What Is Change Management Process?
Posted by on September 26, 2018
Chuck Darst is a Senior Product Marketing Manager for Cherwell Software. Chuck has over ten years of IT Service Management (ITSM) industry experience and over 20 years in a variety of IT Operations Management (ITOM) roles with a focus on machine learning, automation, compliance, and IT security.
The ITIL Change Management process is part of the Service Transition stage of the ITIL® service lifecycle, whose objective is to build and deploy IT services, as well as to ensure that changes to services and service management processes are conducted in a coordinated way. Changes can be a new service or a substantial modification to an existing service, but either way, they have the potential to cause significant service disruptions if they are not managed appropriately. Change Management is also one of the most impacted processes for organizations adopting agile or devops.
This guide discusses the Change Management process outlined in ITIL. After establishing what exactly constitutes a change and defining the principles and objectives of the Change Management process, we'll explain in detail the sub-processes outlined in ITIL along with some software features that make it easier than ever for organizations to comply with the ITIL Change Management process.
What Is a Change?
The latest version of ITIL defines a change as "the addition, modification or removal of anything that could have an effect on IT services. The scope should include changes to all architectures, processes, tools, metrics and documentation, as well as changes to IT services and other configuration items."
Changes come in all different shapes and sizes starting with standard, normal, and emergency changes. And, the approvals needed and tasks executed can vary significantly depending on the configuration items being changed. There are minor, routine changes that can be implemented quickly and with minimal oversight, usually with the sole authorization of the Change Manager or even pre-approved. There are also emergency changes, which must be implemented as quickly as possible and are therefore subjected to a condensed and expedited approval process. As well, special types of documents are used in Change Management—a standardized Request for Change (RFC) template is provided in ITIL 2011, and a Change Record is used to document the lifecycle of a single change from request to closure and review.
The broad definition of a change used in ITIL means that any change that could affect IT service availability is covered by the Change Management process. This includes things like hardware changes, swapping out servers or other physical IT infrastructure, changes to communications equipment or software, system software upgrades, or changes to the documentation used to support and maintain live systems.
Organizational change management (OCM), a broader discipline that addresses the management changes in a company's structure, strategy, policies, procedures, or culture, is defined by ITIL publishers AXELOS as "an approach to managing the people side of change."Conversely, ITIL Change Management focuses on managing the service implications of technical changes.
Address the challenges of an organizational change, with our PinkVerify ITIL 2011 certified solution. Get 1:1 Demo Now
What Are the Change Management Principles?
The principles of Change Management are best understood through the five objectives for effective management of the change process provided by ITIL:
- The Change Management process should respond to the customer's changing business requirements while maximizing value and reducing incidents, disruptions, and re-work. Adapting to the strategic needs of the business is a principle that underlies ITIL.
- Responding to the business and IT requests for change that will align the services with the business needs. In the Service Strategy phase of the service lifecycle, process owners will identify changes that align the organization with the business needs. These changes are captured on RFC forms and submitted to the Change Management process for assessment.
- Ensure that changes are recorded and evaluated, and that authorized changes are prioritized, planned, tested, implemented, documented, and reviewed in a controlled manner. ITIL 2011 has updated the change authorization sub-processes to reflect the reality that changes require review and authorization at each step of their lifecycle—initial assessment, planning, building, and deployment.
- Ensuring that all changes to configuration items are recorded in the configuration management system. Maintaining adequate records that can be reviewed for mistakes and opportunities for improvement is a theme throughout ITIL.
- Optimize Change Management for business risk, occasionally accepting reasonable levels of risk because of the associated potential benefits.
Uncontrolled or poorly managed changes can have major consequences in IT, especially if the change leads to a business-affecting outage or a major incident. IT organizations avoid this by implementing the Change Management process to help assess, authorize, and track changes throughout their lifecycle. This could include implementing smaller, more frequent changes and/or ensuring that there is an effective change advisory board. When the objectives are met, organizations do a good job of controlling the flow and impact of changes to the IT environment. In addition, the change management process receives constant input from Service Strategy and newly implemented changes are designed specifically to meet the changing needs of the business.
What Is the ITIL Change Management Process?
The core objective of the IT Change Management process is to control the lifecycle of all changes, allowing beneficial changes to be made while minimizing disruptions to existing IT services. The establishment of a formal Change Management process creates a path of documentation and authorization for changes that are enacted by the IT organization. This ensures that the production and implementation of changes is done with the appropriate oversight, and enables the IT organization to review and continuously improve its methodologies for implementing changes. There are different valid approaches in pursuing these objectives.
The Change Management process uses a set of sub-processes to achieve its overall objective of controlling the lifecycle of changes. Together, the sub-processes work to receive change requests, determine the level of authorization needed to assess the request, present the change request to a person/board that can authorize the change, continuously review and authorize changes as they progress through planning, building, and deployment phases, and document the change process for later review. This can also include the automation of change execution for standard, pre-approved changes.
The next section explains each sub-process of Change Management and how it contributes to the process as a whole.
What Are the Change Management Process Steps?
Like other ITIL processes, the Change Management process is comprised of several sub-processes that work together. When the flow is used correctly, the sub-processes work in unison to help satisfy the ultimate goal of Change Management: to effect beneficial changes with minimal disruption of IT services. Changes can be either reactive—in response to an error or bug that needs to be fixed—or proactive, to reduce costs or provide a different business benefit. Either way, these sub-processes work together to help minimize downtime when changes happen.
Change Management Support - Change Management support has two important objectives within the organization. The first one is to ensure that the owners of all other IT service management processes are being delivered timely information about planned and ongoing changes. Normal planned changes should never be a surprise to anyone in your IT department. The second is to provide guidance for the authorization of changes and templates/documentation to support change requests and change records. Here, the process owners can supply the "Request for Change" template provided in ITIL 2011 or create their own.
Assessment of Change Proposals - The Change Management process can begin with the submission of a Change Proposal by Service Strategy. This process is used to identify possible difficulties related to the design and implementation of a larger normal change prior to the beginning of design activities. Early identification of potential issues allows the IT department to effectively budget time and resources needed to implement more complex changes, and anticipate potential bugs that could lead to service outages.
Request-for-Change Logging and Review - This sub-process is applied to new change requests that are submitted to the Change Management process. Its goal is to check and verify that normal change requests contain all of the information required for their assessment before they can be reviewed by the "Assessment of Change Proposals" process. This filtration step ensures that only complete and accurate requests are assessed.
Assessment and Implementation of Emergency Changes - An emergency change is defined in ITIL as a change that must be introduced as soon as possible—for example, to solve a major incident or implement a security patch. This process is used to assess, authorize, and implement emergency changes as quickly as possible. The emergency change process is used in cases where a change requires immediate action and it would be impractical to send the request-for-change through the normal, slower Change Management process.
Change Assessment by Change Manager - Change Managers are the process owners of the Change Management process, controlling the lifecycle of active and upcoming normal changes in the organization. The Change Manager's role in managing this process is to determine whether a change is minor enough that they themselves can authorize it independently, or whether it should be passed on for review by the Change Advisory Board (CAB).
The CAB is made up of representatives from within the IT organization, the business, and from third-party suppliers with special knowledge of the IT organization's operations. The role of the board is to advise the Change Manager on the assessment, prioritization, and scheduling of changes.
Change Assessment by the CAB - When a change assessment is conducted by the CAB, it has the power to authorize the next step of the process, the change planning phase. If the change is very large, even higher levels of authority could be involved in the assessment and approval process.
Change, Scheduling, and Build Authorization - The goal of this process is to authorize detailed change and release planning, and to assess the project plans that result from the change planning phase for their completeness and viability prior to authorizing the change build phase. Changes should not be able to progress from the planning phase to the build phase without passing an assessment as part of this process.
Change Deployment Authorization - This process helps to ensure that all components of a change have been properly built and tested prior to deployment.
Minor Change Deployment - When a small, well-understood change is to be implemented, the Change Manager can authorize the deployment of the change through a minor change process. This process is used to expedite low-risk changes that do not necessitate the involvement of risk management. Change Managers must use an effective Change Management strategy to differentiate between standard, normal, minor, and emergency changes.
Post Implementation Review and Change Closure - As with all major ITIL processes, the Change Management process contains a sub-process for reviewing its effectiveness. This process has three objectives: to analyze and mistakes and learn lessons for the future, to assess the change implementation and the final results, and to verify that a complete record of the change implementation process is retained for future reference.
Automate and optimize ITIL processes with our certified solution. Request Free Demo Now
How Are Change Management Software Solutions Used in IT Organizations?
Change Managers face significant challenges when it comes to tracking the status of changes and change requests throughout their lifecycle. Submissions to the Change Management process must be reviewed for completeness, assessed by the appropriate persons or parties, and properly authorized at each step of the implementation cycle. In many organizations, there is a move to smaller standard changes that are pre-approved and frequently automated.
ITIL-compliant software is one of the most important Change Management tools available for Change Managers at large organizations. Solutions like Cherwell Service Management offer a rich set of features that help Change Managers keep their fingers on the pulse of all organizational changes that affect IT service availability.
Cherwell Service Management allows organizations to start automating key ITIL Change Management processes right out-of-the-box, reducing the labor intensity associated with Change Management authorizations and allowing managers to focus their efforts on mitigating service interruptions instead of filling out paperwork. Cherwell's codeless configuration of processes and automation of supporting tasks simplifies the administration and maintenance of change management accelerating both initial time to value and subsequent upgrades.
Cherwell's Dashboarding features offer a unique, end-to-end view of the IT change lifecycle, allowing Change Managers unprecedented control and a holistic view of the Change Management process. The software also offers a convenient system for creating, editing and tracking changes to Change Management records, ensuring the integrity of data that can be analyzed later to facilitate continuous improvement to the Change Management process.
Cherwell Project & Portfolio Management can be used to support and implement changes that are assessed and authorized through the Change Management process. This solution helps organizations manage project demand and efficiently allocate their efforts and resources toward projects with the biggest organizational impact.
ITIL defines a change as the addition, modification, or removal of anything that could have an impact on the availability of IT services. The objective of the Change Management process is to allow the organization to enact beneficial changes while minimizing the disruption of IT services.
Several sub-processes work together to achieve the five objectives of Change Management while recognizing differences based on the configuration items subject to the change and the associated change types—standard, normal, and emergency. Together, the sub-processes are used to review and assess requests for change, get them authorized through the appropriate avenue, and ensure that they are authorized for progression at every step of the implementation process. The comprehensive change authorization process ensures that a change is properly assessed before it enters the planning phase, that it has been planned and scheduled appropriately before the build phase begins, and that the change has been adequately built and tested before deployment.
Finally, once a normal change has been implemented, the Change Manager is responsible for ensuring that the change was assessed in terms of its objectives and end result, adequately documented for later review, and analyzed to learn from any mistakes that were made.
Learn more about the ins and outs of Change Management in our Essential Guide to ITIL Change Management.
You might also be interested in
Ebook 5 min
Does the ITIL Framework Need a Facelift?
The ITIL® framework has been with us since the 1980s, providing guidance and best practices for ITSM practitioners across the world. But the ITIL framework isn't perfect. This eBook explores the top ten ITIL framework concerns and why it may be time for a facelift.
Essential Guide 5 min
The Essential Guide to Creating an IT Service Catalog
This Essential Guide to Developing a First-Class IT Service Catalog will provide an introduction to the IT service catalog and promote the value a well-designed catalog can bring to any organization.
Ebook 7 min
7 Deadly Sins of ITIL Implementation
Wondering whether ITIL® is still relevant in today's fast-paced digital environment? ITIL holds many timeless truths, but it can be misapplied when taken too literally. Uncover the seven mistakes commonly made with ITIL implementations, and gain guidance on how you can go faster—while still upholding ITIL's key principles.