Definition: What is IT change management?
Changes to the IT infrastructure occur regularly. IT change management is the process for implementing these in a structured and controlled manner. It reduces potential service disruptions and better aligns IT objectives with business goals. Adequate IT change management is based on proven standards, such as ITIL® (ITIL®️ is a registered trade mark of Axelos Limited. All rights reserved.). It helps to ensure the continuous operation of critical systems.Change management vs. IT change management
Change management generally refers to the structured implementation of changes in organizations. Its goal is to successfully adapt people, processes and systems. IT change management is a specific sub-area that focuses on IT system management including their stability and security. Change management encompasses all organizational changes. IT change management focuses on technical changes and their potential impact on the IT infrastructure.IT change management and release management
Their focus is the key difference between IT change management and release management. IT change management is about making individual changes to IT systems in a controlled manner without causing major disruption. Release management is concerned with software releases. It includes the planning, coordinating and providing software releases which often of several changes. It also executes a successful rollout.„In a nutshell: Where IT change management reviews and approves changes, release management delivers finished, tested changes to the production environment.“
Tobias Kortas
Examples of IT change management
IT change management occurs frequently in organizations and in various contexts. Time and again, companies are asked to implement new software, install relevant updates and optimize existing processes.
Example #1: Introducing a critical software update
An application needs to be updated. Its potential effects are first identified.
Then, there is a risk assessment. It is used as a basis for analyzing the consequences for the IT infrastructure.
Finally, those responsible check the update in a test environment. This prevents as many errors as possible in the live environment.
Once the update has been approved for use on the live system, detailed planning takes place. This includes time windows, backup strategies and potential rollback procedures. Rollback proceduares are defined in order to be able to react quickly in the event of problems.
During the update, the IT team monitors the systems to avoid disruptions. After successful implementation, IT documents the result – and informs everyone involved of the current status.
Example #2: Switching to a cloud-based infrastructure
A company wants to switch from local servers to a cloud-based infrastructure. Change management begins by analyzing the requirements in more detail and evaluating the benefits and risks of cloud migration. Finally, a change plan is drawn up that describes the gradual transition – including employee training and price adjustments.
IT services are then gradually transferred to the cloud. Adequate communication ensures that everyone involved – from IT team members to end users – is sufficiently informed and prepared. Monitoring is also carried out to ensure that the new IT services function smoothly and problems are resolved quickly.
Important components of IT change management
IT change management is made up of a number of components. Here is some information on the most important terms in this context.
Request for Change (RfC)
A change request (CR) or a Request for Change (RfC) forms the basis for a corresponding process. This can be triggered in many ways. Examples include by a problem management process, a simple IT problem or even a process optimization.
A request for change is a formal inquiry to change something in an IT system or process.
„The aim: planned changes should be adequately evaluated, analyzed together with possible risks and approved. “
Tobias Kortas
An RfC can include the following information, among others:
- Description of the change
- Reasons for the change
- Affected systems or product versions
- Steps required
- Date for specific implementations
- Resources for implementation
- Time required
- Cost estimate
Forward Schedule of Change (FSC)
This term refers to a calendar or plan in which all planned changes for a specific period are recorded. A Forward Schedule of Change provides a tried and tested overview of upcoming steps. It is used to avoid conflicts and implement changes systematically, with the necessary approvals and a minimum of risk.
Post Implementation Review (PIR)
An evaluation of a completed change is carried out after a particular change has been made. This is called a post-implementation review.
Its importance should not be underestimated. This step provides an evaluation of whether the change process was successful. It also ensures the desired results have been achieved.
IT changes often need to be readjusted and many processes are never really completed – in line with continuous improvement. Possible problems or optimization potential should come to light as early as possible.
Classification of changes
Changes to be made are usually classified according to their importance and urgency. The IT Infrastructure Library (ITIL) – the de facto standard for best practices in IT Service Management (ITSM) – defines the following categories.
Standard change
A standard change is a pre-approved, low-risk and frequently implemented change that follows a defined, repeatable process. Such known changes do not require detailed approval and risk assessment, so they are quick and easy to implement. Common examples include resetting a password or adding a user.
Normal changes
This form of change is planned, repeated and standardized. Depending on the scope and risk, the changes can be minor, significant or serious. They are naturally less urgent than emergency changes. Examples include software updates, hardware replacements, rights adjustments, configuration changes or the onboarding and offboarding of employees.
Emergency changes
This is where things get explosive. As the name suggests, emergency changes are unexpected and usually have to be implemented immediately. The aim is to immediately mitigate negative situations and threat scenarios, resolve a major incident, or prevent serious consequences.
One example is post-attack recovery. Infected devices need to be isolated and cleaned quickly to prevent malware or ransomware from spreading further.
The IT change management process
A change management process in IT implements changes in the IT infrastructure in a controlled and efficient manner to meet growing requirements and market changes. Changes should be as automated as possible.
The objectives include improved control and traceability of changes, clear responsibilities and continuous optimization. This promotes transparency and efficiency. It minimizes disruptions in IT operations.
Overall, the IT change management process contributes to the company’s competitiveness. It enables participation in trends and implementation of smooth changes
Roles and responsibilities
Adequate change management in IT involves a number of important tasks for which individuals must take responsibility. There is no universally valid list of roles and responsibilities. Rather, the specific people involved depend on the company’s internal processes.
Nevertheless, some roles can be identified that are usually part of IT change management:
Change Advisory Board (CAB)
A Change Advisory Board (CAB) usually consists of representatives from different IT and business teams. In the CAB meeting, people evaluate, approve or reject complex and high risk changes, in particular. The focus here is on possible effects and whether a planned change will actually be implemented. Sometimes an Emergency Change Advisory Board (ECAB) – a smaller, fast-acting committee – is also used for emergency changes.
Change Manager
This function coordinates and monitors the entire change process and manages the Change Advisory Board. It reviews the relevant requests, decides for or against planned changes and applies project management to the corresponding implementations. This is often also referred to as a change owner.
Change initiator
This refers to individuals or teams who propose or request changes. These are often developers or system administrators, for example, who have identified opportunities for improvement or bug fixes.
Change Implementer
This refers to IT employees or administrators who ultimately implement the corresponding change. They may be tasked with installing software, running updates or adapting configurations.
Change tester
The task here is to check possible changes so that there are no complications as a result of the changes.
Configuration manager
This role is responsible for ensuring that changes to the system configuration are documented. They make sure that the Configuration Management Database (CMDB) is updated and that configuration items are tracked. This ensures documentation of lessons learned.
The most important goals
of IT change management
The objectives of an IT change management process are quite simple – implement planned, necessary and desirable changes.
However, this only describes the execution, the change process itself. The overarching goals (keyword: management) can be manifold.
The most important objectives are listed here:
1. High level of control
Changes need the right processes to be successful. With a dedicated approval process, organizations can better control them and manage each step effectively. By carefully planning changes, for example, errors and disruptions in operations can be avoided. Such control leads to good results.
2. Continuous improvement
The stakes are high with IT changes. Just think of the consequences of failed updates or implementations at company level.
„For large-scale changes good management brings about continuous improvements. This helps to avoid missteps in the medium to long term, keep pace with trends and achieve high quality. “
Tobias Kortas
3. Faster implementation
Effective IT change management allows changes to be carried out more quickly. This saves costs, time and resources in equal measure. For many employees, functional IT is the basic prerequisite for being able to work effectively. Important achievements include, for example, rapid – yet complete – approval and implementation processes.
4. Collaboration of IT teams
The DevOps approach shows the way. IT teams must work together in a goal-oriented cross-departmental way. This ensures a suitable overall vision and results-oriented working. ITSM, ITOM, development and operations teams must be well coordinated and collaborate with each other in order to implement relevant changes quickly and effectively.
5 Communication, documentation and transparency
Good communication is the basic prerequisite for IT teams and stakeholders to successfully complete important change projects. Documenting completed work steps and creating transparency creates an ideal basis for teamwork – an important prerequisite for change projects. Adequate process management is just as crucial as an intact flow of information for good IT change management.
Checklist for IT change management
To ensure that changes are planned as precisely as possible and progress is monitored, it can prove useful to work with a checklist.
The following contents may prove useful:
Requirement and documentation
- Change request submitted and documented
- Stakeholders informed
- Requirements recorded
Categorization and prioritization
- Change category defined
- Prioritization completed
- Resources and requirements checked
Roles and responsibilities
- Responsibilities assigned
- Tasks delegated
- Communication plan drawn up for stakeholders
Risks and impacts
- Risks analyzed
- Impacts evaluated
- Emergency and recovery plans drawn up
Planning and approval
- Required approvals obtained
- Compliance checked
- Schedule created
- Project plan created
- Rollout plan developed
- Communication planned
- Resources secured
Implementation and review
- Change tested
- Change automated
- Function and feedback checked
- Implementation monitored and communicated
- Documentation
- Service desk training
Completion and monitoring
- Change completed
- System documentation updated
- KPIs and change performance evaluated
- Report and improvements documented
Conclusion: a comprehensive, decisive process
Changes are often critical – and IT affects companies on a holistic level. Adequate IT change management is required to operate efficiently. Change processes, such as the implementation of new software, should be standardized and structured. It is also crucial to adequately communicate and document relevant information and work steps.
The focus should be on the purposes and objectives of the respective changes and their anticipated consequences. Changes must have the greatest possible positive effect. They must also be of low risk and introduce as few negative effects as possible.
In change management, many eventualities must be considered, goals set, strategies outlined, stakeholders informed and appropriate tests carried out. An IT change never really stops. It should always be the focus of “daily business” through consistent monitoring and the resulting measures.
Find out how OTRS can support you in IT change management.