Change management ITSM defined
Wondering what ITSM change management is? When it comes to IT service management, change management ITSM is a discipline aimed at standardizing processes and methods for efficiently dealing with changes to control IT infrastructure. This helps to reduce the occurrences and impact of service-related incidents.
Issues or other internal and external requirements like legislative changes or service improvement initiatives can trigger the need for infrastructure changes. When these triggers occur, change management can ensure standardized methods, processes, and procedures help to facilitate efficient and timely handling of all changes and maintain the right balance between the need for change and the potential detrimental impact of changes.
Below you will find practical definitions for participant roles, types of changes, and risk levels used by many organizations when establishing an ITSM process at the enterprise level.
Roles and responsibilities
- Change requestor: Is responsible for all aspects of documenting, planning, testing, and executing change requests. They verify the success of the implementation and know what to do if a failure occurs. The change requestor communicates with all stakeholders, and shepherds change requests for approval.
- Change reviewer: Reviews the change submitted for completeness, validity, and accuracy. They ensure business justification, change tasks, and plans are accurately populated. The change reviewer approves the change during the request for authorization.
- Change manager: Provides the first level of approval, they might add additional levels of approval based on the potential risk or impact. They are responsible for managing and coordinating all activities necessary to control, track, and audit changes. The change manager is also responsible for resolving conflicts and facilitating Change Advisory Board meetings.
- Change approver: Ensures the change will meet the customer’s needs and that the customer has accepted the change. The approver ensures the request includes all required documentation. They also review the testing plan for completeness and communicates with all stakeholders as required.
- Change implementer: Executes the change implementation tasks and verifies that they are completed. They work through the entire ITSM Process to ensure only approved tasks are executed and only within the approved start and end times. When necessary, the implementer escalates any issues that arise and communicates all task outcomes.
Types of changes
- Standard – Low impact, most often these are frequent changes that experienced implementors execute without fail. These could potentially be pre-approved with no additional approvers required.
- Normal – Changes that must follow a typical change review/approval process in full, including all documentation, risk analysis, scheduling, and approvals. Most changes fall within this category.
- Exceptions – A change that is not able to follow the regular process due to the nature of the change. These are typically urgent in nature that must be expedited or implemented off-cycle.
- Emergency – A change that is initiated in response to an incident and must be implemented immediately to avoid a production outage.
- Unauthorized – Used to document specific after the fact changes that are implemented without any approval process. These changes are used for audit tracking procedures.
Risk descriptor levels
- Very high – Is the highest level risk with the potential to severely disrupt the business if experienced, can result in the loss of revenue and customers likely.
- High – These risks are disruptive to the organization, and customer awareness likely.
- Medium – These risks could be disruptive to the customers, they might become aware.
- Low – The impact of low-level risks is limited to non-essential, non-customer-facing applications.
- Very low – These risks have minimal impact if any.
A solid change management process is required for any organization looking to safeguard their systems, people, and processes from unexpected disruptions. Customers and clients expect systems to be available almost 24/7 365 days so having a process for your organization to follow is the best insurance policy to guard against avoidable mistakes or errors when maintaining or upgrading existing platforms.
FAQs about Change management ITSM
Why is change management important in ITSM?
Change management is important in ITSM because it ensures standardized methods, processes, and procedures that facilitate efficient and timely handling of all changes. This helps maintain the right balance between the need for change and the potential detrimental impact of changes, reducing the occurrence and impact of service-related incidents.
What are the different types of changes in ITSM?
The different types of changes in ITSM include standard changes, normal changes, exceptions, emergency changes, and unauthorized changes.
What are the different roles in ITSM change management?
The different roles in ITSM change management include the change requestor, change reviewer, change manager, change approver, and change implementer.
What is the risk descriptor level in ITSM change management?
The risk descriptor level in ITSM change management is a categorization that defines the overall potential impact of a change. This helps the organization determine the overall risk profile and prioritize changes accordingly. The risk descriptor levels include very high, high, medium, low, and very low.