In this tutorial, we will discuss ITIL Change Management Process. Here in this chapter, you will learn what is a Change? Types of Changes in ITIL (i.e. Change Models)? Detail about Standard, Normal, Emergency Change, and Definition, Objective, Scope, Activities, Roles, and Sub-Processes of Change Management - ITIL V3 Process.
What is ITIL Change Management Process?
As defined in ITIL V3, Change Management process describes all of the approaches for making organizational changes. It guides an organization to optimize the use of resources, business process, budget allocations, or other modes of operation, by making significant changes to them.
ITIL Change Management Scope:
ITIL Change Management Process is tightly bound with “Service Asset and Configuration Management” process. And It frequently interacts with Configuration Management Database (CMDB), which is technically the fundamental component of this process.
Change Management process also works in parallel with Release and Deployment Management to keep track of changes made between two consequent release changes.
What is a Change? - Definition
Before making a deep dive into the ITIL Change Management Process, let us first know about Change.
According to ITIL v3, a Change is an event that results in a new status of one or more configuration items (CIs) and which has an impact on the current way of doing business. Hence, it is the means of addition, modification or removal of anything that could have an effect on IT services.
Moreover, ITIL tells us that every change should be a controlled change, means the change activities should be approved by company’s management group.
The scope of organizational change includes changes to all architectures, processes, tools, metrics, and documentation, as well as changes to IT services and other configuration items.
ITIL Change Management Types - Defining Change Models:
ITIL divided “Change” into three distinct types, those three types of changes in ITIL are (i) Standard Change, (ii) Normal Change, and (iii) Emergency Change. Sometimes these are also called Change Models.
(i) Standard Change:
This Standard Change type or Standard Change model is used for pre-authorized repetitive, low risk and well-tested changes.
As defined in ITIL V3, these are regular changes for which the support team doesn’t require to seek for explicit change approvals. For example, updating antivirus definition on regular basis, request for password reset.
(ii) Normal Change:
Normal Change is the most generalized change model. Any change which falls into this change category must go through certain predefined steps before implementation.
As defined in ITIL V3, these are formal changes, with a defined schedule and timeline. These are generally major changes which require proper assessment, authorization, approval from Change Advisory Board (CAB), and also to go through a review process after implementation.
Examples of Normal Changes are, adding a new feature to an application or Major patch update to servers.
This type of change is managed in a very formal way. We would discuss the actual steps under “change activity section”.
(iii) Emergency Change:
Emergency change model is used when a highly critical change is needed to be done within a very short period of time to restore any failed service or component. This type of change request is typically raised from Incident management or problem management process to restore/replace failed services or components.
Some examples of Emergency Changes are, Changing faulty component of the critical server, or rebuilding a crashed application module.
For this Emergency change model, ITIL mandates to call for an ECAB (Emergency CAB) meeting before doing the change and later formal written approvals are taken after initiating the change activity.
ITIL Change Management Objective:
The primary objective of ITIL Change Management Process is to control every change throughout the Changes Management Lifecycle. The goal is to facilitate beneficial Changes to be incorporated, with minimum disruption to IT services.
Other objectives are to bring-out clarity about the result of change before it is implemented and to enable the economical use of resources involved in a change process.
This process is also responsible to identify and stop any unauthorized or unintended change activity.
Seven R’s (7R’s) of ITIL Change Management:
According to ITIL Change Management Process, it is advised to involve and work in a change activity only after understanding the whole change scenario.
It is preferred to ensure that any person involved in the change process has the full information about the business requirement of the change.
To facilitate the same, the Seven R’s (7R’s) rule is created and recommended. The Seven R’s rule is as follows:
- Who RAISED the change?
- What is the REASON for the change?
- What is the RETURN required from the change?
- What are the RISKS involved in the change?
- What RESOURCES are required to deliver the change?
- Who is RESPONSIBLE to build, test & implement the change?
- What is the RELATIONSHIP between this change & other changes?
ITIL Change Management Lifecycle Activities:
There are quite a few activities that are grouped together and referred to as the Change Management Lifecycle.
Managing a change is usually a very crucial job for business improvement, and that is only possible with maintaining some discipline when doing this process.
The ITIL Change Management Lifecycle activities start with the creation of an RFC (Request for Change that contains basic information & intent behind the change and ends with either a closure or rollback. The actual number of steps may vary depending upon the change type or model.
Below are the activities are done at the time of making a Normal Change and usually done in the sequence as listed:
- Create an RFC (Request for Change).
- Respond & record the RFC.
- Review the RFC.
- Assess and evaluate the Change Proposal.
- Authorize the Change.
- Plan & Schedule the Change.
- Coordinate the Change Implementation.
- Review the Results of Change.
- Close the Change as Complete or Roll-Back.
Note: All of the above change management lifecycle activities are complemented by sub-processes of Change Management, discussed later in this chapter.
The below diagram illustrates the ITIL Change Management Lifecycle Activities:
ITIL Change Management Sub-Process:
According to ITIL V3, Change Management Process has Eleven Sub-Processes. Below are the objectives and short descriptions of those sub-processes, followed by a diagram describing the ITIL Change Management process flow:
1) Change Management Support:
Used to provide templates and guidance for the authorization of Changes. Also responsible for communicating information about ongoing changes to other IT Service Management processes.
2) RFC Logging and Review:
Used to filter out Requests for Change which do not contain all information required for assessment or which are deemed impractical.
3) Assessment of Change Proposals:
Responsible for assessing Change Proposals describing significant strategic Changes. The purpose of assessing Change Proposals is to identify possible risks & impacts before starting the design activities.
4) Assessment and Implementation of Emergency Changes:
Used especially to assess, authorize and implement an Emergency Change as quickly as possible. This sub-process is initiated only if the requirement is classified as “very urgent” by the business and not doing the change may attract huge business loss.
5) Change Assessment by the Change Manager:
The initial assessment is done by Change Manager to determine the significance of change. In case of Minor Changes, it may be immediately assessed and authorized by the Change Manager, while Significant Changes are passed on to the CAB for assessment.
6) Change Assessment by the CAB:
Responsible for assessing & authorizing Significant Changes to Infrastructure or Application. If required, higher levels of authority (e.g. IT Management) are involved in the authorization process.
7) Change Planning & Scheduling:
Responsible for authorizing detailed Change plan and Release plan before development starts. Also responsible for scheduling important dates of change management activities.
8) Change Deployment Authorization:
Responsible for ensuring that all required Change components have been developed, thoroughly tested, and to authorize the Change Deployment phase.
9) Change Implementation or Deployment:
This is the process which deals with the actual implementation of the approved changes. This process maintains coordination with both Design Team and Operation Team to provide a smooth implementation experience.
10) Minor Change Deployment:
Only initiated to implement low-risk, well-understood Changes which do not require the involvement of Release Management. It helps to reduce the time & effort of deep investigation, which otherwise may consume a large amount of time.
11) Post Implementation Review and Change Closure:
Responsible for assessment of the success of the Change implementation and the achieved results. Also ensures that the complete history of activities is recorded for analysis, learning lessons, and future references. The closure report is then used to update the CMDB.
Important Terminologies and Definitions:
Request for Change (RFC):
- Request for Change (RFC) formerly also known as Change Request (CR), denotes a formal request for a Change to be incorporated.
- An RFC specifies the key information about the proposed Change and must be submitted to Change Management for every non-standard Changes (For both Normal & Emergency Changes).
- A Change Proposal describes a proposed Major Change, like the introduction of a new service or a significant change to an existing service.
- The purpose of Change Proposal is to communicate a proposed major Change and describes the benefit, risk, and impact before the design activity begins.
- Change proposals are generally outlined by Service Portfolio Management & then transferred to Change Management process.
CAB Agenda Template:
- The CAB Agenda Template lists the topics for discussion in a CAB meeting.
Change Evaluation Report:
- In case of Major Changes, like the introduction of a new service or a significant change to an existing service, require a formal Change Evaluation before being authorized. The results of that formal assessment are documented in this Change Evaluation Report.
Change Management Policy:
- The Change Management Policy specifies the organizational guidelines about the levels of authorization required to authorize different types of Changes and other rules for assessing Changes.
- The goal of this policy is all about assessing & reducing the risks associated with a change.
- Change Management Policy is an important input to the Change Evaluation Process.
- The Change Record contains all the details of a Change, documenting the lifecycle of a single Change.
- It is usually created on the basis of a preceding Request for Change (RFC).
- A Document containing all approved or authorized Change Proposals and Changes and their planned implementation schedules.
- A Change Schedule is sometimes called a Forward Schedule of Change (FSC).
Projected Service Outage (PSO):
- A document that describes any expected deviations from the service availability agreed in SLAs.
- An RFC template needs to be used at the time of formally requesting a Change.
- This RFC template includes details of the proposed Change, and may be recorded on paper or electronically.
ITIL Change Management Roles and Responsibilities:
- This role is the Process Owner of ITIL Change Management process.
- The Change Manager controls the lifecycle of all Changes. His primary responsibility is to facilitate beneficial Changes to be implemented, with minimum disruption to IT services.
- In case of Major Changes, the Change Manager needs to seek authorization from the Change Advisory Board (CAB).
- Other responsibilities of Change Manager include:- Chair the CAB & ECAB meetings, Change Coordination, Change Review, Issue Change Schedule, Updating Change Log, and Publishing Management Reports etc.
Change Advisory Board (CAB):
- A CAB is represented by a group of people who advises the Change Manager in the assessment, prioritization, and scheduling of Major Changes.
- This board usually consists of selectively chosen representatives from all areas within the IT organization, the representatives from the business, and third parties such as suppliers.
- Usually, the Change Manager has the responsibility to chair the CAB meetings.
Emergency Change Advisory Board (ECAB):
- A subset of the Change Advisory Board (CAB) who makes decisions about high impact Emergency Changes.
- Membership of the ECAB is usually dynamic in nature. Depending on the nature of the Emergency Change, the participants are chosen at the time of calling for a meeting.
We hope that you have enjoyed the above article describing ITIL Change Management Process. Be with us to explore free training on Leading Technologies and Certifications.
Leave us some comments if you have any question about Change, Types of Change in ITIL, Normal Change, Emergency Change, or about ITIL Change Management, we will be happy to help you.