How to assess Changes

One of the things that I wish was covered in more detail during the ITIL intermediate training is how to properly impact assess Changes. Change Managers are the guardians of the production environment so making sure that all changes are properly assessed and sanity checked is a key part of service delivery. Asses too low and high risk rangers go through unchallenged, assess too high and you block up the process by examining every change no matter how small as if they could kill your organisation.

Here are the things that I look for when assessing a Change:

The Basics:

Title Does it highlight the affected services so that it’s easy to identify in any reports?
Description Is it clear and does it make sense? Sounds basic I know but let’s make it easier for the other people assessing and authorising the Change.
Benefits Why are we doing the Change? Remember, this isn’t just about technology, what about business and financial benefits?
Risk What are the risks in carrying out this Change? Has a risk matrix been used to give it a tangible risk score or is it a case of “reboot that critical server in the middle of the day? Be grand”. Imagine explaining to senior management what went wrong if the Change implodes – have you looked at risk mitigation? Using a formal risk categorisation matrix is key here.  Don’t just assume technicians know what makes a change low risk.  One of the key complaints from the business is that IT does not understand their pain. Creating a change assessment risk matrix IN A REPEATABLE FORMAT should be your first priority as a Change Manager.  If you can’t assess the risk of a change in the same way each time, learning from any mistakes, then you’re not doing Change Management. Period.

Timings:

Scheduling Does the proposed timing work with the approved Changes already on the Change Schedule (CS)? Has the Change been clash checked so there are no potential conflicts over services or resources?
Implementation windows Look at the proposed start and end times. Are they sensible (i.e. not rebooting a business critical server at 9 o’clock on Monday morning)? Does the implementation window leave time for anything going wrong or needing to roll back the Change?
Special considerations Are there any special circumstances that need to be considered? I used to work for Virgin Media; we had Change restrictions and freezes on our TV platforms during key times like the Olympics or World Cup to protect our customer’s experience. If you don’t know when your business critical times are then ask! The business will thank you for it.

The Technical Details:

Service Affected Have all affected services been identified? What about supporting services? Has someone checked the CMS to ensure all dependencies have been accounted for? Have we referenced the Service Catalogue so that business approvers know what they’re authorising?
Technical Teams Affected Who will support the Change throughout testing and implementation? Will additional support be needed? What about outside support from external suppliers? Has someone checked the contract to ensure any additional costs have been approved?
User Base Affected Check and check again. The last thing you want to do is deploy a Change to the wrong area of the business.
Environments Covered What do you mean what environments are we covering? Surely the only environment we need to worry out is our production environment right? Let me share the story of my worst day at work, ever. A long time ago and pre-kids, I worked for a large investment bank in London. A so called routine code change to one of the most business critical systems (the market data feed to our trade floors) took longer than expected so instead of updating both the production and DR environments, only the production environment was updated. The implementation team planned on updating the DR environment but got distracted with other operational priorities (i.e. doing the bidding of whichever senior manager shouted the loudest). Fast forward to 6 weeks later, a crisis hits the trading floor, the call is made to invoke DR but we couldn’t because our market data services were out of sync. Cue a hugely stressful 2 hours where the whole IT organisation and its mum desperately scrambled to find a fix and an estimated cost to the business of over $8 million. Moral of the story? If you have a DR environment; keep it in sync with production.
Licencing Are there any licensing implications? Don’t forget, changes in the number of people accessing a system, number of CPUs, or (especially) the way in which people work (moving from dev to prod) have huge impacts on licences.

Testing:

Pre Implementation Testing How do we make sure the Change will go as planned? Has the Change been properly tested in an appropriate environment? Has the testing been signed off and have all quality requirements been met?
Post Implementation Verification OK; the Change has gone in, how do we make sure everything is as it should be? Is there any smoke testing we can carry out? This is particularly important in transactional services; I once saw a Change that went in, everything looked grand but when customers tried to log in the next day, they couldn’t make any changes in their online banking session. I’ll spare you the details of the very shouty senior management feedback; let’s just say fun was most definitely not had that day. If at all possible; test that everything is working; the last thing you need is a total inability to support usual processes following a Change.

Planning:

Implementation Plan Does it make sense and does everyone involved know what they are meant to be doing and when.  If other teams are involved are they aware and do we have contact details for them? Are there any dodgy areas where we might need check point calls? Do we need additional support in place such as additional on call / shift resource on duty senior manager to mitigate risk? The plan doesn’t have to be fancy; if you need some inspiration I can share some template implementation plans in our members / subscribers area.
Back Out Plan What happens if something goes wrong during the Change? Do we fix on fail or roll back? Are the Change implementers empowered to make a decision or is escalation needed? In that case; are senior management aware of the Change and will a designated manager / decision maker be available? Can the Change be backed out in the agreed implementation window or do we need more time? If it looks like restoration work will cause the Change to overrun; warn the business sooner rather than later so that they can put any mitigation plans / workarounds in place.

Support

What Early Life Support Is Planned? What early Life support is planned? Are floorwalkers needed? Are extra team members needed that day to cope with any questions? Have we got defined exit criteria in place?
Is The Service Desk Aware? Has someone made the Service Desk aware? Have they been given any training if needed? I know it sounds basic but only a couple of months ago; I had to sit down and explain to an engineer why it was a good idea to let the Service Desk know before any Changes went live. Let’s face it; if something goes wrong the Service Desk are going to be at the sharp end of things. And speaking as an ex Service Desk manager (a very long time ago when they were still called Help Desks) there is nothing worse than having to deal with customers suffering from the fallout of a Change that you know nothing about.
Communication Has the Change been comm’ed out properly? Do we have nice templates so Change notification have a consistent look and feel?
SLAs If the business are pushing for a Change to be fast tracked with minimum testing can you ask them to formally acknowledge the risk by relaxing any SLA?

The above list isn’t exhaustive but it’s a sensible starting point. There’s lots of guidance out there; ITIL has the 7 R’s of Change Management and COBIT has advice on governance. What do you look for when assessing Changes? Let me know in the comments!

Image Credit

What Top Athletes and IT Managers Have in Common

14778038774_8286ff5eba_z

For centuries, athletes have shared one common goal: to win. No matter the sport, the best athletes face strict regimens, long hours, setbacks and victories, remaining agile through it all, in order to achieve their goals. Today’s top-performing, globally competitive and increasingly technology driven businesses are no different.

Nowhere is this athletic nature more apparent than in a business’ IT organization. With IT spending expected to reach $3.5 trillion by year’s end, an IT organization carries with it a big prize – one that, based on tools and technologies purchased and deployed, can either support or hinder the business’ overall ability to compete. As such, today’s most strategic IT organizations are adopting new protocols and performance measurements, such as IT service management, to drive efficiency and maximize their value-add to the business. It’s the IT manager’s job to ensure the IT organization has the right people, processes and technology in place so that the organization can meet its business goals.

Similar to how elite athletes approach their strict regimens – with a focus on mindset, health and wellness, training, and performance measurement – these rigorous disciplines can also be applied to how some of the most competitive businesses are getting ahead with seamlessly delivered IT services.

Having the Right Mindset, With the Help of Analytics

For starters, athletes and IT managers alike must encompass discipline and drive to be recognized for their performance. Similar to a top athlete looking to shave off even a tenth of their record time, IT managers must employ the same rigor to drive improvements in their service delivery. But how can the right mindset make IT more effective?

One of the biggest examples of an IT leadership’s mindset shift has been around the adoption of business analytics. While IT has often been the source of intelligence and inspiration for other departments, IT organizations have paradoxically lagged in terms of deploying their own analytics to support service improvement. In this instance, the change came after IT teams watched as other departments deployed analytics solutions and became more effective – much like watching another athlete win, while you’re sitting on the sideline.

Where IT managers traditionally used Excel spreadsheets to track and present their data on project management and operational and financial performance, the new shift in mindset and deployment of analytics has allowed for less time and money to be spent on IT operations and more on innovation that enhances customer experiences and outshines the competition.

Healthy & Wellness: The Drivers of Productivity

The world’s best athletes assess health and wellness by tracking everything from diet, exercise and oxygen levels, using that data to set goals for remaining in their best condition. In an IT organization, it’s the operational dollars that often keep it in top shape. However, it’s also about having access to data that provides a better view of the organization’s strengths and weaknesses to maintain the utmost productivity and justify continued investment.

For example, as part of IT wellness, many IT managers aim to make their service desk more productive by minimizing reassignments, tiering escalations and reducing backlog.

Using data analytics to tackle this effort, IT managers can capture a visual analysis of the data, including outliers to reveal which service desk tickets are going unaddressed and which types of service tickets are creating the highest costs to manage.

Analytics are also increasing productivity by making managers more aware of strong and weak performers within the IT organization, providing detailed insights on who’s cherry-picking easy tickets and who’s slow at resolving business-critical tickets. This enables managers to more effectively guide their staff to proactively route incidents and requests to the right engineers from the beginning – remaining healthy from the start of any IT initiative.

The Benefits of High-Impact Training

Similar to the way athletes follow a regimented training schedule, IT departments must also develop a routine for implementing best practices and procedures. Just as with athletes, when there’s a new procedure or challenge at hand, training typically supports the behavioral change needed for realizing success.

In tracking training programs and success factors, many IT managers have deployed analytics with capabilities to provide regular progress reports on team members and their ability to adapt to the change. In the spirit of competitive nature, some managers even have a visible leader board showing which IT team members have learned the most or developed the furthest on what they’re being trained on, such as a new database technology.

Performance Measurement for Future Success

While IT managers and top-performing athletes share many similarities, it’s the goal of winning that is perhaps the biggest common denominator. For both, measuring performance is critical to future success.

Specifically within IT organizations, the Information Technology Infrastructure Library (ITIL) is one of the main ways IT managers’ standardize their organization’s success to overall business goals. The ITIL framework encompasses processes, procedures, tasks and checklists, allowing the IT organization to establish a baseline from which it can plan, implement and measure against overall goals. It is also used to demonstrate compliance and measure service improvement.

Additionally, the implementation of problem management with IT organizations has helped to identify issues like recurring tickets, supporting IT managers in prioritizing changes and making recommendations that eliminate structural flaws. The result is defined metrics that reflect both successes and areas of improvement – the equivalent to a post-game talk from an athlete’s coach applauding a win but not losing sight of the next big match.

Winning With IT Analytics

For businesses to succeed in increasingly global markets, it’s important that they adopt an almost-athletic posture. Just like athletes, an IT manager’s job is never complete. Managers and athletes alike are competing for limited resources and need metrics to improve performance on an ongoing basis. Particularly within a business’ IT organization, a focus on the right mindset, health and wellness, training, and performance measurement, in addition to the integration of technologies like an analytics platform, will enable any company to remain competitive, with a more clearly defined path for their success.

This article was contributed by Simon King, Sr. Director – Solution Marketing, Numerify.

Image Credit