| View previous topic :: View next topic |
| Author |
Message |
procman
Newbie
Joined: Nov 18, 2009
Posts: 9
|
 Posted: Fri Nov 20, 2009 6:13 pm Post subject: preapproved changes |
 |
|
| Are preapproved Changes being used by anyone? and if so for what types of Change activities? ie regularly scheduled activities like security patching, vulnerability scanning etc. |
|
| Back to top |
|
 |
Diarmid
Senior Itiler
Joined: Mar 04, 2008
Posts: 1883
Location: Newcastle-under-Lyme
|
| Posted: Fri Nov 20, 2009 7:11 pm Post subject: |
|
|
Think of pre-approved changes as being activities involving changes that can be effectively controlled and expedited without recourse to the general change management process which involves a certain amount of investigation and assessment and requires a planning process before applying the changes.
These will be things for which you have comprehensive procedures in place that to describe the how and what and for whom and by whom and when and that ensure the change element is fully managed to conform to the policies and needs of your organization.
Logically they will be things that you do many times (else why go to the bother of developing bespoke procedures for them?) and that have well understood impacts and effects on the infrastructure, the services and the customers/users.
I don't think anyone should go about looking for candidates to set up as pre-approved changes, but rather that activities that meet the criteria should scream out to be handled in this way as part of service improvement.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718 |
|
| Back to top |
|
|
UKVIKING
Senior Itiler
Joined: Sep 16, 2006
Posts: 3116
Location: London, UK
|
| Posted: Fri Nov 20, 2009 7:18 pm Post subject: |
|
|
To add to Diarmid's
If there is a change that went to the board six times (say) in a month where the exact piece of work is done over and over etc
where the risk and impact are known
where the back out and back up plans are known
where there is a documented process procedures work instructions on what to do
then the board may decide... We are tired of seeing this one.. this is now a std change as long as everythign remains the same
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)
Change Management is POWER & CONTROL. /....evil laughter |
|
| Back to top |
|
|
Murphysbone
Newbie
Joined: Jul 24, 2008
Posts: 13
Location: Newbury
|
| Posted: Mon Nov 23, 2009 11:20 pm Post subject: |
|
|
Similar approach to others here, I work for a Global Mobile Comms company, approx 50% of all changes made are Standard or Pre Approved.
If it can be proven that a particular RFC has been applied on three previous occasions, has been incident free, does not cause a service outage, is considered low or no risk, and the deployment steps will always be the same. Then these can be submitted to the CAB for consideration. If approved, that chnage is then templated within the Service Management tool and can be then be selected and used via it's UID
Examples include...
Physical site surveys
Extension of DB file systems
creation of new filesystems
Security patches
Hot swap components
Maintenance work on resilient clusters (no critical systems)
Could go on as there are literally 1000's, We/I actually look for likely candidates as it saves the change and support teams significant resource overhead as it is the most efficient use of the actual change process. Allows us much more focus on Major changes.
Cheers. |
|
| Back to top |
|
|
procman
Newbie
Joined: Nov 18, 2009
Posts: 9
|
| Posted: Tue Nov 24, 2009 12:57 pm Post subject: |
|
|
Murphysbone, you mention security patches as an example of an activity which might qualify as a preapproved Change. What about regularly run /automated vulnerability scans?
I am curious to know whether others would agree with the list provided by Murphysbone or have other examples. Our Change Management processes do not allow for preapproved Changes at this time and I am attempting to understand what is being done by other organizations regarding this issue. thanks |
|
| Back to top |
|
|
UKVIKING
Senior Itiler
Joined: Sep 16, 2006
Posts: 3116
Location: London, UK
|
| Posted: Tue Nov 24, 2009 4:46 pm Post subject: |
|
|
procman
a scan does not change anything
it is a operational task
_________________
John Hardesty
ITSM Manager's Certificate (Red Badge)
Change Management is POWER & CONTROL. /....evil laughter |
|
| Back to top |
|
|
Diarmid
Senior Itiler
Joined: Mar 04, 2008
Posts: 1883
Location: Newcastle-under-Lyme
|
| Posted: Tue Nov 24, 2009 7:31 pm Post subject: |
|
|
| procman wrote: | | I am curious to know whether others would agree with the list provided by Murphysbone. |
It would be hard to agree or disagree with the list without knowing his organization and what it does and how it does it etc.
Although you may find certain some pre-approved changes to be commonly identified across many organizations, it is absolutely the case that you have to consider your own circumstances first. If you try to shoehorn in a particular instance because it seems obvious and others do it then you could be piling up trouble for later.
Also, don't forget that the contributors to this site are self-selecting and so it is dangerous to make assumptions about how representative the responses are.
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718 |
|
| Back to top |
|
|
Murphysbone
Newbie
Joined: Jul 24, 2008
Posts: 13
Location: Newbury
|
| Posted: Tue Nov 24, 2009 7:49 pm Post subject: |
|
|
Procman, The Company I work for has many defined pre approved changes, however as mentioned by Diarmid, they really must fit in with your own industry/change strategy/risk assesment.
I work in the mobile telecoms world so we do vast numbers of highly technical change, we therefore select as many low risk changes to be of Pre Approved status as we can. This is to see the wood for the trees sometimes.
If a PA change is subsequently found to be the cause of an incident, then that status is revoked pending further review. |
|
| Back to top |
|
|
procman
Newbie
Joined: Nov 18, 2009
Posts: 9
|
| Posted: Wed Nov 25, 2009 10:05 am Post subject: |
|
|
| Thank you all. I think I have my answer. Preapproved Changes are allowed in most organizations however what and how they are implemented is organization specific based on individual requirement. The answer I was looking for is that the use of them is an option and there is no 'control' within ITIL which states that they can not be used if they are a fit for a particular situation. |
|
| Back to top |
|
|
procman
Newbie
Joined: Nov 18, 2009
Posts: 9
|
| Posted: Wed Nov 25, 2009 10:06 am Post subject: |
|
|
| Thank you all. I think I have my answer. Preapproved Changes are allowed in most organizations however what and how they are implemented is organization specific based on individual requirement. The answer I was looking for is that the use of them is an option and there is no 'control' within ITIL which states that they can not be used if they are a fit for a particular situation. |
|
| Back to top |
|
|
Diarmid
Senior Itiler
Joined: Mar 04, 2008
Posts: 1883
Location: Newcastle-under-Lyme
|
| Posted: Wed Nov 25, 2009 7:29 pm Post subject: |
|
|
| procman wrote: | | Thank you all. I think I have my answer. Preapproved Changes are allowed in most organizations however what and how they are implemented is organization specific based on individual requirement. |
That is a fair summary.
| procman wrote: | | The answer I was looking for is that the use of them is an option and there is no 'control' within ITIL which states that they can not be used if they are a fit for a particular situation. |
There are no controls in ITIL and there are absolutely no prohibitions in ITIL. It is guidance. To paraphrase yourself, how service management is implemented is organization specific based on individual requirement; and that is what ITIL says. It never says that you need to do it this way or you are rubbish. It never says this way is best for you; it only says this way has been proved to work somewhere (and possibly lots of places).
_________________
"Method goes far to prevent trouble in business: for it makes the task easy, hinders confusion, saves abundance of time, and instructs those that have business depending, both what to do and what to hope."
William Penn 1644-1718 |
|
| Back to top |
|
|
S_B
Newbie
Joined: Dec 02, 2009
Posts: 9
|
| Posted: Fri Dec 04, 2009 9:53 am Post subject: |
|
|
I guess my first post didn’t make it up.. oh well.. 2nd try.
I have a question! With your pre approved or standard changes, how do you link them to the original pre approved change?
Said changes are given Pre/Stnd approval, you still give them a change number (id, etc... whatever), they don’t go to CAB, but still, Do you hunt down the original number, or just log and approve (cause as CM you know best)  |
|
| Back to top |
|
|
DYbeach
Senior Itiler
Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia
|
| Posted: Fri Dec 04, 2009 10:12 am Post subject: |
|
|
S_B
think templates.
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)
"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell |
|
| Back to top |
|
|
S_B
Newbie
Joined: Dec 02, 2009
Posts: 9
|
| Posted: Fri Dec 04, 2009 10:20 am Post subject: |
|
|
Mmmm templates....
Do you still give it a unique id or just a flow on .1, .2, .3 + so on number.
Maybe cause i lock my templates i am causing myself heartache. |
|
| Back to top |
|
|
DYbeach
Senior Itiler
Joined: May 25, 2008
Posts: 413
Location: Sydney, Australia
|
| Posted: Fri Dec 04, 2009 6:47 pm Post subject: |
|
|
Can't give a generic answer, sorry. My guess is it would depend on the tool.
_________________
DYbeach
ITIL V3 Release, Control & Validation,
ITIL V3 Operation SUpport & Analysis
PMI CAPM (R)
"In times of universal deceit, telling the truth will be a revolutionary act." George Orwell |
|
| Back to top |
|
|
|
Forum FAQ
Search
Usergroups
Profile
Log in to check your private messages
Log in
