Difference between revisions of "Change control practice"
(→Definitions) |
(→Types of changes) |
||
| Line 16: | Line 16: | ||
===Standard=== | ===Standard=== | ||
| − | + | :Standard changes are pre-authorized and, therefore, should be implemented without additional authorization. | |
| − | |||
===Normal=== | ===Normal=== | ||
| − | + | :Normal changes are not pre-authorized; depending on the change control structure, their authorization may be based on change type. They may be either low-risk, when someone who can make rapid decisions, or major. | |
| − | |||
| − | |||
===Emergency=== | ===Emergency=== | ||
| − | + | :Emergency changes require expedited assessment and authority; they may require a special change authority. | |
| − | |||
==Structure== | ==Structure== | ||
Revision as of 14:52, 29 December 2020
Change control practice (hereinafter, the Practice) is the practice to ensure that risks are properly assessed, authorize changes to proceed and manage a change schedule in order to maximize the number of successful service and product changes. The Practice relates to change control and service management. This Practice is a part of the ITIL practices.
Contents
Definitions
According to the ITIL Foundation 4e by Axelos,
- Change control practice. The practice of ensuring that risks are properly assessed, authorizing changes to proceed and managing a change schedule in order to maximize the number of successful service and product changes.
Purpose
The purpose of the change control practice is to maximize the number of successful IT changes by ensuring that risks have been properly assessed, authorizing changes to proceed, and managing the change schedule.
Scope
The scope of change control is defined by each organization. It will typically include all IT infrastructure, applications, documentation, processes, supplier relationships and anything else that might directly or indirectly impact a product or service.
Types of changes
A change is the addition, modification, or removal of anything that could have a direct or indirect effect on IT services.
Standard
- Standard changes are pre-authorized and, therefore, should be implemented without additional authorization.
Normal
- Normal changes are not pre-authorized; depending on the change control structure, their authorization may be based on change type. They may be either low-risk, when someone who can make rapid decisions, or major.
Emergency
- Emergency changes require expedited assessment and authority; they may require a special change authority.
Structure
o The person or group who authorizes a change is known as a change authority. ▪ In high velocity organizations, it is a common practice to decentralize change approval, making the peer review a top predictor of high performance o The change schedule is used to help plan changes, assist in communication, avoid conflicts and assign resources.
