Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: LKibby
New Today: 49
New Yesterday: 42
Overall: 148235

People Online:
Visitors: 50
Members: 0
Total: 50

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - Missing Changes
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Missing Changes

 
Post new topic   Reply to topic    ITIL Forum Index -> Change Management
View previous topic :: View next topic  
Author Message
lj_180
Itiler


Joined: Nov 07, 2007
Posts: 31
Location: Jersey, C.I.

PostPosted: Wed Feb 20, 2008 7:58 pm    Post subject: Missing Changes Reply with quote

Good morning,

May I ask what procedures people have put into place to identify changes that have NOT gone through the correct Change Management process? I would like, eventually, to report on this.


Thanks,
Davey
_________________
Davey
ITIL SLM Practitioner
(Blue Badge)
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3318
Location: London, UK

PostPosted: Wed Feb 20, 2008 8:08 pm    Post subject: Reply with quote

do you mean undocumented changes

it is hard to catch those because they are undocumented

other than having policies, processes in place to deter this it is diificult

if you are talking about changes that follow the process but not entirely that is what the Post implementationr eview is for
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
UrgentJensen
Senior Itiler


Joined: Feb 23, 2005
Posts: 458
Location: London

PostPosted: Wed Feb 20, 2008 8:30 pm    Post subject: Reply with quote

Hi,

I would suggest that if you hear of a change not going through the correct process you get the culprit to do the documentation after the fact and pull them into the next CAB to explain why. If you've got adherance to processes in your staff's objectives then it'll work.

What do you want to capture about the change? Well it's worth getting them to the documentation in retrospect simply so you can report on all the normal stuff, but add a flag for 'unauthorised' and have a lessons learnt field to give the fundamental reason for the lapse, e.g. lack of training, discipline, third party unaware. That sort of thing so long as you can feed it back into more effective adoption of the process.

In terms of spotting 'black ops' changes well yes it's very difficult in some parts of the infrastructure but I've seen that some desktop management and 'cmdb' products let you do exception reporting. Basically creating a report of anything that's changed from yesterday to today. Personally I'd rather gouge my own eyes out than sift through that every morning...
Back to top
View user's profile
lj_180
Itiler


Joined: Nov 07, 2007
Posts: 31
Location: Jersey, C.I.

PostPosted: Wed Feb 20, 2008 9:59 pm    Post subject: Reply with quote

Thanks for the tips.

I guessed it was going to be a case of just "keeping my ear to the ground". As our organisation is not huge (around 1000 users), I might be interested in looking at exception reporting down the line (maybe once a month, so as to keep the eye gouging to a minimum), so if anyone has any recommendations of products that can do this, it would also be apprecaited.

Thanks,
Davey
_________________
Davey
ITIL SLM Practitioner
(Blue Badge)
Back to top
View user's profile
asrilrm
Senior Itiler


Joined: Oct 07, 2007
Posts: 441
Location: Jakarta, INA

PostPosted: Wed Feb 20, 2008 11:49 pm    Post subject: Reply with quote

Hi,

Maybe you can record or count the undocumented changes in your KPI, if one of your KPI is "number of changes with no RFCs" or similar
Back to top
View user's profile
Skinnera
Senior Itiler


Joined: May 07, 2005
Posts: 121
Location: UK

PostPosted: Thu Feb 21, 2008 4:13 am    Post subject: Reply with quote

We count and report the volume of unathorised Changed when we detect them (usually via a service impact...) but detecting them is the tricky bit!!!

If they go in with no impact, who would ever know that a Change had happened...? Confused
Back to top
View user's profile Send e-mail
asrilrm
Senior Itiler


Joined: Oct 07, 2007
Posts: 441
Location: Jakarta, INA

PostPosted: Thu Feb 21, 2008 11:21 am    Post subject: Reply with quote

Hi Skinnera.
You are absolutely right. It is difficult to detect unauthorized changes at first place. But there should be any audit mechanism that could track documents against reality. By that you could detect any unauthorized change.
The company I work for hasn't come to audit phase in ITIL framework, but currently we have a self developed versioning mechanism that we called "versioning control"

Asril
Back to top
View user's profile
dboylan
Senior Itiler


Joined: Jan 03, 2007
Posts: 189
Location: Redmond, WA

PostPosted: Thu Feb 21, 2008 12:53 pm    Post subject: Reply with quote

One of the best tools for auditing the Change Management process is an accurate CMDB. If the only updates to attributes to CI's are through approved Changes, then auditing the CMDB against the physical state of CI's will show you how well, or poorly, your Change Management process is in maintaining a Controlled state.
Back to top
View user's profile
Ines
Newbie
Newbie


Joined: Mar 21, 2006
Posts: 18

PostPosted: Tue Feb 26, 2008 12:07 pm    Post subject: change audit/exception tools Reply with quote

Davey,

Really depends on the ITSM tool you are using, and what audit tools compliment. For example, my organisation uses Remedy, and my research has identified Tripwire as providing tools that are easily integrated with Remedy.
We currently use Tivoli (for other purposes as well), and Statseeker, but this potentially only identifies a portion and a specific class of unauthorised changes...I am ever the pessimist! Wink
Back to top
View user's profile
asrilrm
Senior Itiler


Joined: Oct 07, 2007
Posts: 441
Location: Jakarta, INA

PostPosted: Tue Feb 26, 2008 1:45 pm    Post subject: Reply with quote

Wow, you really got expensive stuff, although I know tools such as Tivoli could be purchased in a modular basis.
I wonder if my company could provide such tools, we are currently developing with Jira
Back to top
View user's profile
Ines
Newbie
Newbie


Joined: Mar 21, 2006
Posts: 18

PostPosted: Tue Feb 26, 2008 1:58 pm    Post subject: Reply with quote

We're not using tripwire, not sure that we ever will, I just know that it will integrate nicely should we need something more than what we have.
We've had Tivoli for years now, for event management, software dist, backup/restores, inventory scans, and more I'm sure, so it's more than likely cost-effective.
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Change Management All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.