How to avoid Unauthorized change

Discuss and debate ITIL Change Management issues
Post Reply
User avatar
prathap_buna
Itiler
Itiler
Posts: 26
Joined: Sat Jun 09, 2012 8:00 pm

Mon Aug 18, 2014 10:02 am

Hi,

Could anyone guide me how to avoid unauthorized CR at Pre & Post implementation.

Is there any mechanism where we can stop this.


User avatar
Tomek
Itiler
Itiler
Posts: 9
Joined: Mon Aug 04, 2014 8:00 pm
Contact:

Mon Aug 18, 2014 4:21 pm

In general:
* strict Version/Release Control,
* source/binary code repository and
* of course CCB with agreed & signed off by Business approval rules
should help.

BTW. What do you mean by Post/Pre implementation CRs?
User avatar
prathap_buna
Itiler
Itiler
Posts: 26
Joined: Sat Jun 09, 2012 8:00 pm

Wed Aug 20, 2014 12:03 pm

Hi,

I would appreciate if could you elabrate more with suitable instance
User avatar
UKVIKING
ITIL Expert
ITIL Expert
Posts: 3639
Joined: Fri Sep 15, 2006 8:00 pm
Location: London, UK

Fri Aug 22, 2014 4:06 pm

Prathap

A quality Change & Release Management process that is strictly enforced by management will reduce the number of unauthorised work

as if the management is tough enough and fires people for doing unauthorised changes....
John Hardesty
ITSM Manager's Certificate (Red Badge)

Change Management is POWER & CONTROL. /....evil laughter
User avatar
JScratch
Itiler
Itiler
Posts: 12
Joined: Mon Sep 05, 2016 8:00 pm
Location: Minnesota

Tue Sep 06, 2016 3:38 pm

There are various ways of doing this but none of them are fool proof.

If your company has automation in place with any kind of mechanism that prevents unapproved deployments or changes to be made that is full of win. But few companies are to this point yet.

IMO, a super strict CM policy that is actively enforced can work, but can often just as easily work against. Creating a happy medium has worked great for my company. We had a "voice of the customer" customer being anyone who generates change activity to hear directly from them about what they like and hate about the CM policy itself. I'm sure you can guess that it was largely a bi*ch session.

But none the less that worked out VERY well. We took everything down and then reprioritized the concerns by severity and also by the most bang for the buck.

We then took that list and acted on it where we could. Its crucial to note that SOME things could not and would not be changed. They are requirements for a reason. This was not "lets make everyone happy" kind of thing and destroy the process altogether. This was lets make things better. We ended up streamlining a lot of things that were found to be redundant or "its this way because we just always did it this way".

In the end we came out with a better CM policy and by taking a huge number of our customers along for the ride and letting them drive conversations and such they felt better about CM too, and in turn adhere to the CM policy much, much better.

Another key ingredient is repercussion. If there is no repercussion for doing unauthorized changes then why would anyone feel they need to follow it right?

hope this helps.
Josh - Senior Change Manager - Minnesota
Post Reply