Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: AQom
New Today: 3
New Yesterday: 55
Overall: 148125

People Online:
Visitors: 56
Members: 0
Total: 56

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ® ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - can patch mgmt be included in change control
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

can patch mgmt be included in change control

 
Post new topic   Reply to topic    ITIL Forum Index -> Change Management
View previous topic :: View next topic  
Author Message
vabs
Newbie
Newbie


Joined: Jul 15, 2013
Posts: 5

PostPosted: Mon Jul 15, 2013 9:34 pm    Post subject: can patch mgmt be included in change control Reply with quote

Hi all,

Could you please advice if the Patch mgmt shuold be included in change control wherein the requestor needs to raise a change every time for a patch request.

Regards
Vabs
Back to top
View user's profile
Fang
Newbie
Newbie


Joined: Sep 17, 2012
Posts: 13

PostPosted: Tue Jul 16, 2013 10:55 pm    Post subject: Reply with quote

Its up to you really! If tracking patches is important to your organisation, then make sure its included in your Change Management process.

We expedite security patches as 'pre-approved' changes, but scrutinise other patches at CAB, asking for evidence of testing, back out strategies etc.
Back to top
View user's profile
vabs
Newbie
Newbie


Joined: Jul 15, 2013
Posts: 5

PostPosted: Wed Jul 17, 2013 11:25 pm    Post subject: Reply with quote

Thanks Fang, But how can you make a security patches as pre-approved changes. These patches require server reboot and any change with outage can not be made as standard change.

Actually I was in the view that if we include the patched in change management process, then we will require extra hands to manage the patch requests..What do you say.. Is there any way we can mange these without extra hands..
Back to top
View user's profile
Fang
Newbie
Newbie


Joined: Sep 17, 2012
Posts: 13

PostPosted: Thu Jul 18, 2013 7:39 pm    Post subject: Reply with quote

ITIL is a set of guidelines and best practice, not a rule book. We allow our version of standard changes (called Routine Pre-Approved changes) to have a small impact on users.

We define our Routine Pre-Approved changes as changes that are regularly carried out, are low risk and have little impact on supported users. When a change is required that is known to have a visible impact on supported users it will go through Normal CAB approval process.

Routine Pre-Approved changes have the following characteristics:
• They follow an established, well proven path
• Have a defined trigger that initiates the change request for a pre-Approved change
• There is an approved set of procedures that must be followed for the change to be deemed approved
• They are relatively common
• They are the accepted solution to a specific requirement or set of requirements

So there is a clearly defined subset of pre-approved changes, which are performed by our Security group only. Server re-boots are very short, and unless there in an on-going security issue that needs patching/sorting NOW (in which case it’s an Emergency change) then the patches are put on when the re-boot shouldn’t affect too many users.

I am a Change Management team of one – so there are no extra hands. The Security staff are responsible for the security patches, once the procedure to do them has been scrutinised and approved by CAB.
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3320
Location: London, UK

PostPosted: Fri Jul 19, 2013 2:22 am    Post subject: Reply with quote

Fang is absolutely correct

He has defined the classification for CM / CAB involvement and not

The operation team has deifined a prcocess in line with his defintions.

Fang has - I presume - had a CM review of the process, as well as a test - based on his criteria - approved / define the patch mgmt process for certain types of patches as he has

It is under change control
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Change Management All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops © 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest © 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.