As businesses evolve and grow, or their operating requirements change for other reasons such as changes to legislation, so their internal processes and procedures must change to accommodate this need. It’s also likely that advances in technology may make cost-savings possible, but again process changes will be required to accommodate those advancements.
Where IT is touched by those processes, so it becomes vital to ensure that any changes are made in accordance with current industry best-practice. Typically this means that some form of ITIL-compliant service management process will be introduced if one didn’t exist before.
A typical ITIL-compliant IT/software change-management process will include provision for the various stages of software development and IT infrastructure/environment management, including (but not limited to):
- Requirements Gathering
- Impact Assessment
- Change Approval (via Change Control Board/CCB)
- Version Management (of source code, if/when changes required)
- Parallel Branch Development (where appropriate)
- Configuration Management (of source, development environment, supporting software/library routines)
- Baseline (for Testing purposes, to include requirements etc.)
- Infrastructure Management (especially servers & networks)
- Environment Management
- Test Lifecycle (Unit, Integration, System, UAT, Fix-on-Fail etc.)
- Bug Reports, Tracking & Fixing
- Baseline (subset for Release)
- Release & Deployment
The above is not just limited to software however as it’s vital that even the smallest of changes to the IT infrastructure or environment should also be considered.
By way of example one client of ours, a small café owner, decided to boost his business by offering WiFi access to his customers. He did this without first seeking advice from anyone “competent” in data networking, i.e. without a full and proper Impact Assessment. The result was that he inadvertently opened his business network up to those visiting his café (and sitting outside!) and as the PC holding his confidential staff records, banking arrangements etc. sat on that same network opened himself to all manner of potential data protection problems. This may appear a trivial example, and an obvious common-sense mistake to all IT-literate readers, but is really is only a matter of scaling that [lack of] knowledge up before everybody, and every organisation, is placed at risk if it does not have an effective change management process, including appropriate impact assessment, in place.
For this reason, we also have worked with many blue-chip multi-national corporations advising them and assisting them in improving their processes as our case studies show.
Regardless of your business’ size, if you are in any way uncertain or unsure as to the suitability or integrity of your processes, or simply lack formal process documentation and are unable to either grow your business by recruiting additional staff, or secure your position for an audit as a consequence, please contact us for a confidential discussion with no-commitment on your part, to learn how we can help you.