ITIL Change Management Best Practices That Can Reduce Operations Disruptions
With so much uncertainty, having established IT operations processes and heuristic models to work from can go a long way toward preserving stability amidst constant change. Updated ITIL v4 frameworks dispose of rigid and prescriptive processes, but they also lay bare the responsibilities modern IT organizations must assume.
Change teams within IT operations need structure to define and identify threats while accelerating the continual creation of new value. They also need the flexibility to respond to ongoing shifts in the business environment, keeping them agile when it comes to disruptions, which includes the discovery of new value-producing opportunities.
Fast, flexible, and vigilant: change best practices can empower IT operations to do all three. Preserving business functions and mitigating risk is especially possible through the use of AI-powered analytics. Using data from across the value stream alongside AI can allow teams to mitigate outage risk, monitor for threats to operational stability, and streamline decision-making in light of new insights.
Defining Business Value and Answering the "Why" of Any Given Change
The first step with any change-related decision is to understand why the change is being proposed. Whether the change was instigated by a change request from development teams or a change proposal from within IT operations, each change should be considered from the perspective of the value it offers to the organization. Additionally, the change should be understood in light of the risks it presents.
Defining value and risk can – and should – be done from an objective, metrics-driven perspective. However, IT organizations must first be prepared to model upcoming changes from a subjective standpoint so that they can intrinsically recognize the proposed value an expected change brings.
Popular blogger "Joe the IT Guy," defines four basic value-producing reasons that a change might be proposed:
- To correct something that has already failed or gone wrong
- To prevent something from failing or going wrong
- Because something else has changed, or is going to change, and you need to make a change to stay compatible
- Because you need to add, remove, or enhance a capability
Number one is reactive to problems; two and three are proactive/preventative; and number four is the only of these to directly offer new value. By considering proposed changes from this perspective, IT organizations can then develop metrics to quantify the types of changes they are making. If too many changes are reactive, then the organization needs better risk-assessment and predictive capabilities, for instance. Changes related to compatibility and preventing failure also tend to consume resources to preserve value created elsewhere. Ideally, more changes will be related to the direct creation of value as IT adjusts its processes and its approach to operations.
If a large volume of proposed production pushes have an uneven mix of reactive and proactive measures but little value creation, operations processes or development strategy may need to be revised. On the other hand, if the organization is continually pushing for changes that elicit direct value creation, then it can evolve its offerings while keeping pace with modern advancements.
Utilize Change Metrics and KPIs to Understand Associated Risks
Understanding the purpose changes serve allows organizations to more ably quantify changes using appropriate metrics and KPIs. Monitoring change metrics provides feedback to depict ongoing trends, inform resource allocation, and indicate when things are going well or poorly.
Examples of change metrics that can drive agility and continual value creation include:
- Change success rate
- Emergency changes implemented per period
- Change-related incident / problem volume
Machine learning models can accurately model change-related risk in all its complexities. An algorithm can sift through historical change data and associated failure logs to determine which metrics have the best capacity for predicting future change-associated problems, failures, and incidents. Proposed changes can then be measured in terms of the risks they pose, including how likely the risks are and how disruptive they might be. A scoring model can facilitate rapid response to identified change risks.
Measuring change metrics using these methods establishes benchmarks for IT to visualize stability within their current operating environment, predict which changes might be inherently risky, and chase continually improving targets to reduce service disruptions while maintaining agility. The use of scoring models also streamlines the approaches needed to address the change risk, reducing the amount of time and energy the CAB needs to address each change and keep the value pipeline moving.
Define Roles, Responsibilities, and Ownership of Metrics. And not just for Configuration Items
Defining roles and ownership in IT has a unique way of producing results. Establishing accountability in IT can help leaders meet SLAs, implement CSI initiatives successfully, and reduce the amount of resources required to respond to and prevent change-related service disruptions.
Different roles and hierarchies can be established for different contexts, meaning that a person with ownership over one change-related metric may be second-in-command for another. However, roles and responsibilities should always be clear, documented, and understood in order for IT to function efficiently. This level of high functioning is especially important during responses to major incidents, where emergency changes have a high rate of failure that can create, rather than solve, new problems.
Map stakeholders, roles, and hierarchies so that responsibilities are defined and accountability is understood. None of this needs to introduce rigid processes, either; instead, teams can be given autonomy with ultimate understanding that they are in control of the performance of a given metric, CI, or operational feature.
Consider the Impact of Changes Beforehand
Predictive IT analytics can allow IT organizations to quantify change risks and understand what consequences a given change push may have. They can then identify the appropriate response, which may include accepting the change risk, mitigating by modifying the change, or avoiding the risk by halting the change until it can be made less risky.
IT operations teams also must be prepared in the event that any high-risk changes fail. For change failures that result in performance degradation, for example, they can have a back-out plan to restore the prior operating environment state while the change is studied in more detail. For a series of high risk changes that are anticipated to – or already have – resulted in an incident or service disruptions, a change freeze may be in order while the operating environment is stabilized.
Contingency plans allow for quick action in the event that a proposed change does not go as expected. They also allow IT teams to consider alternative options that may need to become part of the regular process or decision-making heuristic given a pattern of changes with negative consequences. Predictive AI models also can leverage data analytics to alert change teams when they may have a higher risk of the need for a contingency plan.
Ensure Each Change Has Closure
Every change should be accompanied by a closure process, whether the change was successful or not. The impacts of the change should be monitored and documented. The metadata of the change should be logged so that metrics can identify which changes impact what functions as well as which changes carry certain risks. The CMDB must be updated as certain changes affect the relationship CIs have with one another.
These tasks can be laborious, but partial or total automation can reduce the efforts needed by individual IT members while enhancing efficiency overall. The stages of a change closure process are incredibly important for not only monitoring the presence of risk for service degradation/disruption, but also quantifying change risks with more accurate modeling over time.
Change Management Best Practices Allow IT Operations to Maintain Constant Value Production in the Face of Uncertainty
None of the best practices described above are suffocatingly prescriptive, but they do reveal the level of attentiveness and custodial responsibility required for IT operations to sustain efforts that deliver continual business value.
"One of the benefits of using a standardized best-practice framework is in ensuring that employees understand their roles and the procedures that they must follow to deliver services and provide a high level of customer support," notes BMC blogs. At the same time, BMC recognizes that, "The ITIL framework is also intended to give IT support providers a more interactive role in businesses. Instead of providing support in the background, IT departments that utilize this framework are part of the businesses' overall structure," meaning that they are a direct part of the value creation chain within their enterprise.
As fewer changes require direct oversight and intervention and more directly beneficial changes are enabled through streamlining and automation, IT organizations as a whole can contribute more to their organization's bottom line while giving their talent a bigger role in value creation.
Learn about how IT business analytics can help you evolve from reactive to proactive ITSM and Change management from our recent webinar: "How to adapt your IT Service & Change Management for a distributed workforce"