Change Management

Change Management service provides a structured and standardized approach to controlling modifications to the University's IT infrastructure and enterprise application services. The service plays a crucial role in mitigating risks and minimizing potential disruptions associated with changes to the IT environment. The scope of this service includes a broad range of hardware, software, IT infrastructure, and enterprise application services that the University's Information Technology Services organization administers. These include, but are not limited to:

Hardware:

• Servers (both physical and virtual)
• Network equipment (routers, switches, firewalls, wireless access points)
• Desktop computers and laptops
• Printers and scanners
• Mobile devices (smartphones, tablets)
• Audio-visual equipment
• Data storage devices
• Specialty equipment for research and education

Software:

• Operating systems
• Database systems
• Office productivity suites
• Email and collaboration tools
• Security software (antivirus, antimalware, intrusion detection systems)
• Specialized academic and administrative software

IT Infrastructure:

• Data centers
• Network infrastructure (LAN, WLAN, WAN)
• Cloud services (IaaS, PaaS, SaaS)
• Backup and recovery systems
• Security infrastructure
• Telecommunications infrastructure

Enterprise Application Services:

• Learning Management System (LMS)
• Student Information System (SIS)
• Financial and HR systems
• Service Management Systems
• Physical Security Systems
• Communication and Collaboration Suites (Microsoft 365)
• Mobile and Web Applications
• Auxiliary Systems
• Business intelligence infrastructure and reporting tools

The Change Management service is primarily intended for internal use by the University's Information Technology Services organization and other associated staff responsible for managing and maintaining the University's IT systems. However, its effects and certain facets of its implementation influence a broad range of the university community.

• IT Staff: All staff members of the University's Information Technology Services organization involved in managing and maintaining the IT infrastructure, hardware, software, and enterprise application services are primary users of this service.
• Non-IT Staff: Staff members from non-IT departments who are responsible for or involved in IT-related functions, such as administrative staff managing department-specific applications or systems, can also utilize this service.
• Faculty: Faculty members may also use this service when proposing changes or requesting modifications to specific software or hardware related to their academic and research work.
• Students: Students generally are not direct users of this service. However, they may indirectly use this service when they provide feedback or requests that might prompt changes to the IT services they utilize.
• Contractors and Third-party Vendors: Contractors and vendors who provide IT services to the University may also need to adhere to the Change Management procedures when implementing changes to systems under their purview.

The primary goal of the Change Management service is to ensure that beneficial changes to the IT infrastructure and enterprise applications are made with minimal disruption to services. This is achieved by applying a structured and systematic approach to change, which includes identifying, evaluating, approving, implementing, and reviewing changes.

• Change Advisory: Advice on change proposals, assessing risks, impacts, and potential benefits. This service assists in the decision-making process for the implementation of changes.
• Change Planning and Coordination: Assist in planning, scheduling, and coordinating all change implementation activities. This ensures all changes are implemented effectively and efficiently, following the standardized procedures.
• Change Implementation: Provide technical support for the effective execution of all approved changes. This includes system upgrades, software deployments, hardware replacement, and other IT infrastructure modifications.
• Change Evaluation: Post-implementation reviews to evaluate the success of changes. This involves assessing the impact and effectiveness of changes.
• Change Documentation: Ensure all changes are documented properly. Documentation includes details of the change, risk analysis, approval, implementation plan, and post-implementation review.
• Emergency Change Management: Offer quick and effective management of emergency changes, ensuring they are implemented in a controlled manner, despite the urgent requirement.
• Change Communication: Keep stakeholders informed about the changes, including why changes are being made, what the change involves, who will be affected, and how they will be affected.

In order to request the Change Management service, the following prerequisites must be met:

• Affiliation: The requester must be a current staff member, faculty member, or an authorized contractor/vendor associated with the University. For students, requests would typically be channeled through an appropriate staff or faculty member.
• Justification: A valid and sound business or academic justification for the change must be provided. This includes details about the expected benefits, and how it supports the University's strategic goals or operational needs.
• Impact Analysis: A preliminary analysis of the potential impact of the change should be provided, identifying affected systems and users, as well as an initial risk assessment.
• Approval: Depending on the scope and impact of the change, approval may need to be sought from the requester's line manager, a department head, or other designated authority within the University.
• Budget: If the change incurs costs (for hardware, software, additional resources, etc.), these costs need to be approved as part of the requester's department budget or a project budget.
• Compliance: The proposed change must comply with the University's IT policies and standards, as well as any relevant legal and regulatory requirements.
• Submission of Request: Requests for changes must be made through the official Change Management process, typically via a Change Request form submitted through the IT service management tool used by the University.

Meeting these prerequisites will ensure that the Change Management process runs smoothly, helping to minimize potential disruptions and risks associated with the implementation of changes.

• Initiate Request: The requester initiates a change request by accessing the University's IT Service Management tool, or the University services hub, then select the option to create a new Change Request.
• Complete Request Form: Fill out the Change Request form, providing all necessary details. This typically includes requester's contact information, details of the proposed change, reasons for the change, a preliminary impact and risk assessment, and any additional relevant information.
• Attach Supporting Documents: Attach any supporting documentation that might help provide additional context or information about the change. This can include technical specifications, diagrams, business case documents, and so on.
• Submit Request: Once the form has been completed, submit the request.
• Approval Process: The Change Request will then be reviewed by the appropriate parties, including the Change Advisory Board (CAB). This board consists of IT and non-IT stakeholders who assess the feasibility, risk, impact, and benefit of proposed changes.
• Follow-up: After submission, the requester can follow the status of their request through the IT Service Management tool. They may also need to attend meetings or discussions to provide additional information or clarify aspects of the proposed change.

Please note that the specifics of the Change Management process may vary based on the complexity and risk associated with the proposed change. For standard, low-risk changes, a simplified process might be in place, while major, high-risk changes may require a more thorough process. Always ensure you follow the specific procedures set out by the University's Information Technology Services organization.

Change Management Process Diagram v1.1

The timeframes for fulfilling change requests can vary significantly depending on the complexity, risk, and impact of the change. The following are some general target timeframes:

• Standard Change: These are low-risk, pre-approved changes that are relatively common. Target timeframe for implementation is typically within 1-3 business days after the request is submitted and approved.
• Normal Change: These are changes that are not classified as standard or emergency. They typically require review by the Change Advisory Board (CAB). The target timeframe for these changes, from submission to implementation, is typically between 1-4 weeks, depending on the nature of the change and the frequency of CAB meetings.
• Major Change: These are high-risk or high-impact changes that often involve significant resources or large-scale alterations to the IT environment. They require a thorough review process and possibly several rounds of approval. The target timeframe for these changes is usually 1-3 months, although it could be longer for particularly complex changes.
• Emergency Change: These are changes required to resolve an incident or problem that poses an immediate risk to the organization. These changes are expedited through the change management process, but still require post-change review. The target timeframe for these changes is typically within 24 hours of the request being submitted and approved.

Please note that these timeframes are estimates and can vary based on the complexity of the change, availability of resources, and other factors. It's also worth noting that substantial planning and testing often precede the actual implementation of a change to ensure minimal disruption to services.