Home » ITIL » Changing Like The Wind

Changing Like The Wind

ChangeCharles Darwin said, “It’s not the strongest nor most intelligent of the species that survive; it is the one most adaptable to CHANGE.”  Darwin may not have been talking about IT, but the quotation does have resonance.

According to ITIL®, a change is defined as the addition, modification or removal of anything that could have an effect on an IT service(s). It would appear that managing change is critical if risk to the business is to be managed effectively.

Preparing for Change

In the IT world, change is constantly occurring because well-run businesses are regularly looking to expand services and respond to competition. The real issue arises from the question, “how do we manage change?”  This becomes particularly relevant in smaller businesses, those businesses that are comfortable accepting higher levels of risk, and, worst of all, those businesses that fit both categories.

Back in the day, when Microsoft was only just beginning to understand the inherent security risks in all of its products, yours truly worked for a big retailer (top 5 in the world).  This business prided itself on how fleet of foot it was.  How quickly it did things was the key to its success. It thought any solution to a problem was acceptable if it solved 60% of the problems and left the other 40% unresolved.

As a new joiner, a few weeks into the job, I found myself dealing with a virus infection across all of the organizations with Microsoft servers. Multiple sites and hundreds of servers fell foul with a juicy little virus, and guess what? Nobody knew for certain what servers were where, what versions of the operating system were installed, or even what function each server delivered.  Change Management had just not been controlled effectively. The detailed Change Management portion of the new server installs and new infrastructure projects were part of the 40% of the project that rarely got delivered. It was your biggest nightmare realized.  We were reaping the rewards of an installation process that ignored the true costs of not doing the final 40% of the work.

I survived (with a few scars), the business survived (and prospered), but what can be learned from this situation?  It was no surprise that the IT function felt they had to deliver a new Change Management regime that locked everything down as tightly as they could.  A new world of procedures for this, processes for that, and checklists for others was driven by the pain of THAT weekend. Within 2 years, a fleet of foot IT function had become mired in its own procedures and was incapable of making the swift responses that the business needed.  The challenge seen here is that in both cases, the before virus AND after virus, the response to managing change was completely at odds with the requirements of the business.

So, the key to great Change Management is to make sure the process aligns as closely as possible with the organization’s view of risk.  Here are some recommendations that can be implemented that will see significant benefits to the organization.

  1. Classifying changes in advance will detail what changes can be simply applied (if any), what changes need to be reviewed and what changes need to undergo the detailed scrutiny of a Change Advisory Board.  It may be that even more categories of change are identified.  This will benefit the business by clearly identifying those changes that can be deployed with minimal testing and planning.  This is critical in ensuring that your Change Management model works alongside the Risk Management model of the business.
  2. The most risky changes should undergo a detailed assessment of the impact of the change, usually done by the Change Advisory Board.  These changes will consequently be tested more rigorously, possibly finding and resolving more problems, and as a result there will be fewer issues arising once the change is finally rolled out.
  3. Plans will be detailed for rolling back the most complex change to the pre-change position to make certain that if a change fails, service can be restored as quickly as possible.
  4. All changes will become traceable, meaning that in even the most complex IT environment, a problem can always be linked to any causal changes.

However Change Management is implemented (and it will always be alongside other ITIL processes such as Configuration Management and Knowledge Management), the MOST important consideration must always be how to align the process with business needs.

Tags: , , , ,

About this author:

Jon Francum

Jon is the Director of Training at Ashford Global IT.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.