The pace and magnitude of change is accelerating as companies seek to capitalize on rapidly shifting global market conditions. To effectively support the business, IT must constantly change, too. These changes often include introducing new services, the incremental addition of service capacity, and the extension of services to new constituencies such as employees, customers, or partners.
IT change, however, can be quite dangerous, especially in today’s heterogeneous distributed environments. Even the simplest change can have unintended adverse consequences, causing service disruptions far beyond anything anyone anticipated. Some observers assert that as much as 80 percent of all service problems are the result of poorly executed change management.
Because it’s so important to minimize the risks associated with change, IT organizations are putting greater emphasis on the change management discipline. They’re seeking proven best-practice frameworks for defining and enforcing that discipline. Foremost among these frameworks is Information Technology Infrastructure Library (ITIL), which has the advantage of providing guidance for a wide range of core IT management disciplines. By embracing ITIL, organizations can optimize the responsiveness of IT to business change while eliminating the service outages and other problems associated with inadequately disciplined change management processes.
Platform-Based Change Management
Most mainframe managers find ITIL change management practices familiar. ITIL change management is a widely accepted best practice for mitigating the risk of change-related IT disasters. Like all other aspects of ITIL version 3, change management is defined in terms of IT services and the service lifecycle. ITIL defines service change as “the addition, modification, or removal of an authorized, planned, or supported service or service component and its associated documentation.” According to ITIL, the scope of change management covers changes to “base-lined service assets and configuration items across the whole service lifecycle.”
This broad definition requires some explanation. ITIL starts with the concept of an IT service, regardless of platform. It doesn’t make arbitrary distinctions between mainframe and distributed systems applications and processes. Instead, it describes services as a way of delegating the risks and costs of outcomes. A service provider delivers value and desirable results and frees the consumer of the risks and responsibilities of owning or delivering the service.
A credit report function is a good example of such a service. The IT department defines the scope of the service, such as a credit check with all three credit bureaus, along with a credit score, a comparison to historical creditworthiness, and acceptable service levels (i.e., availability and performance). Each business unit selecting this service pays for it—typically in the form of allocations from the enterprise budget—and expects to not have to worry about how it’s implemented, managed, or maintained. The IT department assumes all the risks and costs of procuring the assets necessary to provision the service.
In this way, the IT department has the resources to provide better, more reliable service at a lower overall cost than any individual business unit or department. In addition, the resources and capabilities of IT can be more effectively leveraged across the enterprise by sharing and reuse. In fact, Service-Oriented Architecture (SOA) itself is based on this idea of sharing and reuse, with customized capabilities layered on top of common services as needed.
This service concept is essential for a proper understanding of ITIL change management. Ultimately, the value of change management is derived from its ability to support the agreement between the IT department and its constituents regarding the delivery of services. ITIL change management helps reduce both the risk and cost associated with service delivery. Since the Service Level Agreement (SLA) explicitly sets terms for availability and performance, it’s a key element in change management. So a consistent change management discipline—and, by extension, mitigation of the business risks associated with IT change— is at least in part contingent on a standardized approach to defining services and SLAs per the larger ITIL schema.
Continuing the credit assurance example, a change in the information passed to a credit bureau, for example, might require modifications to a Web front-end, mainframe database server, and UNIX application. The business transaction encompasses all three tiers. Following the change management process, these changes can be managed to avoid adverse business impact and promote full compliance to required governance by involving all stakeholders.