SlideShare une entreprise Scribd logo

It Change Management and Business Continuity in a as-a-service world

P
Paul Monk (CBCI)

Presentation to Institute of IT Professionals New Zealand on 31 May 2018. Covers IT Change Management best practice, possible interactions and value gained by interaction between IT Change Management and Business Continuity processes.

Technologie
1  sur  27
Télécharger pour lire hors ligne
Presentation to ITP Wellington Forum Presenter: Paul Monk Performance & Quality Assurance Manager Fujitsu New Zealand IT Change Management and Business Continuity in a “as a Service” World
Introduction Paul Monk Performance and Quality Assurance Manager (NZ) Fujitsu New Zealand Paul.Monk@nz.fujitsu.com www.linkedin.com/in/paul-monk-a666352 Citrix Innovation Award for Partners Winner 2017 2 Copyright Fujitsu NZ 2018
Summary  Theory  IT Change Management best practise  Lessons from continuous improvement of Processes  When should IT Change affect BC and DR plans?  Keeping Production and DR/BC environments Synchronised  What can go wrong  Tips for DR Practitioners and Change Managers  Possible interactions between Change and BCP processes  IT Change Management function during DR  Is your IT Change Management function resilient?  Suggested Quality Measures 3 Copyright Fujitsu NZ 2018
Theory  IT Change Management (source: Wikipedia) Change Management ensures that standardised methods and procedures are used for efficient and prompt handling of all changes to control IT infrastructure, in order to minimise the number and impact of any related incidents upon service. Change Management (source: ITILv3 – Service Transition) Ensures that:  Standardised methods and procedures are used for efficient and prompt handling of all changes  All changes to service assets and configuration items are recorded in the Configuration Management System  Overall business risk is optimised. 4 Copyright Fujitsu NZ 2018
Theory  Business Continuity Planning (source: Wikipedia) Business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company. BCP is a subset of Risk Management.  IT Service Continuity Management (source: ITILv3 Service Design) The goal of ITSCM is to support the overall Business Continuity Management process by ensuring that the required IT technical and service facilities can be resumed within required, and agreed, business timescales. 5 Copyright Fujitsu NZ 2018
Theory  Disaster Recovery (source: Wikipedia) Disaster recovery (DR) involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity. 6 Copyright Fujitsu NZ 2018
IT Change Management Best Practise It is good practise to have the following KPIs for the IT Change Management process:  < 5% failed changes per month  > 20% Standard changes implemented per month  Zero unauthorised changes per month  < 4 business hours for the outcome of Changes  Zero Change window extensions requested after the Change Window ends  CAB panel that understand relevant risks from Technical and Business perspective  Formal induction of staff and third parties who participate in the Change process Source: Fujitsu NZ data and experience(2014 – 2017), supported by ISO20000 certified processes and Fujitsu Oceania quality review of data. 7 Copyright Fujitsu NZ 2018
IT Change Management Best Practise  The scope of the IT Change process must be easy to explain and enforce:  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall Test (includes System Test, Pre-Prod) Development Production (Includes Training, DR and Production Data if not anonymised)  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database 8 Copyright Fujitsu NZ 2018
IT Change Management Best Practise  As-a-Service maintenance activity can be recorded as an “Advisory Change” Contributing Infrastructure CustomerProduct ServiceVeil Engineer Underlying Infrastructure Revealed Service ! Advisory Change ! Normal Change 9 Copyright Fujitsu NZ 2018
IT Change Management Best Practise  CAB meetings need the right inputs to make robust decisions CAB Panel Implementation Plan Approved Design Change Owner Supporting Information Comms Test Exit report Design and Service Transition panel Forward Schedule 10 Copyright Fujitsu NZ 2018
IT Change Management Best Practise  Right amount of due diligence is applied to the type of ChangeChangeFailureRisk Due Diligence Standard Emergency Urgent/Expedited Non-Standard Advisory Release Management can add more value here (Workflow steps before approval ) 11 Copyright Fujitsu NZ 2018
Lessons from continuous improvement of processes  Service Management processes need to evolve to meet new customer requirements:  Communication is always key  Be curious about connected processes  Lead the Process  Shrinking to be Lean and Agile  Educate those affected  Remember the double-edged sword  Cut too much away and you are left with risk-based decisions being made by unqualified or unauthorised staff  A controlled and auditable process will work with just enough paperwork and monitoring Welcome the question Is this in scope or not? Improve throughput by 20% by running CAB twice a week instead of once a week Reduce admin by 20% by establishing correct workflow size for the Change type More Standard Changes means less deviation, lowers risk and reduces CAB agenda 12 Copyright Fujitsu NZ 2018
When should IT Change affect BC and DR plans? How does this IT Change affect BC and DR plans? Example 1 – Upgrade to SharePoint The DR plan should be tested to prove RTO is still feasible after the Change. Example 2 – Setup of DR environment for Finance team The DR plan should be tested to prove connectivity during DR from the secondary location. 13 Copyright Fujitsu NZ 2018
Keeping Production and DR/BC synchronised How should we keep Production and DR/BC environments synchronised? Simple:  Configuration Management process to put environments into the CMDB as a service.  Maintain a Technical Service Catalogue that includes environment as an attribute.  Update the IT Change Management process to include:  Impact Assessment that confirms environments in scope  Architecture team added as quorum member to CAB panel  Implementation plan has validation steps that check both Prod and DR/BC environments  Maintain supporting documentation (Recovery plans, DR plans) Complemented with:  Investment in automation that reports differences between Environments. 14 Copyright Fujitsu NZ 2018
What can go wrong The consequence of lack of due diligence in our topic are many. Here are some examples:  Production and DR at same site. WAN risk.  Recovery Plan not updated by Project. Not in scope.  IT Change Management not considering BCP update as relevant.  DR site firewall rules not updated Production upgrade. 3 week delay.  Using USB sticks to build PCs at BC site. Delay risk.  DR site not kept up to date. BCP will fail if tested. 15 Copyright Fujitsu NZ 2018
Tips for DR Practitioners Some suggestions to start the conversation with your IT Change Manager:  How much do you as Change Manager know about our BCP?  What interaction exists between IT Change Management and BCP processes? The common ground between IT Change Management and BCP/DR is:  The need to capture and record the current production state  BC/DR plans have similar information elements as an IT Change Implementation Plan. Small steps to improve are always easier. Start small.  16 Copyright Fujitsu NZ 2018
Tips for IT Change Managers Some suggestions to start the conversation with your BC co-ordinator: Where to start? 1. Read your Organisation’s BC, IT Service Continuity and DR Plans 2. Ask for an invite to the next BC planning meeting to observe. 3. Decide what interaction IT Change should have with the BC process 4. Confirm the data needed to support these interactions) 17 Copyright Fujitsu NZ 2018
Possible interaction between Change and BCP processes Risk Management Business Continuity Planning (with ITSCM) DR IT Change Management Requests IT Change to mitigate risks Trigger update to BIA and BCP Update DR technical environment to align with Production BIA DR test BCP test Change record Notify through IT Change Process? Triggers updates to risk records (incl. new) Add to IT Change schedule as information only Yes Proactive Activities BCP 18 Copyright Fujitsu NZ 2018
Possible interaction between Change and BCP processes Reactive Activities 19 Copyright Fujitsu NZ 2018 Risk Management Business Continuity Planning (with ITSCM) IT Incident Management Incident record Activate BC/DR Plan after attempts to restore service through: • Technical escalation to L2 and L3 support • IT Change confirmed as cause • IT Change Rollback attemptedChange record Caused Incident Change record Technical steps Post DR to resolve residual issues DR Plan BC Plan
IT Change Management function during DR IT Change Management usually takes a backseat during DR. The value of including an experienced IT Change Manager in the BCP is:  Process experience  Key contacts they can draw from to get BCP activity done that was unforeseen  Awareness of current Production state through observation.  Holistic awareness about the IT environment and related processes. Use that to your advantage! 20 Copyright Fujitsu NZ 2018
Is your IT Change Management function resilient?  What is your BC / ITSCM plan if your IT Change Management tool is down?  What happens when the IT Change Manager is on Annual Leave?  Do you have a succession plan for your IT Change Manager?  Are all your daily, weekly, monthly procedures documented? 21 Copyright Fujitsu NZ 2018
Quality Measure Checklist If you answer “Yes” to the below questions this means your IT Change Management process is adding value to your organisations BCP:  Is the BCP/DR infrastructure treated as in scope for the IT Change process?  Does your IT Change Management impact assessment check if:  BC/DR Plans need to be updated?  BCP/DR infrastructure need to be updated to align with Change to Production environment?  Does the BCP/DR co-ordinator attending your CAB meeting?  Does your template for Architecture Design cover a BCP/DR environment section?  Does your Technical Service Catalogue and CMDB recognise infrastructure for BCP/DR? 22 Copyright Fujitsu NZ 2018
Quality Measure Checklist Organisations can reduce some BCP and DR costs by building up resilience and monitoring capacity growth using current technology: Are your servers all now virtual and highly available? Capacity monitored and proactive IT Change raised to ensure head-room? Have you virtualised your databases? Are your virtual servers and/or storage managed with built-in DR solution? Is your data secured by a vendor with their Data Centre ISO Standard certified ISO Standard Reference Description ISO27001 Security Management System ISO9001 Quality Management System ISO20000 Service Management System 23 Copyright Fujitsu NZ 2018
Conclusion IT Change Management is important to BCP and DR processes. Other effective Service Management processes/disciplines needed to support IT Change Management and BC/DR processes. Refer to ITIL v3 books for further details. Start the discussion between IT Change Management and BCP process owners at your organisation and I am confident you will find it very useful. Ref: https://www.axelos.com/best-practice-solutions/itil/what-is-itil 24 Copyright Fujitsu NZ 2018
Questions 25 Copyright Fujitsu NZ 2018
26 Copyright Fujitsu NZ 2018
Document Control Attribute Value Document Name The importance of IT Change Management to DR and BCP process Confidentiality Uncontrolled Document Status Final Version Number 1.7 Summary This presentation is for Government Sector IT DR Forum presentation Author Monk, Paul Owner Monk, Paul Version Date 30/5/2018 Date of Next Review N/A Target Audience Participants of GSITDR Forum Distribution As required. Internal Repository M:Improvements2018Change Management presentation to GSITDR forum Customer Repository N/A Version Date Name Comments 0.1 12/2/2018 Paul Monk Initial Draft 0.2 9/3/2018 Paul Monk After input from GSITDR stakeholders. 0.3 12/3/2018 Paul Monk Rearranged sequence of animation on slide 12. 0.4 14/3/2018 Paul Monk Updated slide 19 on suggestion from Steve M. Updated theme and added footer. 0.5 28/3/2018 Paul Monk After feedback from Fujitsu Oceania BCP Co-ordinator 0.6 4/4/2018 Paul Monk After feedback from Fujitsu NZ Change Management team leader. 1.0 11/4/2018 Paul Monk After review feedback from GSITDR forum representatives. 1.1 11/4/2018 Paul Monk Removed video and slide related to Stats NZ story at request by Katie. 1.2 12/4/2018 Paul Monk After input from Fujitsu architect. 1.3 16/4/2018 Paul Monk After input from Fujitsu internal presentation 1.4 18/4/2018 Paul Monk After input from Pradeep Navalker 1.5 3/5/2018 Paul Monk Added image credit for TaiChi Sword image, slide#12. 1.6 16/5/2018 Paul Monk Updated for ITP audience. 1.7 30/5/2018 Paul Monk After review from rehearsal and feedback from GSITDR forum session. Document Control Table Change History 27 Copyright Fujitsu NZ 2018

Recommandé

Digital transformation requires better organisational structures
Digital transformation requires better organisational structuresDigital transformation requires better organisational structures
Digital transformation requires better organisational structures
Lee Bryant
 
Digital Operating Model & IT4IT
Digital Operating Model & IT4ITDigital Operating Model & IT4IT
Digital Operating Model & IT4IT
David Favelle
 
June2007 Implementing Itil Problem Mgmt
June2007 Implementing Itil Problem MgmtJune2007 Implementing Itil Problem Mgmt
June2007 Implementing Itil Problem Mgmt
IT Service and Support
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1
Mohamed Zakarya Abdelgawad
 
Introducing The Open Group IT4IT™ Standard
Introducing The Open Group IT4IT™ StandardIntroducing The Open Group IT4IT™ Standard
Introducing The Open Group IT4IT™ Standard
Enterprise Architects
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
Christian F. Nissen
 
Incident and Problem management simplified
Incident and Problem management simplifiedIncident and Problem management simplified
Incident and Problem management simplified
Valentyn Barmak
 
Digital Transformation
Digital TransformationDigital Transformation
Digital Transformation
Vishal Sharma
 

Recommandé

Digital transformation requires better organisational structures
Digital transformation requires better organisational structuresDigital transformation requires better organisational structures
Digital transformation requires better organisational structures
Lee Bryant
 
Digital Operating Model & IT4IT
Digital Operating Model & IT4ITDigital Operating Model & IT4IT
Digital Operating Model & IT4IT
David Favelle
 
June2007 Implementing Itil Problem Mgmt
June2007 Implementing Itil Problem MgmtJune2007 Implementing Itil Problem Mgmt
June2007 Implementing Itil Problem Mgmt
IT Service and Support
 
IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1IT4IT - The Full Story for Digital Transformation - Part 1
IT4IT - The Full Story for Digital Transformation - Part 1
Mohamed Zakarya Abdelgawad
 
Introducing The Open Group IT4IT™ Standard
Introducing The Open Group IT4IT™ StandardIntroducing The Open Group IT4IT™ Standard
Introducing The Open Group IT4IT™ Standard
Enterprise Architects
 
Introduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT managementIntroduction to COBIT 5 and IT management
Introduction to COBIT 5 and IT management
Christian F. Nissen
 
Incident and Problem management simplified
Incident and Problem management simplifiedIncident and Problem management simplified
Incident and Problem management simplified
Valentyn Barmak
 
Digital Transformation
Digital TransformationDigital Transformation
Digital Transformation
Vishal Sharma
 
An Introduction into the design of business using business architecture
An Introduction into the design of business using business architectureAn Introduction into the design of business using business architecture
An Introduction into the design of business using business architecture
Craig Martin
 
Comarch ICT Service Desk - infographic
Comarch ICT Service Desk - infographicComarch ICT Service Desk - infographic
Comarch ICT Service Desk - infographic
Comarch_Services
 
Architecting Next Generatio IT Operating Models Using IT4IT and SFIA
Architecting Next Generatio IT Operating Models Using IT4IT and SFIAArchitecting Next Generatio IT Operating Models Using IT4IT and SFIA
Architecting Next Generatio IT Operating Models Using IT4IT and SFIA
Sukumar Daniel
 
The IT Service Definition Journey
The IT Service Definition JourneyThe IT Service Definition Journey
The IT Service Definition Journey
Pete Hidalgo
 
IT frameworks
IT frameworksIT frameworks
IT frameworks
cyouss
 
Design Architecture Review Board (ARB) to Enable Digital Strategy
Design Architecture Review Board (ARB) to Enable Digital Strategy Design Architecture Review Board (ARB) to Enable Digital Strategy
Design Architecture Review Board (ARB) to Enable Digital Strategy
Mohan K.
 
IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)
Charles Betz
 
IT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelledIT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelled
Tony Price
 
ITIL and DevOps can be friends
ITIL and DevOps can be friendsITIL and DevOps can be friends
ITIL and DevOps can be friends
Jan-Joost Bouwman
 
ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence
Freshservice
 
ITSM Toolset Selection
ITSM Toolset SelectionITSM Toolset Selection
ITSM Toolset Selection
rajanam
 
IT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfIT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdf
itSMF Belgium
 
BUSINESS ARCHITECTURE OVERVIEW
BUSINESS ARCHITECTURE OVERVIEWBUSINESS ARCHITECTURE OVERVIEW
BUSINESS ARCHITECTURE OVERVIEW
KenMartin18
 
Change Management - ITIL
Change Management - ITILChange Management - ITIL
Change Management - ITIL
connorsmaureen
 
Enterprise Architecture - TOGAF Overview
Enterprise Architecture - TOGAF OverviewEnterprise Architecture - TOGAF Overview
Enterprise Architecture - TOGAF Overview
Mohamed Sami El-Tahawy
 
ITSM(IT Service Management)
ITSM(IT Service Management)ITSM(IT Service Management)
ITSM(IT Service Management)
Atlassian 대한민국
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM System
Ana Meskovska
 
CMDB Building Blocks
CMDB Building BlocksCMDB Building Blocks
CMDB Building Blocks
Joshua Schuller
 
ServiceNow Overview
ServiceNow OverviewServiceNow Overview
ServiceNow Overview
Jeremy Smith
 
Looking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher EducationLooking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher Education
Enterprise Architects
 
The importance of IT Change Management to the DR and BCP process
The importance of IT Change Management to the DR and BCP processThe importance of IT Change Management to the DR and BCP process
The importance of IT Change Management to the DR and BCP process
Paul Monk (CBCI)
 
Application Value Assessment
Application Value AssessmentApplication Value Assessment
Application Value Assessment
Gerry Appeltants
 

Contenu connexe

Tendances

IT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelledIT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelled
Tony Price
 
Looking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher EducationLooking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher Education
Enterprise Architects
 

Tendances (20)

An Introduction into the design of business using business architecture
An Introduction into the design of business using business architectureAn Introduction into the design of business using business architecture
An Introduction into the design of business using business architecture
 
Comarch ICT Service Desk - infographic
Comarch ICT Service Desk - infographicComarch ICT Service Desk - infographic
Comarch ICT Service Desk - infographic
 
Architecting Next Generatio IT Operating Models Using IT4IT and SFIA
Architecting Next Generatio IT Operating Models Using IT4IT and SFIAArchitecting Next Generatio IT Operating Models Using IT4IT and SFIA
Architecting Next Generatio IT Operating Models Using IT4IT and SFIA
 
The IT Service Definition Journey
The IT Service Definition JourneyThe IT Service Definition Journey
The IT Service Definition Journey
 
IT frameworks
IT frameworksIT frameworks
IT frameworks
 
Design Architecture Review Board (ARB) to Enable Digital Strategy
Design Architecture Review Board (ARB) to Enable Digital Strategy Design Architecture Review Board (ARB) to Enable Digital Strategy
Design Architecture Review Board (ARB) to Enable Digital Strategy
 
IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)IT4IT Overview (A new standard for IT management)
IT4IT Overview (A new standard for IT management)
 
IT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelledIT4IT real life examples & myths and rumors dispelled
IT4IT real life examples & myths and rumors dispelled
 
ITIL and DevOps can be friends
ITIL and DevOps can be friendsITIL and DevOps can be friends
ITIL and DevOps can be friends
 
ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence ITIL Change Management - Plan and deploy changes with confidence
ITIL Change Management - Plan and deploy changes with confidence
 
ITSM Toolset Selection
ITSM Toolset SelectionITSM Toolset Selection
ITSM Toolset Selection
 
IT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdfIT4IT - Manage the Digital Enterprise.pdf
IT4IT - Manage the Digital Enterprise.pdf
 
BUSINESS ARCHITECTURE OVERVIEW
BUSINESS ARCHITECTURE OVERVIEWBUSINESS ARCHITECTURE OVERVIEW
BUSINESS ARCHITECTURE OVERVIEW
 
Change Management - ITIL
Change Management - ITILChange Management - ITIL
Change Management - ITIL
 
Enterprise Architecture - TOGAF Overview
Enterprise Architecture - TOGAF OverviewEnterprise Architecture - TOGAF Overview
Enterprise Architecture - TOGAF Overview
 
ITSM(IT Service Management)
ITSM(IT Service Management)ITSM(IT Service Management)
ITSM(IT Service Management)
 
How to implement effective ITSM System
How to implement effective ITSM SystemHow to implement effective ITSM System
How to implement effective ITSM System
 
CMDB Building Blocks
CMDB Building BlocksCMDB Building Blocks
CMDB Building Blocks
 
ServiceNow Overview
ServiceNow OverviewServiceNow Overview
ServiceNow Overview
 
Looking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher EducationLooking for Disruptive Business Models in Higher Education
Looking for Disruptive Business Models in Higher Education
 

Similaire à It Change Management and Business Continuity in a as-a-service world

How to select the best business continuity strategy and solution?
How to select the best business continuity strategy and solution?How to select the best business continuity strategy and solution?
How to select the best business continuity strategy and solution?
PECB
 
WS2_FINAL_MITOS_T03_v20151102
WS2_FINAL_MITOS_T03_v20151102WS2_FINAL_MITOS_T03_v20151102
WS2_FINAL_MITOS_T03_v20151102
Arun Sankar
 
Roland berger managing-the-it-cost-challenge_20090522
Roland berger managing-the-it-cost-challenge_20090522Roland berger managing-the-it-cost-challenge_20090522
Roland berger managing-the-it-cost-challenge_20090522
Karthik Arumugham
 
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
ijait
 
Epco itsm transformation_roadmap_v5_draft_063008
Epco itsm transformation_roadmap_v5_draft_063008Epco itsm transformation_roadmap_v5_draft_063008
Epco itsm transformation_roadmap_v5_draft_063008
Accenture
 
Business Drivers For It Simplification PowerPoint Presentation Slides
Business Drivers For It Simplification PowerPoint Presentation SlidesBusiness Drivers For It Simplification PowerPoint Presentation Slides
Business Drivers For It Simplification PowerPoint Presentation Slides
SlideTeam
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change Management
Info-Tech Research Group
 
IT PMO Charter (Linkedin)
IT PMO Charter (Linkedin)IT PMO Charter (Linkedin)
IT PMO Charter (Linkedin)
jimmcdonaldpmp
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
Emmacuet
 

Similaire à It Change Management and Business Continuity in a as-a-service world (20)

The importance of IT Change Management to the DR and BCP process
The importance of IT Change Management to the DR and BCP processThe importance of IT Change Management to the DR and BCP process
The importance of IT Change Management to the DR and BCP process
 
Application Value Assessment
Application Value AssessmentApplication Value Assessment
Application Value Assessment
 
Co Dig Gov Perf Mgmt 08
Co Dig Gov Perf Mgmt 08Co Dig Gov Perf Mgmt 08
Co Dig Gov Perf Mgmt 08
 
Overview carbonaccountingprotocol v1
Overview carbonaccountingprotocol v1Overview carbonaccountingprotocol v1
Overview carbonaccountingprotocol v1
 
How to select the best business continuity strategy and solution?
How to select the best business continuity strategy and solution?How to select the best business continuity strategy and solution?
How to select the best business continuity strategy and solution?
 
Business Continuity Awareness Week 2009
Business Continuity Awareness Week 2009Business Continuity Awareness Week 2009
Business Continuity Awareness Week 2009
 
WS2_FINAL_MITOS_T03_v20151102
WS2_FINAL_MITOS_T03_v20151102WS2_FINAL_MITOS_T03_v20151102
WS2_FINAL_MITOS_T03_v20151102
 
Roland berger managing-the-it-cost-challenge_20090522
Roland berger managing-the-it-cost-challenge_20090522Roland berger managing-the-it-cost-challenge_20090522
Roland berger managing-the-it-cost-challenge_20090522
 
Integrated IT Service Management: From Strategy to Implementing to User Adoption
Integrated IT Service Management: From Strategy to Implementing to User AdoptionIntegrated IT Service Management: From Strategy to Implementing to User Adoption
Integrated IT Service Management: From Strategy to Implementing to User Adoption
 
Iscope Digital : Integrated IT Service Management
Iscope Digital : Integrated IT Service ManagementIscope Digital : Integrated IT Service Management
Iscope Digital : Integrated IT Service Management
 
Strategies For IT Simplification PowerPoint Presentation Slides
Strategies For IT Simplification PowerPoint Presentation Slides Strategies For IT Simplification PowerPoint Presentation Slides
Strategies For IT Simplification PowerPoint Presentation Slides
 
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...
 
Business Case4 Process Improvement
Business Case4 Process ImprovementBusiness Case4 Process Improvement
Business Case4 Process Improvement
 
Epco itsm transformation_roadmap_v5_draft_063008
Epco itsm transformation_roadmap_v5_draft_063008Epco itsm transformation_roadmap_v5_draft_063008
Epco itsm transformation_roadmap_v5_draft_063008
 
Business Drivers For It Simplification PowerPoint Presentation Slides
Business Drivers For It Simplification PowerPoint Presentation SlidesBusiness Drivers For It Simplification PowerPoint Presentation Slides
Business Drivers For It Simplification PowerPoint Presentation Slides
 
Optimize Change Management
Optimize Change ManagementOptimize Change Management
Optimize Change Management
 
BPM Implementation (downloadable)
BPM Implementation (downloadable)BPM Implementation (downloadable)
BPM Implementation (downloadable)
 
Gauge your speed
Gauge your speedGauge your speed
Gauge your speed
 
IT PMO Charter (Linkedin)
IT PMO Charter (Linkedin)IT PMO Charter (Linkedin)
IT PMO Charter (Linkedin)
 
COBIT® Presentation Package.ppt
COBIT® Presentation Package.pptCOBIT® Presentation Package.ppt
COBIT® Presentation Package.ppt
 

Dernier

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
UiPathCommunity
 

Dernier (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 

It Change Management and Business Continuity in a as-a-service world

  • 1. Presentation to ITP Wellington Forum Presenter: Paul Monk Performance & Quality Assurance Manager Fujitsu New Zealand IT Change Management and Business Continuity in a “as a Service” World
  • 2. Introduction Paul Monk Performance and Quality Assurance Manager (NZ) Fujitsu New Zealand Paul.Monk@nz.fujitsu.com www.linkedin.com/in/paul-monk-a666352 Citrix Innovation Award for Partners Winner 2017 2 Copyright Fujitsu NZ 2018
  • 3. Summary  Theory  IT Change Management best practise  Lessons from continuous improvement of Processes  When should IT Change affect BC and DR plans?  Keeping Production and DR/BC environments Synchronised  What can go wrong  Tips for DR Practitioners and Change Managers  Possible interactions between Change and BCP processes  IT Change Management function during DR  Is your IT Change Management function resilient?  Suggested Quality Measures 3 Copyright Fujitsu NZ 2018
  • 4. Theory  IT Change Management (source: Wikipedia) Change Management ensures that standardised methods and procedures are used for efficient and prompt handling of all changes to control IT infrastructure, in order to minimise the number and impact of any related incidents upon service. Change Management (source: ITILv3 – Service Transition) Ensures that:  Standardised methods and procedures are used for efficient and prompt handling of all changes  All changes to service assets and configuration items are recorded in the Configuration Management System  Overall business risk is optimised. 4 Copyright Fujitsu NZ 2018
  • 5. Theory  Business Continuity Planning (source: Wikipedia) Business continuity planning is the process of creating systems of prevention and recovery to deal with potential threats to a company. BCP is a subset of Risk Management.  IT Service Continuity Management (source: ITILv3 Service Design) The goal of ITSCM is to support the overall Business Continuity Management process by ensuring that the required IT technical and service facilities can be resumed within required, and agreed, business timescales. 5 Copyright Fujitsu NZ 2018
  • 6. Theory  Disaster Recovery (source: Wikipedia) Disaster recovery (DR) involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery is therefore a subset of business continuity. 6 Copyright Fujitsu NZ 2018
  • 7. IT Change Management Best Practise It is good practise to have the following KPIs for the IT Change Management process:  < 5% failed changes per month  > 20% Standard changes implemented per month  Zero unauthorised changes per month  < 4 business hours for the outcome of Changes  Zero Change window extensions requested after the Change Window ends  CAB panel that understand relevant risks from Technical and Business perspective  Formal induction of staff and third parties who participate in the Change process Source: Fujitsu NZ data and experience(2014 – 2017), supported by ISO20000 certified processes and Fujitsu Oceania quality review of data. 7 Copyright Fujitsu NZ 2018
  • 8. IT Change Management Best Practise  The scope of the IT Change process must be easy to explain and enforce:  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall Test (includes System Test, Pre-Prod) Development Production (Includes Training, DR and Production Data if not anonymised)  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall  O/S  VM Guest or OVM  Server Hardware  SAN  Chassis  Switch  Network  Firewall  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database  Desktop Environment  Application client side  Application server side  Middleware/Web Server  Database 8 Copyright Fujitsu NZ 2018
  • 9. IT Change Management Best Practise  As-a-Service maintenance activity can be recorded as an “Advisory Change” Contributing Infrastructure CustomerProduct ServiceVeil Engineer Underlying Infrastructure Revealed Service ! Advisory Change ! Normal Change 9 Copyright Fujitsu NZ 2018
  • 10. IT Change Management Best Practise  CAB meetings need the right inputs to make robust decisions CAB Panel Implementation Plan Approved Design Change Owner Supporting Information Comms Test Exit report Design and Service Transition panel Forward Schedule 10 Copyright Fujitsu NZ 2018
  • 11. IT Change Management Best Practise  Right amount of due diligence is applied to the type of ChangeChangeFailureRisk Due Diligence Standard Emergency Urgent/Expedited Non-Standard Advisory Release Management can add more value here (Workflow steps before approval ) 11 Copyright Fujitsu NZ 2018
  • 12. Lessons from continuous improvement of processes  Service Management processes need to evolve to meet new customer requirements:  Communication is always key  Be curious about connected processes  Lead the Process  Shrinking to be Lean and Agile  Educate those affected  Remember the double-edged sword  Cut too much away and you are left with risk-based decisions being made by unqualified or unauthorised staff  A controlled and auditable process will work with just enough paperwork and monitoring Welcome the question Is this in scope or not? Improve throughput by 20% by running CAB twice a week instead of once a week Reduce admin by 20% by establishing correct workflow size for the Change type More Standard Changes means less deviation, lowers risk and reduces CAB agenda 12 Copyright Fujitsu NZ 2018
  • 13. When should IT Change affect BC and DR plans? How does this IT Change affect BC and DR plans? Example 1 – Upgrade to SharePoint The DR plan should be tested to prove RTO is still feasible after the Change. Example 2 – Setup of DR environment for Finance team The DR plan should be tested to prove connectivity during DR from the secondary location. 13 Copyright Fujitsu NZ 2018
  • 14. Keeping Production and DR/BC synchronised How should we keep Production and DR/BC environments synchronised? Simple:  Configuration Management process to put environments into the CMDB as a service.  Maintain a Technical Service Catalogue that includes environment as an attribute.  Update the IT Change Management process to include:  Impact Assessment that confirms environments in scope  Architecture team added as quorum member to CAB panel  Implementation plan has validation steps that check both Prod and DR/BC environments  Maintain supporting documentation (Recovery plans, DR plans) Complemented with:  Investment in automation that reports differences between Environments. 14 Copyright Fujitsu NZ 2018
  • 15. What can go wrong The consequence of lack of due diligence in our topic are many. Here are some examples:  Production and DR at same site. WAN risk.  Recovery Plan not updated by Project. Not in scope.  IT Change Management not considering BCP update as relevant.  DR site firewall rules not updated Production upgrade. 3 week delay.  Using USB sticks to build PCs at BC site. Delay risk.  DR site not kept up to date. BCP will fail if tested. 15 Copyright Fujitsu NZ 2018
  • 16. Tips for DR Practitioners Some suggestions to start the conversation with your IT Change Manager:  How much do you as Change Manager know about our BCP?  What interaction exists between IT Change Management and BCP processes? The common ground between IT Change Management and BCP/DR is:  The need to capture and record the current production state  BC/DR plans have similar information elements as an IT Change Implementation Plan. Small steps to improve are always easier. Start small.  16 Copyright Fujitsu NZ 2018
  • 17. Tips for IT Change Managers Some suggestions to start the conversation with your BC co-ordinator: Where to start? 1. Read your Organisation’s BC, IT Service Continuity and DR Plans 2. Ask for an invite to the next BC planning meeting to observe. 3. Decide what interaction IT Change should have with the BC process 4. Confirm the data needed to support these interactions) 17 Copyright Fujitsu NZ 2018
  • 18. Possible interaction between Change and BCP processes Risk Management Business Continuity Planning (with ITSCM) DR IT Change Management Requests IT Change to mitigate risks Trigger update to BIA and BCP Update DR technical environment to align with Production BIA DR test BCP test Change record Notify through IT Change Process? Triggers updates to risk records (incl. new) Add to IT Change schedule as information only Yes Proactive Activities BCP 18 Copyright Fujitsu NZ 2018
  • 19. Possible interaction between Change and BCP processes Reactive Activities 19 Copyright Fujitsu NZ 2018 Risk Management Business Continuity Planning (with ITSCM) IT Incident Management Incident record Activate BC/DR Plan after attempts to restore service through: • Technical escalation to L2 and L3 support • IT Change confirmed as cause • IT Change Rollback attemptedChange record Caused Incident Change record Technical steps Post DR to resolve residual issues DR Plan BC Plan
  • 20. IT Change Management function during DR IT Change Management usually takes a backseat during DR. The value of including an experienced IT Change Manager in the BCP is:  Process experience  Key contacts they can draw from to get BCP activity done that was unforeseen  Awareness of current Production state through observation.  Holistic awareness about the IT environment and related processes. Use that to your advantage! 20 Copyright Fujitsu NZ 2018
  • 21. Is your IT Change Management function resilient?  What is your BC / ITSCM plan if your IT Change Management tool is down?  What happens when the IT Change Manager is on Annual Leave?  Do you have a succession plan for your IT Change Manager?  Are all your daily, weekly, monthly procedures documented? 21 Copyright Fujitsu NZ 2018
  • 22. Quality Measure Checklist If you answer “Yes” to the below questions this means your IT Change Management process is adding value to your organisations BCP:  Is the BCP/DR infrastructure treated as in scope for the IT Change process?  Does your IT Change Management impact assessment check if:  BC/DR Plans need to be updated?  BCP/DR infrastructure need to be updated to align with Change to Production environment?  Does the BCP/DR co-ordinator attending your CAB meeting?  Does your template for Architecture Design cover a BCP/DR environment section?  Does your Technical Service Catalogue and CMDB recognise infrastructure for BCP/DR? 22 Copyright Fujitsu NZ 2018
  • 23. Quality Measure Checklist Organisations can reduce some BCP and DR costs by building up resilience and monitoring capacity growth using current technology: Are your servers all now virtual and highly available? Capacity monitored and proactive IT Change raised to ensure head-room? Have you virtualised your databases? Are your virtual servers and/or storage managed with built-in DR solution? Is your data secured by a vendor with their Data Centre ISO Standard certified ISO Standard Reference Description ISO27001 Security Management System ISO9001 Quality Management System ISO20000 Service Management System 23 Copyright Fujitsu NZ 2018
  • 24. Conclusion IT Change Management is important to BCP and DR processes. Other effective Service Management processes/disciplines needed to support IT Change Management and BC/DR processes. Refer to ITIL v3 books for further details. Start the discussion between IT Change Management and BCP process owners at your organisation and I am confident you will find it very useful. Ref: https://www.axelos.com/best-practice-solutions/itil/what-is-itil 24 Copyright Fujitsu NZ 2018
  • 27. Document Control Attribute Value Document Name The importance of IT Change Management to DR and BCP process Confidentiality Uncontrolled Document Status Final Version Number 1.7 Summary This presentation is for Government Sector IT DR Forum presentation Author Monk, Paul Owner Monk, Paul Version Date 30/5/2018 Date of Next Review N/A Target Audience Participants of GSITDR Forum Distribution As required. Internal Repository M:Improvements2018Change Management presentation to GSITDR forum Customer Repository N/A Version Date Name Comments 0.1 12/2/2018 Paul Monk Initial Draft 0.2 9/3/2018 Paul Monk After input from GSITDR stakeholders. 0.3 12/3/2018 Paul Monk Rearranged sequence of animation on slide 12. 0.4 14/3/2018 Paul Monk Updated slide 19 on suggestion from Steve M. Updated theme and added footer. 0.5 28/3/2018 Paul Monk After feedback from Fujitsu Oceania BCP Co-ordinator 0.6 4/4/2018 Paul Monk After feedback from Fujitsu NZ Change Management team leader. 1.0 11/4/2018 Paul Monk After review feedback from GSITDR forum representatives. 1.1 11/4/2018 Paul Monk Removed video and slide related to Stats NZ story at request by Katie. 1.2 12/4/2018 Paul Monk After input from Fujitsu architect. 1.3 16/4/2018 Paul Monk After input from Fujitsu internal presentation 1.4 18/4/2018 Paul Monk After input from Pradeep Navalker 1.5 3/5/2018 Paul Monk Added image credit for TaiChi Sword image, slide#12. 1.6 16/5/2018 Paul Monk Updated for ITP audience. 1.7 30/5/2018 Paul Monk After review from rehearsal and feedback from GSITDR forum session. Document Control Table Change History 27 Copyright Fujitsu NZ 2018