From estimating risk to developing a backout plan to establishing a timeframe, effective change control requires diligent planning and execution. This ebook outlines the most important aspects of developing and implementing a successful change control policy.
From the ebook:
When a production environment is in a known working state, the only thing that can alter that state for better or worse is a change, either planned or unplanned.
Unplanned changes are a familiar beast to IT professionals. This can include crashed servers, failed hard drives, malware infestations, and other emergencies. Planned changes (upgrades, reboots, server refreshes, etc.) can be even more disastrous if poorly executed, however, since a production outage can be the end result.
Production outages can be costly and disastrous, so change control is a hot topic. Change control means utilizing a standard method to apply changes to critical environments as a way to guard against risk and ensure that necessary staff are aware of the ramifications. It’s especially common in large financial environments where downtime can result in loss of business or irreversible damage to the company reputation.
Depending on the complexity, change control can be cumbersome and time consuming or considered red tape by resentful IT staff. But properly executed change management yields protective benefits to IT professionals as well, since all ramifications are more thoroughly vetted, the work is signed off in advance by multiple approvers, and if things go awry the blame game can be avoided.
Whether your company is large or small, if you’re considering implementing (or bolstering) a change control policy, these 10 elements will be essential.