IT Change Management

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

IT Change Management is an IT Service Management discipline. The objective of Change Management in this context is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes to controlled IT infrastructure, in order to minimize the number and impact of any related incidents upon service. Changes in the information technology infrastructure may arise retroactively in response to problems or externally imposed requirements, e.g. legislative changes, or proactively from seeking improved efficiency and effectiveness or to enable or reflect business initiatives, or from programs, projects or service improvement initiatives. Change Management can ensure standardized methods, processes and procedures are used for all changes, facilitate efficient and prompt handling of all changes, and maintain the proper balance between the need for change and the potential detrimental impact of changes.

Change management in development projects

IT Change Management is not typically responsible for overseeing changes that occur within deployment or development projects which are typically delegated to a change management process dictated by the project management methodology adopted for the project. However close liaison between development project managers and the Change Manager is expected and the project manager may be required to utilize Change Management for items within the production or test environments that are required for testing or release.

Process overview

Change Management would typically be composed of the raising and recording of changes, assessing the impact, cost, benefit and risk of proposed changes, developing business justification and obtaining approval, managing and coordinating change implementation, monitoring and reporting on implementation, reviewing and closing change requests.

A typical definition to the change management process is:

The goal of the Change Management process is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes, in order to minimize the impact of change-related incidents upon service quality, and consequently improve the day-to-day operations of the organization.


ISO 20000 defines the objective of Change management (part 1, 9.2) as:

To ensure all changes are assessed, approved, implemented and reviewed in a controlled manner.


Change management is responsible for managing change process involving:

  • Hardware
  • Communications equipment and software
  • System software
  • All documentation and procedures associated with the running, support and maintenance of live systems.


Any proposed change must be approved in the change management process. While change management makes the process happen, the decision authority should reside in what is commonly referred to as the Change Advisory Board (CAB), which is made up for the most part of people from other functions within the organization.

The main activities of the change management are:

  • Filtering changes
  • Managing changes and the change process
  • Chairing the CAB and the CAB/Emergency committee
  • Reviewing and closing of Requests for Change (RFCs)
  • Management reporting and providing management information

See also

External links