The Fortified Change Management Process aims to minimize failed changes and changes implemented with problems by adding additional rigor to the existing change management procedures. This enhanced process ensures:

  • A second pair of eyes reviews all medium and high priority changes.
  • A weekly cadence call reviews all medium and high priority changes.
  • Post Implementation Reviews (PIRs) are conducted for any failed changes or changes implemented with problems.
  • A standardized Fortified Change Checklist is used to build and review change tickets.

Process Steps

1. Change Documentation and Impact Assessment

  • Complete Documentation: Ensure that all change documentation is thorough and up-to-date.
  • Impact Identification: Clearly identify the impact of the change on systems, applications, services, and business units.
  • Outage Assessment: Perform an outage assessment to determine potential downtime or service disruptions.
  • Stakeholder Notification: Notify and keep updated the owners of any affected applications, services, or business units regarding implementation and progress.

2. Planning and Preparation

  • Reason for Change: Provide a detailed description of the reason for the change.
  • Implementation Plan: Develop a detailed implementation plan outlining all necessary steps.
  • Verification Plan: Create a detailed verification plan to confirm the success of the change post-implementation.
  • Change Window: Specify the change window during which the change will be executed.
  • Type of Change: Clearly specify the type of change (e.g., standard, emergency, urgent).
  • Back-Out Plan: Develop a detailed back-out plan in case the change needs to be reversed.
  • Configuration Items (CIs): Identify all affected CIs.
  • Team Coordination: Ensure coordination among all involved teams if multiple teams are involved.

3. Internal Review and Approval

  • Communication Plan: Develop a detailed communication plan for the change.
  • Internal Review: Conduct an internal review of the change before presenting it to the client.
  • Management Approval: Obtain approvals from management and the Delivery Project Executive (DPE) before releasing the change to the client.
  • Change Advisory Board (CAB) Review: Ensure the change is reviewed in the CAB meeting and that the meeting is effective.
  • Risk and Architectural Review: For high priority changes, obtain reviews from the Risk Review Board or Architectural Review Board.

4. Scheduling and Resource Management

  • Look-Ahead Schedules: Maintain look-ahead schedules for all changes.
  • Staffing Levels: Review the volume of changes to assess if staffing levels are adequate.
  • Adequate Planning Time: Ensure sufficient time is allocated for planning and executing changes.
  • Urgent Changes Process: Implement processes to handle high volumes of urgent, emergency, or expedited changes.

5. Compliance and Governance

  • Unauthorized Changes: Monitor for unauthorized changes and address any issues promptly.
  • Process Adherence: Ensure project teams and business units do not bypass change processes, preventing negative impacts on operations.
  • Access Control: Verify that only authorized personnel have access to systems to prevent failed changes due to unauthorized access.
  • Remediation Actions: Ensure support teams do not take remediation actions without creating and approving changes.

6. Post-Implementation Review and Continuous Improvement

  • Consistent PIRs: Conduct Post Implementation Reviews consistently and thoroughly for all failed changes or changes implemented with problems.
  • Stakeholder Participation: Ensure active participation from all relevant stakeholders in PIRs.
  • Failure Notifications: Send notifications of failed, rejected, canceled, or problematic changes to change management, delivery, and client teams.
  • Severity Assessment: Analyze failed changes to determine if they result in Severity 1 incidents when the business is impacted.
  • Failure Diagnosis: Allocate time for diagnosing failures and implementing solutions.
  • Avoiding Expedited Pressure: Avoid undue pressure to expedite changes without proper planning and review.

7. Quality Assurance and Client Engagement

  • Second Pair of Eyes: Implement a secondary review for all changes, especially high-impact changes involving senior implementers.
  • Client Concurrence: Obtain client concurrence prior to closure of a change.
  • DPE Involvement: Ensure DPEs are actively involved in the change management process.
  • Vendor Accountability: Address any issues with technical teams and vendors not responding or taking ownership of their actions in the change.
  • Tool Effectiveness: Identify and resolve any issues with the change management tool not processing change tickets correctly.
  • Pre-Approved Changes: Define and appropriately handle pre-approved or non-production changes, addressing any associated issues.

Additional Considerations

  • Regular Process Review: Regularly review and update the Fortified Change Management Process based on feedback and performance metrics.
  • Training and Awareness: Implement training sessions to educate teams on the importance of following the change management process.
  • Escalation Paths: Establish clear escalation paths for issues arising during the change process.
  • Best Practices Alignment: Align the process with industry-standard frameworks like ITIL (Information Technology Infrastructure Library) for change management.
  • Acronym Definitions: Ensure all acronyms (e.g., DPE, CAB, CI, PIR) are defined when first used.

Recommendations for Improvement

  • Convert Questions to Statements: Changing the questions into statements clarifies the requirements and expectations within the process.
  • Organize Content: Group related items under clear headings to improve readability and comprehension.
  • Define Roles and Responsibilities: Specify who is responsible for each step to enhance accountability.
  • Use Clear Language: Employ clear and concise language throughout the document, ensuring consistent terminology.
  • Include Visual Aids: Consider adding flowcharts or diagrams to visually represent the process flow.