Change Management
Release Date: November 21, 2001
Prepared by: Thomas Bronack
Section Table
of Contents
10.1. Introduction to Change Management
10.1.3. Document
Section Format
10.1.4. Change
Management Process Definition
10.1.7. Scope
of Change Management
10.1.9. Benefits
Derived from Change Management
10.1.10. SMC
Discipline Interfaces
10.2. Roles and Responsibilities
10.2.2. Receiver
of Service (Process Customers)
10.2.4. Change
Coordinator Responsibilities
10.2.5. Individual
Department Change Management Representative
10.2.6. Change
Approver Responsibilities
10.2.7. Change
Implementer (Requester or Assignee)
10.2.8. Change
Meeting Review Board
10.2.10. Change
Management Meeting
10.3. Process Overview and Flow
10.3.1. Change
Management Process Description
10.3.2. Change
Management Process Phases
10.3.4. Perform
Technical Assessment
10.3.5. Perform
Business Assessment
10.3.10. Measurements
and Ongoing Process Improvements
10.5.1. Measurements
and Reports
10.5.3. Process
Violation Escalation
10.6. Appendix ‘A’ - Operational Readiness Review (ORR)
Checklist
10.6.5. Hardware/Program
Product Checklist
10.6.6. EDP
Security Administration
Section Table
of Figures
Figure 1: SMC Discipline Interfaces
Figure 2:
Service Suppliers and
Receivers
Figure 3:
Change Management Roles
and Responsibilities
Figure 4:
Change Management meeting agenda
and schedule.
Figure 5: Overview of
Change Management process
Figure 6:
Change Management Phases
- Flow Chart (part 1 of 2).
Figure 7:
Change Management Process - Flow Chart (Part 2 of 2)
Figure 8: Create
Change Request process.
Figure 9:
Creating a Change
Request - Inputs and Outputs
Figure 10:
Performing Technical Assessment of a Change Request
Figure 11:
Perform Technical Assessment - Inputs and Outputs
Figure 12:
Performing a Business Assessment of a Change Request
Figure 13:
Perform Business Assessment - Inputs and
Outputs
Figure 14:
Testing Change Requests
Figure 15:
Test Change - Inputs and
Outputs
Figure 16:
Schedule Change - Flow Chart
Figure 17:
Schedule Change -
Inputs and Outputs
Figure 18:
Approve Change -
Flow Chart
Figure 19:
Approve Change -
Inputs and Outputs
Figure 20:
Install Change - Flow Chart
Figure 21:
Change Install -
Inputs and Outputs
Figure 22:
Measurements - Flow
Chart
Figure 23:
Change Measurements -
Inputs and Outputs
Figure 24:
Change Complexity Factor
Table (1 of 3)
Figure 25:
Change Complexity Factor
Table (2 of 3)
Figure 26:
Change Complexity Factor
Table (3 of 3)
This document section is intended to be the main source of information for the Change Management Process. It outlines:
· What the Change Management process is;
· Requirements associated with the Change Management process; and,
· All necessary information pertinent to Change Management.
This document section describes the process used to perform the Change Management function. It is not intended to provide the detailed data entry requirements needed for each area to perform their day-to-day tasks. It is assumed that these areas will maintain individual desk procedures outlining, in detail, those requirements. It is the responsibility of the Department Manager to ensure that individual desk procedures are maintained and available for general use and that the desk procedures comply with the process described here.
This document section
addresses the following topics of information:
· It provides an overview of the Change Management process which includes its; definition, scope, and objective(s).
· It describes the Change Management Process and the responsibilities that are associated with it.
· It describes the meetings which directly relate to the process.
· It provides a more detailed process description than that given in the overview. This description includes the process decomposition diagram, data flow diagrams, inputs, outputs, entry points, exit points, etc.
· It describes the various relationships that this process has with other processes.
· It lists all productivity aids that are used, along with a brief explanation of how they are used.
· It describes the education process.
· It describes the key measures of process effectiveness.
· It provides a description of the management reporting process.
· It contains a copy of the blank compliance checklist that should be completed annually by the Change Coordinator.
The definition of Change Management is the process of planning, coordinating, and monitoring changes affecting the managed computing resources.
The Change Management process, described within this document, details the procedures for changes to the following resources, which are inclusive, but not limited to:
Hardware: Host Mainframe Computers, Channels, Control Units, Devices, etc.;
System Software: Operating Systems, Sub-Systems, Access Methods, Data Bases, Utility and Vendor Products, etc.;
The Data Communications Network: Software, Communications Controllers, Terminals, etc.;
Application Software: On-Line and Batch applications, etc.:
The Environment: Electrical, Heating, Ventilation, Air Conditioning; and
Procedures: Documentation used to support systems, applications and processes.
A change is defined
as any installation or alteration to:
Hardware;
Software;
Procedures;
Environmental Facilities; or,
Application Software.
Change activity is
defined as any action that:
Adds to;
Deletes from; or,
Modifies the computing environment or its attached network.
Reasons for
making changes could be:
· New Function;
· New Hardware;
· Performance Tuning;
· Growth;
· Technology;
· Fix Problems; or to
· Prevent Problems.
The Change Management
process begins with the creation of a change request. A change is defined as any alteration to:
Hardware;
Software;
Network;
Application;
Operational Procedure, or
Environmental Component.
The change must
either add to, delete from, or otherwise modify:
The Mainframe Host Computer Environment; or,
The Data Network.
A successful change is defined as a change that becomes operational on the first installation attempt within the allotted time and does not need to be backed-out, circumvented, or modified; and, does not alter of effect any operation or user component of the system other than intended.
An unsuccessful change is defined as a change that does not become operational on the first installation attempt within the allotted time. It requires back-out, or modification.
The process includes Change Management for both the hardware and software components of the following systems:
Host - This includes the primary data processing system used to support batch, on-line and data base operations.
Communications Data Network - Including host attached and controller attached devices utilizing modems that communicate between company locations/clients and the host computer. The Data Network does not include Voice Communications (i.e., Phones), but does include PC’s that communicate to the mainframe via Transmission Control Units that are channel attached to the host computer.
The objectives of
Change Management are to:
Implement changes in adherence with company policy;
Provide a system that reduces, or eliminates, disruptions due to change activities;
Implement changes on schedule;
· Coordinate change activities;
Eliminate, or reduce, the number of change back-outs caused by ineffective change planning or implementation;
Implement changes without exceeding estimated system utilization;
Eliminate, or reduce, the number of problems caused by changes; and,
Eliminate, or reduce, system outages caused by changes.
The Change Management process is designed to ensure that installation or modification of computing resources is implemented in an orderly and controlled fashion to minimize change failures and maximize productivity.
Management can assess the impact of changes through Change Management reports and regularly scheduled Change Management meetings.
The Change Management System is designed to ensure that changes made to the production data processing environment are successfully:
Planned;
Tested;
Scheduled; and,
Implemented.
The results of implementing a controlled Change Management process are to optimize system availability and minimize outages related to unsuccessful change activities. A Change Management System improves data processing quality by:
Certifying adherence to dictated standards;
Ensuring that Component and Release Management guidelines are followed;
Validating the presence of required documentation; and
Providing a mechanism to remove failed changes.
The Change Management process covers all operating environments and is used to: define, justify, assess, schedule, implement, and validate change activity targeted for the data processing environment. The Change Management process produces reports that are distributed to management and technical personnel. These reports describe all changes planned for the data processing environment.
The Change Management reports are also utilized to support the Change Management meeting agenda; where change activities are discussed and change schedules established.
The Change Management. process interfaces with other SMC processes and key business areas. The diagram below shows how Change Management interfaces with the other Systems Management and Control (SMC) disciplines within the organization.