An Overview of Change Management in ITIL

An Overview of Change Management in ITIL

Change Management in ITIL is a process designed to understand the risks involved and minimize them while making changes in the IT infrastructure.

The Change management process is a sequence of activities that are followed by a change management team to use change management on a project to ensure that it meets the intended outcome.

The main purpose of change management is to control the lifecycle of all the changes and enable changes to be made which are beneficial in nature with little or no disruption to the IT services. Change management aims to establish standard procedures for managing change requests in an efficient manner.

Objectives of Change Management

The objectives of change management are:

  • To respond to the rapidly changing requirements of the business and simultaneously maximizing the value of the service offered.

  • The number and intensity of incidents, disruptions and re-works should be reduced.

  • To respond adequately to Requests for Change (RFCs) which align the IT services with the core business.

  • The implemented changes should be recorded and evaluated.

  • The changes which have been authorized for implementation should be planned, tested, implemented, documented and reviewed in a systematic manner to ensure that it is a right fit.

  • The overall risk to the business should be minimized so that the risks do not spiral out of control and affect the core business of the company.

Scope of Change Management

The change management’s scope covers the changes made to all the configuration items across the physical and virtual assets of the entire service lifecycle. It covers the changes made to the five aspects of service design:

  • Service solutions

  • Management information system and tools

  • Technology architectures and management architectures

  • Processes

  • Measurement systems, methods, and metrics

Types of Change Request

Types of Change Request

  1. Normal Change

    • A normal change is a type of change which is neither a standard nor an emergency.

    • It is an important change made to the IT service or infrastructure.

    • They are non-trivial changes made to the services, processes, and infrastructure.

    • Normal changes are reviewed by the Change Advisory Board for authorization or rejection.

  2. Standard Change

    • A type of change that occurs frequently poses a very low risk and follows standard procedures which are pre-established for completing the tasks is called a standard change.

    • Since they are typically small changes, they are pre-approved so that the change management process can be speeded up.

    • Even after approval, standard changes are under the control of change management.

    • If the standard changes cause any incidents after implementation, they can be brought back for review and changes can be made as needed.

    • Standard changes are not considered as a Request for Change but are tracked as Service Request Records.

  3. Major Change

    • A type of change which requires serious financial investment and has the ability to pose a major risk is called as a major change.

    • This type of change needs an in-depth proposal for attaining financial approval and clearance from various levels of the management.

  4. Emergency Change

    • It is a type of change which needs to be implemented as soon as possible in order to resolve a major incident or issue.

    • These types of changes tend to be very disruptive and have a high failure rate. Hence they should not be implemented unless absolutely necessary.

Benefits of Change Management

Implementing change management in an organization can minimize the risks and safeguard the services of the company. Sudden and unplanned changes can cause disruptions to IT services and result in a productivity drop. This is where change management provides benefits with well-structured and planned changes which minimize the risks associated with them.

The benefits provided by a well-structured change management process are as follows:

  • It improves the alignment of IT services towards the core business of the company.

  • The negative impact of change on business operations is greatly minimized.

  • Responsiveness to the changes made is prioritized so that only the most important issues are attended to first.

  • Risk management is improved in the face of change management.

  • Change management results in a lesser number of disruptions to the IT services and the system downtime if it occurs is also reduced.

  • Since the changes are implemented in an organized manner, the productivity of the staff is also improved.

  • The changes can be implemented faster in a systematic manner than in a haphazard manner.

  • There is strict compliance with regulations and standards set by the government.

Activities of Change Management

The main activities of change management are:

  • To plan, control and schedule changes

  • To understand the impact of the implemented change

  • To communicate effectively with the stakeholders.

  • To make improvements on a continuous basis.

  • To make sure that they are plans to remedy any problems.

Process Flow of Change Management

Process Flow of Change Management

The following processes are included in a typical change management process.

  1. Creating and Logging the Request for Change (RFC)

    • An individual or a business unit can create a request for change.

    • The information contained in the RFC will vary depending on the type of change.

    • The information can be used for making decisions to authorize and implement changes.

    • It can also contain identifying information, description, a configuration item which is undergoing the change, the reason changes are being made, the type of change, timeframe and the costs involved in making the change.

  2. Reviewing the Request For Change (RFC)

    • In order to ensure that the right changes are made at the right time, each request needs to be evaluated and prioritized by the authority responsible for making changes.

    • Depending on the scrutiny, the requests are approved, sent back for making additional changes or rejected outright if there is no requirement.

    • The changes which are not yet approved should be monitored closely to make sure that they do not get implemented nevertheless.

  3. Evaluating the change

    • It is essential to evaluate the changes made and assess its impact to be aware of its benefits to the IT services and to avoid needless disruptions to the business operations.

    • For major changes, a formal evaluation takes place to assess the change, and it will be documented in a Change Evaluation Report.

    • An internal assessment will be made, which will consider the impact of the change to be implemented in the business, infrastructure and other IT & non-IT services.

    • A change Advisory Board (CAB) consisting of various stakeholders such as the service owner, technical can financial personnel, can also be constituted to evaluate the necessity for change.

  4. Approve the change

    • Before they can be implemented, each change needs to be approved by the concerned authority depending on the type of change.

    • The approval depends on the size of the business, the forecasted risk of implementing the change, the scope of the change and financial repercussions.

  5. Coordinate the Implementation

    • After the change has been authorized by a competent authority, it needs to be implemented,

    • A change request is given to the release and deployment team who coordinate with the appropriate technical and management teams for building, testing and implementing the change.

    • Every change which has been implemented should have a remedial plan prepared in case of a situation where the implementation fails.

  6. Reviewing and Closing the Change request

    • Once the change has been implemented, a Post Implementation Review (PIR) is conducted, which confirms if the change has been implemented properly and whether it has successfully achieved all its objectives.

    • If the change has been implemented successfully, then all the associated problems will be solved.

    • If the change is not successfully implemented, then the remedial plan should be activated immediately.

    • A proper process must be defined to support the change management process.

Roles and Responsibilities of Change Management

The following roles are assigned to a team in ITIL change management.

  1. Change Initiator

    • The role of the change initiator is to recognize and identify the need for change.

    • A change initiator should be someone with experience in working with service support tools.

    • A person who provides support services to customers may be best suited for this role as they frequently interact with the system.

  2. Change Coordinator

    • A change coordinator has to analyze the requests which originate from other departments such as incident management, problem management, release or continuity management.

    • The change coordinator also needs to register the changes received and determine the risk and the potential impact of the change.

    • In addition to that, the change coordinator has to prepare plans for implementation and monitor the progress of the change.

  3. Change Manager

    • A change manager is needed only in medium and large organizations.

    • Their duty is to manage the change procedures, receiving and prioritizing the change requests, evaluating the risk associated with the request and maintaining detailed records of each change.

  4. Change Advisory Board

    • The primary duty of the change advisory board is to authorize the requests for changes and making further evaluations on the requests when it is determined by the change manager that there is a high risk associated with it.

    • The board considers all the affects that the requested change can have on all the involved parties.

    • A meeting will be scheduled to determine the path to proceed with a clear agenda in mind.

  5. Approver

    • The duty of the approver is to decide whether the changes need to be approved or rejected.

  6. Change Implementation Team

    • The change implementation is formed with a set of specialists who can actually implement all the changes.

    • The IT manager is responsible for overseeing the changes.

Best Practices to Adopt and Implement Change Management

Nowadays, changes happen at a very fast rate, and it is a challenge to implement a quality change management process, which in turn makes the handling of constant change easier. It is essential to have the full support of the top-level management and executive leadership to implement and follow up on the changes successfully. The following best practices guide you to adopt and implement change management.

Best Practices to Adopt and Implement Change Management

  1. Build a business case

    It is essential to build a proper business case by highlighting the purpose and benefits provided by a properly structured change management process. This case should be shared with all the leaders in the organization from the highest to the base-level leaders. It is essential to get all the stakeholders in on the plan as it will be important to the success of the change management.

  2. Define a change for the organization

    It is important to define each change along with its types and the criteria it fulfills.

  3. Define the key roles and responsibilities

    The roles and responsibilities should be identified and assigned to the right people who are involved with the change management process such as the Change Manager, Change Advisory Board members, and the sponsors.

  4. Design the Change Management Process

    Every change that should be incorporated needs a systematic process that will help it meet expectations.

  5. Define the Key Performance Indicators (KPI)

    There will be certain key areas to be identified which will be affected by the implemented change. The measurement of these key areas needs to be demonstrated and shared with the stakeholders.

  6. Implement Continual Service Improvement

    The performance of the change management process, the people involved in it and the technology used in it needs to be evaluated on a regular basis to ensure that they are operating at the required levels of efficiency.

  7. Understand the risk tolerance levels

    The risk tolerance level of the organization should be determined based on the type of governance in the organization and the maturity of the change management process in handling the various types of changes.

Challenges of Change Management

The challenges faced by change management are:

  • Making sure that each and every change is tracked, recorded and managed properly.

  • It is the duty of change management to ensure that it adds value to the changes by making them happen faster and helping them achieve higher success rates.

  • In certain organizations where change management covers only the operational change authorization, it becomes difficult to migrate to a true change management process.

  • There can be significant challenges in a large organization to agree and document the multiple levels of change authority which are required to manage and communicate the changes between the relevant change authorities effectively.

Risks of Change Management

There are several risks encountered during change management. Some of them are:

  • The business, IT staff, and IT management can have a lack of commitment to the change management process.

  • Implementing changes without making use of the change management process carries a certain risk along with it.

  • It is possible that there can be a lack of clarity regarding how the change management should interact with the other service management processes.

  • The presence of excessively bureaucratic processes can cause several delays in implementing changes.

Change management thus can respond to the rapidly changing business requirements and maximize the value of the offered services. By ensuring that the implemented changes are recorded and evaluated, it makes sure that they are a right fit. It also ensures that the overall risk to the business is minimized to prevent the risks from spiraling out of control.

Subscribe to receive awesome resources, offers, and updates straight to your inbox

Success! Thank You for Your Subscription.


Stay Connected

Subscribe to Our Newsletter

Success! Thank You for Your Subscription.

Related webinars

7 Steps to ITIL Continual Service Improvement

IT Service Management