Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: RZgv
New Today: 14
New Yesterday: 76
Overall: 143352

People Online:
Visitors: 73
Members: 1
Total: 74 .

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - Detection of uncontrolled changes
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Detection of uncontrolled changes

 
Post new topic   Reply to topic    ITIL Forum Index -> Change Management
View previous topic :: View next topic  
Author Message
changeborg
Itiler


Joined: Jul 15, 2009
Posts: 40
Location: United States

PostPosted: Thu Oct 15, 2009 2:30 am    Post subject: Detection of uncontrolled changes Reply with quote

We are working on a massive global expansion of our change process at the same time we are working on some major improvement steps for the overall process. One of the questions that has come up on multiple occasions is what steps are we taking to track and eliminate illicit changes, or rather those changes which occur off the books and outside the process. Overall I believe we have a good compliance rate but being realistic, I also know there are things happening outside the process and are essentially invisible to us unless they go absolutely pear shaped.

I'm curious what other groups are doing to not only track these sorts of changes but to keep it from occurring in the first place. Due to the massive size of our organization and the politics I don't think we can restrict access to the level we would like but am sure there are other options. One we have discussed is making compliance with the process a required portion of their yearly bonus to help encourage the overall usage of the process.
Back to top
View user's profile
DYbeach
Senior Itiler


Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia

PostPosted: Thu Oct 15, 2009 9:22 am    Post subject: Reply with quote

I have advocated the placement of gallows or at least stocks in the cafeteria, but have not as yet received budget for this incentive
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)

"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell
Back to top
View user's profile Send e-mail
Diarmid
Senior Itiler


Joined: Mar 04, 2008
Posts: 1884
Location: Newcastle-under-Lyme

PostPosted: Thu Oct 15, 2009 5:12 pm    Post subject: Reply with quote

Bonus? Try changing base salary by -5% whenever you catch them - "eye for an eye" method.

Education can be useful: tell everybody that the organization's rules, regulations and procedures are for following, not flouting. Also make sure everyone understands what change management is for.

Well designed time sheets can help if that is within your culture, but probably not for changes that only take a few minutes to execute.

You cannot actually track unauthorized changes, but you can detect them. You will detect them when another change is being actioned in the same area. You will detect them when they have unexpected consequences - that gives you a good excuse to come down hard. You will detect them through audits You need to do some kind of audit to confirm your compliance rate).

When you catch someone, have them do a presentation to the management team on how they ensured that the change they effected was safe, appropriate, able to be regressed, did not unduly impact on service, how they assessed the risk, how they informed everyone that might be affected, how they ensured it was not conflicting with another change, how they ensured that other staff were enabled to avoid doing anything that conflicted with their change, where they obtained budgetary authority to expend their time on that change, how they ensured that the CMDB was up to date, and about fifty other things just to be thorough.

Sometimes techies complain that CM is a waste of time for "minor" changes. Ask them to come up with slicker processes that ensure effective change management. When they fail that test, they have no excuses left.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718
Back to top
View user's profile Send e-mail
SwissTony
Senior Itiler


Joined: Feb 26, 2009
Posts: 118
Location: Geneva

PostPosted: Thu Oct 15, 2009 6:37 pm    Post subject: Reply with quote

Within the company I currently work for if the change process is knowingly circumnavigated, or parts of it cut (eg implementing prior to full approval) then the RFC owner has a non-conformance raised against them and the change.

They are then expected to stand infront of senior management to explain the situation, & reasoning (this usually provides a good 'stick' method) & training is then provided to document that the person/s is fully aware of what should be done to prevent future f@@k ups.

But as with your company, I am sure that there a still numerous minor changes made by the tech ops guys that never come to light. By monitoring the origins of all changes (departments / teams) it can be apparent when certain teams that you would expect from their work to be creating RFCs on a regular bases have little or non showing in this type of report.
Back to top
View user's profile
Timo
Senior Itiler


Joined: Oct 26, 2007
Posts: 295
Location: Calgary, Canada

PostPosted: Fri Oct 16, 2009 3:43 am    Post subject: Reply with quote

I really like that approach of having a techie standing in front of the management group explaing what they have done to eff up the change. Smack! Smack!

Thank you for this useful technique.
Back to top
View user's profile
Ed
Senior Itiler


Joined: Feb 28, 2006
Posts: 411
Location: Coventry, England

PostPosted: Fri Oct 16, 2009 4:36 pm    Post subject: Reply with quote

Diarmid

I just love the idea of a presentation to management, and of course the final question is always:- If they have enough info to do a presentation, why didn't they put all of it into a Request For Change?

Superb!!!!!
_________________
Regards

Ed
Back to top
View user's profile
changeborg
Itiler


Joined: Jul 15, 2009
Posts: 40
Location: United States

PostPosted: Wed Oct 21, 2009 5:10 am    Post subject: Reply with quote

I too like the smack method and in my particular region I sit in, is a method that is used although not quite in such a formalized method. It's usually a one on one smacking. They also will receive a reduction in bonus by circumventing the process (at least those caught) and a few have received formalized HR write-ups which is highly rare in our organization.

I'm curious for the two of you who make them stand up in front of management, do you work for a global organization? In ours, we are very global with silo'd internal groups. The most difficult part is sitting in the Northern Hemisphere and trying to lay the smack down on someone sitting in the South.
Back to top
View user's profile
Anticlue
Newbie
Newbie


Joined: Sep 29, 2009
Posts: 10
Location: Jacksonville, FL, USA

PostPosted: Wed Oct 21, 2009 10:51 am    Post subject: Reply with quote

Hi,

I agree with Diarmid on the education. When reviewing the policy, perhaps also it would be wise to include audit requirements around change management and segregation of duties. It sounds like with the unauthorized changes your organization can have a finding.

Hope this helps,
Elyse
_________________
Collaboration is the key to success!
Back to top
View user's profile Visit poster's website
DYbeach
Senior Itiler


Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia

PostPosted: Wed Oct 21, 2009 11:19 am    Post subject: Reply with quote

changeborg wrote:
The most difficult part is sitting in the Northern Hemisphere and trying to lay the smack down on someone sitting in the South.


I live in the Southern Hemisphere and could inflict violence on your behalf if the price was right Twisted Evil
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)

"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell
Back to top
View user's profile Send e-mail
changeborg
Itiler


Joined: Jul 15, 2009
Posts: 40
Location: United States

PostPosted: Wed Oct 28, 2009 2:44 am    Post subject: Reply with quote

DYbeach wrote:
I live in the Southern Hemisphere and could inflict violence on your behalf if the price was right Twisted Evil


DYbeach - yes we have been threatened with that in the past. I've always wanted to go down to our offices there in your fine country however am convinced I'll end up coming home in a body bag Laughing
Back to top
View user's profile
DYbeach
Senior Itiler


Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia

PostPosted: Wed Oct 28, 2009 8:41 am    Post subject: Reply with quote

Don't believe it.
Rumour has it that some of us are almost civilised.
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)

"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell
Back to top
View user's profile Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Change Management All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.