definition of 'change'
colemic
Member Posts: 1,569 ■■■■■■■□□□
Not sure if this is where to post this or not...
We are standing up a CCB where I work, and we are pretty much at a standstill on the definition of 'change'. (as in, what constitutes needing to go through the CCB, and what does not. Our SAs raised the point that they don't want - or need - a definition that would require them to jump through a lot of hoops to daily tasks such as performing log file grooming, for example.
My proposed definition: A Change is characterized as a modification of any kind of a configurable element of FFIN infrastructure, a service, component and/or its associated elements in a production environment. A Change must be vetted through the Configuration Control Board for approval, and planned accordingly, to include testing all phases of the Change (to the extent possible), a determination of the risk posed to the production environment by the Change, and development of a roll-back if the Change is unsuccessful.
I have a mixed opinion. I certainly understand, but then, I think they are making changes to a production environment. Where's the balance?
We are standing up a CCB where I work, and we are pretty much at a standstill on the definition of 'change'. (as in, what constitutes needing to go through the CCB, and what does not. Our SAs raised the point that they don't want - or need - a definition that would require them to jump through a lot of hoops to daily tasks such as performing log file grooming, for example.
My proposed definition: A Change is characterized as a modification of any kind of a configurable element of FFIN infrastructure, a service, component and/or its associated elements in a production environment. A Change must be vetted through the Configuration Control Board for approval, and planned accordingly, to include testing all phases of the Change (to the extent possible), a determination of the risk posed to the production environment by the Change, and development of a roll-back if the Change is unsuccessful.
I have a mixed opinion. I certainly understand, but then, I think they are making changes to a production environment. Where's the balance?
Working on: staying alive and staying employed
Comments
-
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□I'll tell you how my director defines a change in much less technical terms with the understanding that the CCB is there to communicate your changes to management and CYA if things go wrong.
Are you willing to bet your job on the change without a CCB if you screw something up?
A change is anything that would cause someone heartache or confusion when they notice it.
So it could be as simple as changing the desktop backgrounds on workstations. Of course no one wants to go through CCB to do what we consider the basic level tasks of our job. However we document lots of our processes with the CCB, so if something goes sideways, we can refer back and say that this ongoing operational duty was approved by the CCB.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
colemic Member Posts: 1,569 ■■■■■■■□□□I agree with that logic... but we can't agree on a working definition that doesn't bring our production environment to a halt.
There has to be something obvious I am missing here... how do you define what is exempt from the CCB?Working on: staying alive and staying employed -
Claire Agutter Member Posts: 772 ■■■■■■■□□□Hi colemic, this is always a very difficult discussion! Your definition seems like a good start point if people are prepared to sign up to it - what you will probably find is that at first, you are treating things as changes that don't really need to be treated as changes. As your process matures, you'll see what doesn't need to be managed as a change, and you'll also develop a library of standard changes that can be pre-approved and won't need individual authorisation. Your technical teams will need to bear with you as you go through this process, and you will need to bear with your technical teams too! You'll also need management backing of course - if your technical teams aren't following the process, then it doesn't matter how you define a change. Claire
-
colemic Member Posts: 1,569 ■■■■■■■□□□Thanks Claire, that's great insight... we have discussed the library of changes concept, and it is definitely on the table. What we are running into, however, is not that the we are being too specific, but there is a push to water down the definition, which invariably leads to grey areas. I am not sure if it is better for us to over-manage the change (easy to get lost in the weeds), or to under-manage and let potentially impactful changes be unregulated and unmonitored.
I should add, that we are looking to keep this rather informal, and are not anticpating having a change repository, for example, at this time. Or a dedicated change manager to keep up with all of that. At least not yet.Working on: staying alive and staying employed -
Zartanasaurus Member Posts: 2,008 ■■■■■■■■■□
There has to be something obvious I am missing here... how do you define what is exempt from the CCB?
There's always going to be grey areas, and how big those areas are depend on how management treats unauthorized changes. All it takes is one major outage from an unapproved change for people to get the message though. We can be a little too trusting of our own abilities sometimes. Like Claire alluded to, you can have a library of processes that cover every day operational duties that have been pre-apprpoved to be done outside of maintenance windows. You write up the process outlining all the systems affected as well as the risk of making those changes and show supporting documentation that proves "hey we've done this a million times and here's the process we repeat every time to make that change".Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
colemic Member Posts: 1,569 ■■■■■■■□□□does anyone have any experience with Change Management software? Any recommendations?Working on: staying alive and staying employed
-
Claire Agutter Member Posts: 772 ■■■■■■■□□□Hi colemic, I've only used Change Management software that's integrated into a bigger service management tool - for those I can recommend Axios Assyst, Marval and Remedy. If you're on linkedin there are some groups on there devoted to service management tools so it could be worth posting over there too. Claire