ITIL Change Management
Following the article 'MIR - The Key' this article is a further step in the same direction to discuss the content and use of Management Information Reporting (MIR). It may be read as a stand alone article or as one of the series that discusses the subject. To allow for this the introductory paragraphs are common so if you have read any of the others articles you may wish to skip the first three sections. ITIL is fully integrated so there will be a number of cross references to the other articles, I am sure you would be surprised if that was not the case.
Service Reporting and Measurement appears as part of Continual Service Improvement, like many of the components of ITIL the activity is a common one throughout the lifecycle. It needs to be designed, transitioned with the service, created through the operational activities and becomes a key feed into the improvement processes.
The primary target is the availability of our IT Services to the Business community, this means we need to understand the Services and their requirements, how they perform, whilst managing and controlling them accordingly. To assist IT with its roles and responsibilities regarding the delivery of the Services it is essential to have meaningful management information reporting established. The levels of information we report on may be viewed as Strategic, Tactical or Operational, we are looking in alignment with the Service Strategy, to effect costs, effectiveness, efficiency, (resource and sustainability) and scalability. We are also aiming to manage our IT Processes that deliver the Service, in this case Change Management and need information on how the process is performing (Key Performance Indicators - KPIs) and delivering (Critical Success Factors - CSFs).
KPIs and CSFs
At a high level Key Performance Indicators (KPIs) are the metrics that allow us to understand volumes, they tend to be quantative and provide a view regarding 'how much' of an activity has been performed and how much is currently being processed.
At a high level Critical Success Factors (CSFs) are the metrics on what is required for a process to be considered a success, what needs to be happening, they tend to be qualative and through that give us a view of 'how well' an activity is achieving it's aims.
Both of the above should be objectively considered and documented through the design stage of services and processes, as part of understanding and controlling our service management activities, and in a similar manner to our processes the reporting of them should also be reviewed to ensure they are still valid to both IT and the business.
Whilst considering Management Information Reporting (MIR) it is important to think about the audience who will be receiving the information. Having differing focus points the following are main management and planning generic groupings. The groups making decisions and managing the planning need good information on which to base them.
- Strategic: Interested in the longer term view, the targets, objectives and visions that the organisation aspire to. Here IT will need to align it's strategic aims with those of the business that it is supporting. A really good strategic target could be 'to align with ITIL or to become IEC/ISO 20000 accredited' - both of those sound good to me!
- Tactical: With a shorter time line, and making decisions that are aimed at ensuring that strategic targets will be met. A good tactical target, in support of the strategic target may be 'that we shall implement a rolling build of the Configuration Management Data Base (CMDB) and that Configuration Management will be the first main ITSM project to be undertaken as part of the programme.
- Operational: The shortest of time lines, decisions here are based on immediate requirements, the day-to-day management of services. A typical Operational consideration may be that incidents on service 'Albert' will be treated as severity one for the next three days or until we successfully resolve the current problems.
Service Management Records
For the purposes of these articles I have assumed that you are using a relatively standard IT Service Management tool set. This will have a back-end database and will contain within the items records fields that detail the 'status' of the record (e.g. an Incident may be 'opened', 'under investigation' or 'resolved') and an associated 'date'. A date (sometimes a time too) for when the status has changed and these records are such that their history can be interrogated (i.e. on what date (time) did the status of record 'nnn' change from B to C?
There are further specific records and fields that are used for Management Information Reporting (MIR) and these will be detailed, their contents and potential uses discussed in the articles on each of the ITIL disciplines.
In MIR consistency is essential, the Change Request Status field would usually be populated from a table, which assists with ensuring standard and agreed terms are used. If you can think of circumstances where free text in the status field would be of value please use the comments box below and let's discuss it.
Change Management (Part 1 - Scene Setting)
Change, and its management (or lack of it), as we all know is often the trigger for things to go wrong, not always, occasionally equipment fails, but (thank heavens) nowadays that is usually a rarity, someone doing something, no matter how well intentioned, is often found to be at the root cause.
Change Management is an important and complex area for IT, business requirements in its many guises are always looking for change and improvement, whether it be a business differentiator, new product, a regulatory or legal requirement, an improvement on a service that has not been all it might be but has business impact and of course a reduction in the cost of the service provision. All IT has to do is to ensure that changes do not make services worse or seem worse - in a world where perception is everything it's all relatively easy eh!!
Below are some standard words, they certainly appear through ITIL and are appropriate in a number of places and disciplines and I make no apologies for repeating them. They are really the basis for looking at almost any size of change including service improvement.
- Where are we now?
- Where do we want to be?
- How do we get there?
- How do we know we have arrived?
I expect that those words are very familiar - I think that they should be.
In terms of Change Management and the business the answers to the first bullet should be able to be answered through the MIR for existing services, the second bullet should be based on business requirements and Service Strategy, the third bullet is where the project planning disciplines and ITIL Service Design and ITIL Service Transition come in, the fourth will probably be a combination of both ITIL Service Transition and ITIL Service Operation.
As you will no doubt have noticed the first and fourth bulleted questions will also be the basis for ITIL Continual Service Improvement activities, for example, Service Improvement Programs (SIPs).
Change Records (CRs)
Change Records are usually managed through the service management toolset and it is the interrogation of these records that provides the base information for MIR. In this context perhaps two of the most important Change Record fields will be the 'status' and its associated 'date'.
The Status field in a Change Record will indicate the progression of the Request For Change (RFC) through the stages of the process and associated to the status field will be a date field that gives the date the status was changed. Usually the stages in the Change Management Process will be along the lines of:
- Registered - basically the RFC is in the system at the start of the process
- Awaiting Impact Assessment (IA) - now on route, where the IT functional areas required to assess the change have been identified and have been requested to assess its' impact.
- Awaiting further information - this may be a generic catch-all for Requests For Change that require further detail to complete an Impact Assessment (IA), this could take the form of a technical workshop, further business detail etc
- Awaiting Change Advisory Board (CAB) - the information has been gathered and the request will be on the agenda for the next meeting
- CAB reject -if the processes are working well an outright rejection at CAB would probably be unusual
- Build and test - the request is progressing, the RFC will be having resources allocated to its development etc
- Awaiting Implementation date - this may go though CAB or a specific board that agrees the implementation, exactly which will be dependent on the governance structure of the organisation
- Scheduled - the implementation date has been agreed, the Forward Schedule of Change (FSC) will be updated
- Implemented - confirmation, it should also trigger an update on the Forward Schedule of Change
- Awaiting Post Implementation Review (PIR) - there will be a report that delivers the PIR results to show success rates
- Closed - fully completed
Note: The above bullets are not meant to be a definitive list of status's as that will depend on your organisation's terminology and it's implementation of Change Management, I would expect a number of sub categories would be used to provide more granular information, e.g.
- Awaiting further information - should the type of information that is awaited usually be of a similar type it will provide further insight into the Change Management Process and it's inputs.
The date status and date field of course provide detailed information for use in audit trails as well as being the basis for good service reporting.
The status information of the type described above is not only the source of our information for IT Management Information Reporting (MIR), it should be made readily available so that all the interested parties, IS or business staff, can see it's status; it should be open information, which could be possibly published on the intranet. Making this information readily and easily available will make the process more open and transparent (usually a strategic target for most IS Departments) and will certainly have the additional benefit of reducing the number of calls to either the Service Desk or the Change Management team that are simply enquires on progress.
Where are we now?
If the service that is the subject of the Request For Change (RFC) is an existing production service then the 'Where are we now?' is a question of quality; of performance. In the terms of the request, whether for a new or existing service, we should also ask 'do we have services that currently meet any of these requirements?' If so 'how well'? - These questions are aimed to see if there is any leverage within the organisation that can be applied, let's not re-invent the wheel if we already have a set and what we really need is a new hub cap!!
It is the Management Information Reporting (MIR) that provides the answers to the 'How well?' question posed above, whilst the question of already running similar activities should be answerable through the Service Catalogue.
Below are some high level generic questions, they are meant to be indicative, we will discuss each of the areas in greater detail in subsequent articles where we will address each discipline in turn.
MIR from Incident Management and the Service Desk will tell you how an existing Production Service is performing:
For example, a large number of 'How to?' questions could be pointing to:
- An over complicated service, not end-user friendly
- Additional training requirements that would enable users to get the best out of a service (it could also be reflective of high staff turnover in the business)
MIR from Problem Management will prompt the following questions to be asked:
- Are the trends indicating that particular components of this service are more likely to fail? -thus providing visibility of the 'hot spots' in this service.
- Is the frequency of incidents, the identification of Known Errors and use of workarounds giving a clear justification for the potential spend on resolving the root cause?
MIR from Availability Management
- Is this an unstable service, infrastructure or application; is the business impact caused by non- availability adding to the justification for change?
MIR from Capacity Management
- Is this capacity profile of this service in line with its business importance? And probably its' maintenance budget!!
MIR from Service Level Management
- Is the business perception that this is a critical service that is performing poorly?
- Are there localised problems that are indicative of a local infrastructure problem?
MIR from Support Management (includes Supplier Management where the running or support of a service has been outsourced)
- Is a disproportionate amount of time spent fixing a particular component (configuration item) for this service?
- Is a disproportionate amount of time spent fixing any/all components (configuration item) of this service?
MIR from Financial Management
- Is the cost of running, supporting or managing this service out of proportion to the return or simply not good value (efficiency consideration)?
Note: The linking between components is a function of Configuration Management and the relationships between Configuration Items (CIs), the relationships are essential for the Impact Assessments to ensure a common understanding for both the effects and risks. This subject will be dealt with in detail in the Configuration Management article.
Where do we want to be?
This has to be an ultimate question that the business answer - it is about their requirements, IT will undoubtedly have requirements in order to manage a service for the business (the process management) but at all levels IT only exists to support the business. There are some thoughts below, based on the comments that are frequently heard at the various levels that reflect the types of MIR considered by them.
Strategic - 'IT costs for support are too high' - an overall budget consideration, probably driven by the entire business assessing it's spend and plans.
Tactical - 'We can save money by a lower level of support' - focus on particular items that will help deliver the strategy.
Operational - 'At the service level where do we need to stabilise platforms and infrastructure?' - In order that we can focus on new/revised services for the future.
Note: Again the list is meant to be indicative, further detail will be covered in the subsequent series of articles examining MIR by process(es) area.
How do we get there?
This is where the understanding of the current services their support and management is again critical, if considering a new service or an update to an existing one we should look to where we have undertaken this activity or similar before - are there lessons to be learnt?
Is there another part of the business currently developing, already using or delivering something similar? - Check your Service Catalogue and Service Portfolio.
Should we be looking to build towards our target in a modular fashion with small or medium sized projects (although lower risk, probably takes longer to achieve, lower initial cost, costs spread over longer, possibly higher total outlay, longer to realise benefits) a business view on impact and urgency should be the decider, along with the availability of funds of course!
How do we know we have arrived?
There will be measures required to prove arrival at an identified point and the effectiveness and efficiency of the service when you get there. These items need to be considered before you start the journey and captured as part of the project deliverables.
If you have considered the questions above and the information provided through the MIR you are probably looking at a Change and it could well be a project or even a programme of them, the most important thing is that you have some working parameters, in Part II we look at some of the detail in Change and Configuration Management MIR and how it helps.
A "Part 2" follow-up article to this one can be found here.
About the Author
Colin Mayers is the Managing Director of Mayers Consulting. Colin operates across all market sectors and provides a breath of experience with regards Service Management. As for formal qualifications he holds the ITIL Managers Certificate, ISO20000 Internal Auditor and Consultant Certificate and also the Prince 2 Practitioner.
If you wish to contact Colin please use the comment box at the end of this article, ITILnews will ensure they are forwarded on to him.
We, at ITILnews, welcome articles which provide insight into ITIL theory being used in practice. Please take the opportunity to send us your experiences of ITIL for publication on ITILnews.