Professional Documents
Culture Documents
IT Management Week 5
IT Management Week 5
IT Management Week 5
2
Major IT Services Failures
3
Change control
Cisco
converter
vpn-ip 2ch voice
Cisco
3640
4 LBW 1750
Optical Mux 128Kbps
16X2 1 BRI
CAR GOLD: 32 Kbps
CAR SILVER: 96 LAN
SWITCH 128Kbps Kbps
4
Situations to consider
• A large trading company is going to implement a new version of the SAP ERP
software that manages its operations (approx. 2000 users)
• An important bank must build and implement a fix for a bug in a critical customer
service application. (4,900 users service 24 x 7)
5
Situations to consider
what is a change?
6
Change control
• The agility and speed required in IT operations should not become an obstacle.
7
Change control
- HW - HW - HW
- SW - SW - SW
- Applications - Applications - Applications
- Data - Data - Data
X X
Segregation of
environments CHANGE
Register RFC -- Change Authority-- EVALUATE AND APROVE---
GO INTO
PRODUCTION
9
Change control
• The person or group of people who is responsable to authorize the change is:
The Change Authority. This can be a team, supervisor, manager, CEO, board,
customer or regulator depending on the nature of the change as well as the
organizational approach and culture.
• The change applies for various types in terms of scope, risk, complexity, etc. It
is essential to assign adequate change authority to each type of change, to
ensure that control is effective and efficient.
10
Type of changes
11
Type of changes
emergency change
• ex: update version of Windows
Server to correct a vulnerability ,
application correction due to
critical functional error, correct
database configuration due to a Change schedule
failure. • It is used to plan changes, communicate
• It needs to be implemented as soon as them to stakeholders, allocate resources,
possible, often to resolve a major and avoid conflicts.
incident or apply a security patch.
• They are not normally included in a • It also helps after the execution of the
change schedule but must be changes, to provide information for
evaluated and approved just like Incident management, Problem
normal changes. This must be done management, planning improvement, etc.
expeditiously to ensure rapid
implementation.
• An ad-hoc change authority must be
designated to manage them. It is a
small group of senior managers, who
can properly assess the business risks
and impacts of change.
12
The Authority of Change
• A group of people who meet regularly • Group of people with authority to make
to approve change requests. urgent decisions.
• They must be in a position to assess
changes from a technical, functional and • It is normally a small group of senior
business needs point of view. managers, who can properly assess the
• Members: change manager, users, business risks and impacts of change.
developers, technical support and
service desk staff, service
administrators, technical consultants,
vendors, etc.
• The composition can vary and have a
regular schedule.
13
Activities: Regular Changes
14
Change Control – SW for registration and control
· Number of changes per period, per CI type, per configuration type, etc.
· Summary of Changes by Reason for Change (Incidents, Problems, Service
Requests, Enhancements, etc.)
· Number of successful changes
· Number of changes rolled back, including the reason: bad evaluation, build,
testing, etc.
· Amount of RFC's, including growth/decrease trend.
· Number of implemented and verified changes. Pending review.
· Incidence of changes by CI: can reveal defects in the CI, needs of users, etc.
· Amount of RFC’s rejected.
· Pending changes, classified by CI.
16
Change control
Cisco
converter
vpn-ip 2ch voice
Cisco
3640
4 LBW 1750
Optical Mux 128Kbps
16X2 1 BRI
CAR GOLD: 32 Kbps
CAR SILVER: 96 LAN
SWITCH 128Kbps Kbps
18
Situations to consider
• The computers mentioned may have several different operating systems, each
with a different version number or release.
• There are plenty of information systems around the company, there can be
various office SW tools, email, etc.
19
Situations to consider
• To implement a server capacity upgrade I need to know its current capacity and
details of its hardware configuration.
• If I want to improve the system architecture availability, I must know its current
configuration.
22
Service Configuration
23
Service Configuration
Planning
c ID
m
Control
s
monitoring
25
Service Configuration - Activities
1. Planning
· The strategy, policies, scope and objectives of the Configuration Management.
· Analysis of the current situation of IT assets and existing configurations.
· The organizational, technical and managerial context in which the activities of
the Configuration Management will be implemented.
· Existing policies for related processes, such as change management and
release management
· Interfaces with projects, suppliers, applications or support groups.
· Processes, procedures, support tools, roles and responsibilities relevant to the
activities of the settings management.
· The location of storage and libraries used to maintain hardware, software, and
documentation.
In this stage, the objectives and key success factors that the CM must achieve are defined.
For example, define what part of the IT infrastructure will be controlled by the CM.
Depending on this, relationships with Problem Management, Change Control, etc. they
will be different The impact on end user activities may also vary.
26
Service Configuration - Activities
27
Service Configuration - Activities
29
Service Configuration - Activities
30
Service Configuration - Activities
31
Service Configuration - Activities
32
Service Configuration - Activities
33
Service Configuration
37