Change Control - The Whys and the Whats

Change Management is the process of managing the integrity, and availability of your IT environment (e.g., hardware, software, firmware) when modifications are introduced.

Why should you manage change?

Overseeing change in your IT environment ensures that only necessary and approved modifications are introduced. It is a means to ensure that changes are planned and well-executed to ward off business impacts while ensuring resource efficiencies.

What factors should you consider when preparing for a change?

Next obtain necessary approvals. Having an approval process ensures that the person requesting the change has been given the authorization to make the change.

When you assess whether the change will impact business processes and when a change should be executed, there is much to ponder. Many changes can be made without impact on a business system. That is, if the change goes well. But you may want to ask the question, what if the change goes poorly and a disruption were to occur? Or perhaps it is a known disruption, so you plan to do it after hours. Even in this case, communication with the business may be warranted. If someone was planning to put in extra hours or had a process running in the evening, then a disruption could prevent the process from completing. Communication allows them to adjust or raise a voice of concern.

Change Management encompasses multiple levels of the IT process. Large-scale changes like the implementation of a new type of firewall. Operational changes, like the firmware upgrade for a virtual host. And don't forget to consider how change impacts your business continuity plans and network diagrams when a major infrastructure change occurs.

Most importantly, do not fear the change control process as it can be as simple as an email describing what is about to be changed and why, or a formal ticket system tracking approvals. Whatever process you choose, it should include keeping a log of what has changed, why, who made the change, and ideally allow key stakeholders to ask questions. Time to get ready for change!

Authored by: Renee Keffer