Tuesday, August 5, 2014

Policy Series - 4.: Change Management Policy

INTRODUCTION:
This policy document is aligned to ISO/IEC 20000 and ITIL V3 best practices.
As per this policy Change is defined as addition, modification or removal of any Configuration Item (CI) or its attributes.

SCOPE:
This policy is applicable to the entire change management life cycle as described in Change Management process document. Thus, the scope encompasses:
        Business/IT services & CIs
        Documents (Process, policy, contracts, manuals, SOPs, etc.)
        Other CIs

This policy is applicable to all permanent, temporary and contract staff.

POLICY:


  • A standard Change Management process will be defined and adopted by all business units/functions
  • Emergency Change Management sub-process will be defined and followed to address major changes
  • Staff should be trained to ensure that a common understanding on change and emergency change management prevails across the organization
  • Roles and responsibilities shall be defined and communicated for effective Change Management
  • Change Manager will be the single focal point for coordinating all changes
  • Change requests should be classified, recorded, validated, accepted and prioritized
  • All changes should be recorded in the change management tool
  • Change Manager will allocate a priority for every RFC based on the impact and urgency; This priority rating should be used to decide which changes should be discussed and assessed first, either by Change Management or by the Change Advisory Board (CAB)
  • Testing should be successfully completed before change is authorized/approved for implementation by Change Manager; Emergency Changes require Emergency Change Advisory Board approval for this exception but needs as much testing as possible before implementation
  • All Changes to the production environment should be made within agreed Change windows;  Any exceptions will be agreed and communicated via a Projected Service Outage (PSO)
  • All changes will be assessed for performance, risk and resources needed to implement the change
  • Back out or roll back plan is mandatory for all changes including emergency changes
  • Forward Schedule of Change (FSC) should be communicated to the users; Change Manager should inform Service Desk for effective communication of FSC
  • Post Implementation Review is mandatory for all changes; Standard changes is an exception to this
  • Any addition of service to the standard change list should be approved by CAB 
  • Any unauthorized change should be considered violation of this policy
  • Progress of all changes should be monitored by Change Manager till closure of RFC
  • Change Management performance shall be reported and reviewed periodically
  • Continual Service Improvement (CSI) initiatives should be taken up by Change Management 
ACCOUNTABILITY & RESPONSIBILITY TOWARDS POLICY ADHERENCE:
  • Team Leads and delivery heads are responsible to ensure that their staffs are adequately trained to support this policy
  • Change Manager(s) and Quality Leads are responsible to drive adherence to the policy and process
  • Accountability to adherence to policy and process lies with individual staff
  • Change Management process document
  • Release & Deployment Management policy
  • Request Fulfillment policy



    BREACH:
    Non-adherence to this policy will lead to disciplinary actions as per the organization's disciplinary policy and may even lead to termination of employment.

    REFERENCES:
    Following documents should be referred to along with this policy document: