided by the product supplier / manufacturer. This includes
information about the resources to be changed and information about
the tools used to implement the change.
Trend Analysis
Analysis of process behavior to discover both positive and negative
patterns.
Trigger An event that initiates another event.