For general information and resources, ITIL and ITSM World is the most well known for both ITIL and ITIL Books. A shorter snapshot approach can be found at ITIL Zone
Note: ® ITIL is a registered trademark of OGC. This portal is totally independent and is in no way related to them. See our Feedback Page for more information.
The Itil Community Forum: Forums
ITIL :: View topic - Some questions about Risks on IT Changes
Posted: Wed Mar 29, 2006 12:11 pm Post subject: Some questions about Risks on IT Changes
Hi Guys!
I've been studying ITIL Change Management process and now I have some questions to do about Changes and how Change Managers work in the real world.
I believe that Change Managers uses some informations to organize and estimate how and when they will do the Change. I think that one of those informations is Risk. (Risk, in my point of view, is the probability of something goes wrong during the change process).
I would like to know from you, guys, How a Change Manager estimate the risk of a Change? He uses some metrics, like complexity or number of people affected by the change? Are those metrics correct, or exists another metrics to estimate the Risk?
Another point is What the Change Manager do knowing the Risk associated with the Changes? He uses the risk to Prioritize the Changes? He uses the risk to estimate the maximum number of changes that he can do in a Change Window (for example, he will do a number of changes that the sum of its risks cannot be higher than 1000) ?
This questions have been taking off my sleep
Any answers or suggestions are very welcome. (and sorry about my bad english)
Joined: Feb 28, 2006 Posts: 411 Location: Coventry, England
Posted: Fri Mar 31, 2006 12:07 am Post subject:
It's not only during the change that risk occurs - the Change itself could pose risks to the business after implementation. If I, as a Change Manager, see a risk I am uncomfortable with, then I would refuse the Change. I look to ensure that sufficient mitigation is in place to give me a measure of comfort. All of the items you have mentioned come into play - I dislike multiple changes on the same area of a system on the basis that it is easier to recover from a single instance. The reason for the Change also factors in - If the system is broken therefore we need a fix now. Here sometimes I will accept a risk, as without a system I have no business.
This all comes with experience, better to err on the side of caution if at all in doubt. As a Change Manager remember you are a Gate Keeper protecting the production environment from all shocks and failures.
Posted: Fri May 19, 2006 4:41 pm Post subject: Standard Changes and risky ones
In our organisation we built a Standard Change List. Changes on this list has also Work Instructions developed. Risk is well known and mitigation or contingency solutions are put into WIs.
For major Changes we need risk analysis (regret we do only overview of impact analysis), when person responsible for preparing a Change is stating Risks and suggested mitigation and reaction to this risk.
Monitoring ways (and reporting) is to be prepared before.
Also back out plan is required. After that Change is scheduled (in most cases with tests before).
Big Changes are divided into batches (e.g. new Office deployment) to minimize risk. Also Change Freezes are in use when we don't know the exact impact.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
Forum FAQ
Search
Usergroups
Profile
Log in to check your private messages
Log in
