ITSM is most often implied as a software-based solution. In reality, ITSM encompasses technology, people, and processes wherein software is one aspect. A simple definition of ITSM is that it is an approach for managing, designing, improving and delivering the means in which Information Technology is applied in an organization. The ultimate goal of ITSM is the alignment of the people, technology, and processes to aid the business in achieving the target. Tools which are supplied by ITSM contain components such as objects of business (roles, groups), database and a process engine. Any software solution provided to implement ITSM abides by ITIL best practices.
An integral aspect of ITSM is change management. Within the scope of ITSM, change management refers to the pre-defined procedures and methods which are implemented to ensure prompt and efficient handling of the changes pertaining to the control of IT infrastructure. Such changes are brought about to ascertain that the impact and number of disruptive incidents are minimized. In response to the changes in the infrastructure, externally imposed response to the problems may arise. These could be proactive in pursuing improved initiatives or variations in the legislation. Through change management, the detrimental impact of such actions is minimized through standardized procedures, processes, and methods.
The need that drives the change
The reasons which demand a change are numerous. In a broader sense, the reason for the change is divided into two:
- Reactive changes: These are changes which are necessary to resolve errors or to ease adaptation to evolved circumstances. Issues which demand reactive changes are associated with operational, security, vendor-triggered changes, system patches, and upgrades. Through the necessary changes, the level of risk is minimized.
- Proactive changes: Changes made in the proactive sense are done so to enhance the process and efficiency. Most often, proactive changes are undertaken to redefine core operation processes in an effort to consolidate the structure of Service Desk.
Steps in change implementation
Change according to the definition provided by ITIL is the act of modifying, adding or removing any aspect which could have a potential impact on IT services. Change management, in this sense, is the process through which all changes are implemented with minimum disruption of ongoing IT services. The origin of change is within the Service Strategy aspect of the IT service lifecycle. In specific, a change is first defined during the Request for Change (RfC) protocol. Here, the objectives and goals are defined. The next step is provided by the Service Design which charts out the plan for change implementation. Final design and deployment of changes are handled by the Service Transition team. The service operation is the last step which defines the implementation of change after it completes the phase of testing. Service transition overlaps with the service operation process. The process explained here holds true for Normal Changes.
Additionally, there are two other types of changes, namely Emergency and Standard changes. Emergency changes, as the name suggests are those which are made in response to unforeseen circumstances which demand immediate action. Such changes are in response to pressing issues like security threats. Evaluation time is cut short and the implementation is almost immediate. The only procedure which defines the route of change management is ad-hoc, unlike the other standardized strategies of ITSM.
Standard changes are premeditated and follow a series of steps. Such changes do not require a pre-approval and are identified as low risk. Changes which are categorized as Standard include moving a desktop for a single user or resetting of a single password.
Important infrastructural changes in management roles
Before the step of change implementation, roles which facilitate the completion of the required task must be defined. These roles are as follows:
- Initiator: As the role reads, the initiator identifies and recognizes the need for change. Such an individual is directly involved with support based services and tools. The best match for such a position is a member of the service team who is directly associated with handling customer support services.
- Coordinator: Once the initiator identifies the need for change, a request is sent forward to the coordinator. Such individuals assess change requests which stem from problem management, incident management, continuity and release management teams.
- Manager: The role of the change manager is critical for large and mid-sized companies. The primary role of change managers is to receive, prioritize and evaluate the risk associated with the requests made.
- Board of advisors: After the change request is processed by the managers, an advisory board further assesses the suitability of change. The likely impact of the change on all the associated parties is taken into consideration. A meeting is set up to decide on how to proceed.
- Approver: A change is implemented only after it receives approval from the approver.
- Implementation core team: Finally, after passing through all the hierarchies, changes that get the nod from the approver are implemented by a specialized group of individuals.
Change management implementation
Parameters which need critical consideration before implementation of change management are:
- Policy definition: Before jumping into change, questions like how the change will be implemented and organized must be answered. Such policies include aligning the change with the needs of the business, integration with other processes like Incident Management, building a responsibility matrix, the division of duty controls, risk evaluation and performance assessment.
- Processes which drive change: There are many variations to change, and for each, the process is well defined in terms of input, output, procedures, and responsibilities. A process with an ambiguous definition affects the outcome negatively.
- Resources to implement change: The three components of the business structure, namely the individual, group and the organization, are considered independently. As it goes, individuals are almost always reluctant to accept change. It is imperative that they are convinced to come on board. Participation of the individuals decides the fate of change. Once the individuals are convinced of the change, the next step is for the team to steer the course of implementation. Important skills like technical and organizational turn the course of events. Lastly, the responsible organization must be modified to accept changes depending on their hierarchy, size and culture.
- Responsibility definition: All duties and responsibilities must be well defined. When the implementation of change is prolonged, the problem lies in the role definition. Such a delayed adoption can result in monetary losses.
Any change implemented is reviewed keenly to assess its success. If the procedure fails to work as expected, it is withdrawn or reformed. If the process is working smoothly and has positively influenced the process, the process is labeled as complete. The process is documented in a specific database which is accessible to all the stakeholders. On completion of the necessary documentation, the change process is closed.