Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· FAQ
· Feedback
· Forums
· Search
· Statistics
· Surveys
· Top
· Topics
· Web Links
· Your_Account

Current Membership

Latest: Alba8766j
New Today: 50
New Yesterday: 97
Overall: 149999

People Online:
Visitors: 46
Members: 3
Total: 49 .

Languages
Select Interface Language:


Major ITIL Portals
For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone

Related Resources
Service related resources
Service Level Agreement
Outsourcing

Note: ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.


The Itil Community Forum: Forums

ITIL :: View topic - How to handle database record changes?
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

How to handle database record changes?

 
Post new topic   Reply to topic    ITIL Forum Index -> Change Management
View previous topic :: View next topic  
Author Message
tarekghaddar
Newbie
Newbie


Joined: Nov 17, 2009
Posts: 4

PostPosted: Wed Nov 18, 2009 2:17 am    Post subject: How to handle database record changes? Reply with quote

Hi,
I don't know how to handle abnormal database entries.
In my company there's a difference between changing the database structure or application data regard of changing abnomaly records.
I try to explain better.
Ofter we recieve requests for changing invaldi entries in production. Let's say a wrong name written or a wrong address and that you can't change from the application frontend. I don't want to discuss the application limit now, I want to understand how to handle this type of request.
The process now is:
- the end user opens a ticket
- the developer works the ticket typically by creating an sql script
- a request to make this change in production is done to che change manager
- the change manager asks the dba to run these scripts

Usually we have to do this 4-5 times a day. Does this type of request exist in ITIL? If so how are they named and managed? I know there's a problem behind this but now I need to manage this kind of requests.
Are they handled as normal changes like modifying an application or modifying the database structure?
I want to find a way to distinguish them.

Please advice.
Thanks in advance,
Tarek
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3321
Location: London, UK

PostPosted: Wed Nov 18, 2009 2:40 am    Post subject: Reply with quote

it is called a data fix

What does your cm process say about data fixes ?
How are they controlled ?

if your process says this is a operational issue, then that is all it is

IF however, it is managed/controlled via change, then it is controlled/managed via change control
which means

tested in a non prod environment (usually a clone of prod) to see if the fix works
then after the testing is satisfactory

If there is no CM process documentation - get it down

if your cm process states that all changes must be tested by bozo the clown while wearing a live chicken on the head, then all testing by bozo must have a chicken
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
tarekghaddar
Newbie
Newbie


Joined: Nov 17, 2009
Posts: 4

PostPosted: Wed Nov 18, 2009 2:58 am    Post subject: Reply with quote

Thanks John.
Actually there is no process for this kind of requests so we're going to implement it now.
So for ITIL they are data fix. And how should be these treated for ITIL?
Back to top
View user's profile
SwissTony
Senior Itiler


Joined: Feb 26, 2009
Posts: 118
Location: Geneva

PostPosted: Wed Nov 18, 2009 3:08 am    Post subject: Reply with quote

The answer is it depends on how you define it.

As John said in his post: "if your process says this is a operational issue, then that is all it is."
Back to top
View user's profile
tarekghaddar
Newbie
Newbie


Joined: Nov 17, 2009
Posts: 4

PostPosted: Wed Nov 18, 2009 3:29 am    Post subject: Reply with quote

There is no process, it's new, to be implemented. I'm asking suggestions on this. Usually these scripts modify data that are only in production so can't be tested in UAT.
Thanks again.
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3321
Location: London, UK

PostPosted: Wed Nov 18, 2009 4:33 am    Post subject: Reply with quote

tarak

you are not readfing my response correctly

ITIL does not say a thing about data fixes

YOU DO or YOU DONT

Where I am now, all back end data scripts fall under change control
as we have a production clone environment, data fixes can be tested in the non production environment

if you change data using automatic scripts - via the back end, this should be control
if the business user changes data from the front end.. this is controlled via his business front end processes

In order to be sox compliance, all things done to production must be tested in a non production environment - code deployment, data fix, mass updates etc

while it is true for some data fixes, you cant test the data but you can test the process used to execute the data and see whether it only does what it says

My last question - have you had any training in ITIL v2 or v3 ? If not, and based on your posts so far, I dont think you have. get the training and read the books

Also, the books are not literal books. they are guidelines and best practice
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
DYbeach
Senior Itiler


Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia

PostPosted: Wed Nov 18, 2009 8:06 am    Post subject: Reply with quote

ITIL isn't goint to tell you, and the forum can't.
If I were you I would get agreement about how a data change should be treated and then update the process document and communicate the information.
It depends on so many things - the nature of your organisation and the data that is being changed, for example how sensitive it is and what the implications and impact of data changes are.
Sometimes ITIL lets you be God. Just enjoy it.
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)

"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell
Back to top
View user's profile Send e-mail
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3321
Location: London, UK

PostPosted: Wed Nov 18, 2009 6:05 pm    Post subject: Reply with quote

DY expressed t perfectly

You must define it - as a) a change b) an operational piece work that is not a change

but... you must look at the process as a whole

and as the change manager, - ITIL does give me the power
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
tarekghaddar
Newbie
Newbie


Joined: Nov 17, 2009
Posts: 4

PostPosted: Wed Nov 18, 2009 7:36 pm    Post subject: Reply with quote

Thanks all for the help.
I thought this kind of things were treated by ITIL but as I understood from your replies they aren't treated so I will implement it as better as I think.
Thanks again for your help.
Tarek
Back to top
View user's profile
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3321
Location: London, UK

PostPosted: Wed Nov 18, 2009 8:06 pm    Post subject: Reply with quote

tarek

get the itil training / books as soon as
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
Diarmid
Senior Itiler


Joined: Mar 04, 2008
Posts: 1884
Location: Newcastle-under-Lyme

PostPosted: Wed Nov 18, 2009 8:10 pm    Post subject: Reply with quote

The data is the province of the customer, IT provides the vessel and the engine.

If incorrect data is arriving in the system several times a day then the big issue is the application, not the service. there is a mismatch between the level of data validation and the skill/knowledge of those submitting the data. If this is fixable by improved software or improved training, or both then that needs to be done. If it is not fixable in this way then it would probably be a good idea to develop a good repair application for the users to use themselves.

Either way, the involvement of IT services depends on what your contractual obligation is wrt the provision of the application software. Ideally you should be no more than a conduit through to the application provider's support arm. and these incidents should be identified as application functional issues rather than service incidents.

In the "normal", far muddier, reality you will find yourselves involved and probably in the firing line. Nevertheless, if you think of the processes in the way I have described, then you will come to a clearer resolution. If nothing else, this will ensure that you retain the focus that the data is not yours and any changes you make to it must be very explicitly requested by the customer, through an authorised channel.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718


Last edited by Diarmid on Tue Mar 09, 2010 4:47 am; edited 1 time in total
Back to top
View user's profile Send e-mail
clb7
Newbie
Newbie


Joined: Dec 02, 2009
Posts: 3

PostPosted: Thu Dec 03, 2009 10:23 am    Post subject: Reply with quote

Hi Tarek,

Not sure if this helps you but having previously worked in IT audit, I have seen a number of clients of mine having difficulty in controlling and monitoring changes made directly to databases. As a result, I've been developing a web based application called claRelease with the following workflow:
- developer creates the sql script and submits it for approval
- once all approvals have been received (i.e. peer reviewer, change manager, business user), claRelease will automatically deploy the sql script
- once deployed, relevant stakeholders can provide post-implementation approval before the data change is closed off.

We're almost ready for our first release and are currently trialling the product at a few places, let me know if you're interested in giving it a go, would be more than happy to assist and give you advice from an IT auditor perspective.

Sorry if this sounds a bit sales pitchy, just hoping we might be able to be of mutual benefit!
_________________
Justin Yoon
Director - CLB7
Back to top
View user's profile Send e-mail Visit poster's website
UKVIKING
Senior Itiler


Joined: Sep 16, 2006
Posts: 3321
Location: London, UK

PostPosted: Thu Dec 03, 2009 6:58 pm    Post subject: Reply with quote

Justine

It is sales pitch - not blatent but a saes pitch

My first question generic is

why have a tool when the CM process , work load tool and a DBA team will do the same thing ?

With this tool you are replacing staff with a non brainer tool

My first question about using such a tool as a Change manager

1 - where is the audit trail
2 - how can the tool back out work
3 - how can the tool's processes be tested
4 - does not tools like TOAD, SQL+ and other db tools do the same thing
5 - why should I pay for a tool to do what I expect DBAs to do ? Is this going to replace my DBAs ?
6 - does it work with mySQL, Oracle, Sybase, Microsoft SQL, db2, etc

BTW: I dont like tools that merely try to replace the person
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
Back to top
View user's profile
clb7
Newbie
Newbie


Joined: Dec 02, 2009
Posts: 3

PostPosted: Thu Dec 03, 2009 10:35 pm    Post subject: Reply with quote

Hi John,

First of all sorry. I posted publicly because I couldn't find an email address to contact Tarek directly (but I did try to tone the post down). However I am grateful for your response as receiving feedback will ensure I only sell a product that helps organisations.

Now, in response to your questions, let me start by saying that while this application will not be for everyone, it was built based on feedback from IT managers, business users, DBAs and auditors from organisations of different sizes and industries.

Quote:
why have a tool when the CM process , work load tool and a DBA team will do the same thing ?

claRelease is not meant overlap or replace, but integrate and assist. In the end, we're trying to: (a) simplify audits - reduce audit issues of insufficient evidence of approvals, direct developer access to production databases, or lack of proof that the sql tested is the same as what was implemented into production; and (b) free the DBAs to fulfil the rest of their responsibilities while giving them oversight over all changes.

1. where is the audit trail
All changes, sql, approvals (or declines), and results will be stored in claRelease. This is good for organisations who don't turn on database logging due to space/resource overload.

2. how can the tool back out work
For failed sql scripts, these will be automatically backed out. However if partial changes have been made, a new change needs to be created (note the database output is retained to help investigate the impacts). If you have a better way to address this, would love your input!

3. how can the tool's processes be tested
Not sure if I understand your question correctly but I'll try. The tool should be used to implement changes into the test environment first, so you can feel comfortable that it will work in production.

4. does not tools like TOAD, SQL+ and other db tools do the same thing
If the IT managers and risk managers are fine with the CM process, then that's great. However we're more about keeping a record of all sql implemented and giving peace of mind that all changes made were approved.

5. why should I pay for a tool to do what I expect DBAs to do ? Is this going to replace my DBAs ?
We want DBAs to write great sql with confidence that their script has the approval of everyone. It doesn't replace what they do, only makes their job and the CM process easier.

6. does it work with mySQL, Oracle, Sybase, Microsoft SQL, db2, etc
In it's first release, it will work with mySQL, Oracle, MS SQL. We want to get Sybase and DB2 integration soon after. However more will be added as we progress and they get requested. We want to integrate with as many DBs as we can so you have a single source of database change releases with audit trail.

Let me know if you have any other questions or advice.
_________________
Justin Yoon
Director - CLB7
Back to top
View user's profile Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    ITIL Forum Index -> Change Management All times are GMT + 10 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Powered by phpBB 2.0.8 © 2001 phpBB Group
phpBB port v2.1 based on Tom Nitzschner's phpbb2.0.6 upgraded to phpBB 2.0.4 standalone was developed and tested by:
ArtificialIntel, ChatServ, mikem,
sixonetonoffun and Paul Laudanski (aka Zhen-Xjell).

Version 2.1 by Nuke Cops 2003 http://www.nukecops.com

Forums ©

 

Logos/trademarks property of respective owner. Comments property of poster. Rest 2004 Itil Community for Service Management & Foundation Certification. SV
Site source copyright (c)2003, and is Free Software under the GNU / GPL licence. All Rights Are Reserved.