Do your change advisory board (CAB) meetings go on endlessly? Do you debate each change as if it was the first time anyone had seen it? Do those changes sometimes contain language that no-one understands, even the change proposer? If you’ve answered “yes” to any of these questions then well done, you’re just like many other organizations doing change management.
These are some, but not all of, the common issues organizations suffer when they grow in size without changing their change management processes. However, help is at hand with some ideas on how you can improve and ultimately help your business succeed.
1. Require change approvers to adequately review changes before approving
In order to ensure changes aren’t being put through without due care many organizations make senior managers or even CIOs approvers on changes. However, these people are often “time poor” and, as such, blindly approve changes that they know they need without due consideration. Even worse, when the practice comes to light during an audit, I’ve seen some senior managers pull up the change creators for the error rather than taking responsibility for their own part in the situation.
An impactful way to start fixing this issue with your change process is to pull up approvers (however senior) on their mistakes. When issues are highlighted at this level it’s amazing the amount of support you’ll get to fix things. No senior IT manager wants to be responsible for a minor (or even major) non-conformance point during an audit, so use this “stick” to build momentum for your change management improvements. Even better, once change approvers are focused on change details, the change management process owner is no longer alone trying to audit the sea of changes that are needed to run a modern business.
2. Ensure change approvers are clear on what their role is
Now that you’ve wielded a stick, you can get out the carrot. Unless all of your change approvers have been heavily involved in drafting and creating your change process it’s possible that they’ll have questions and misconceptions about exactly what their role is. In order to overcome this, it’s necessary to educate them in some way. The method will depend entirely upon the resources that you have available and the complexity (or otherwise) of what you’re doing. This may simply be documentation explaining the role of a change approver with some FAQs, or it can be a half-day or even a full day’s training. It’s up to you how you implement this, but you cannot rebuke approvers for failing to adequately review changes prior to approval without explaining what they actually need to do.
Once you’ve put this in place you need to think about how you deliver this to new hires, as well as to anyone transferring roles or explaining process updates. A key part of IT service management (ITSM) is continual service improvement (CSI) and change management is no exception to this. Therefore, thinking about how to keep this understanding up-to-date and relevant for change approvers is fundamental.
3. Engage with change approvers early in the process
Now that you have your momentum to improve your change process you need to maintain it. One of the key ways of doing this is to get change requesters to engage with change approvers early in the process. If you’re using Agile or DevOps principles for driving change, you’ll already be engaging with the business to ensure that what you deliver is of value. It isn’t a giant leap to ensure that when an approver is different to those you already work with; you engage them too. By doing this you’re encouraging employees to use the CAB for its actual purpose, which is to schedule changes effectively and avoid potential conflicts. The change advisory board isn’t called the change approval board for a reason – that’s not what it’s for!
4. Create standard changes
How often do you review the same changes and no one objects? When this happens you have to recognize the need to create and automate standard changes. Standard changes are those changes to services or infrastructure that are pre-authorized, i.e. the approval is automatically granted. However, in order to qualify a change for this you have to remember and review the following:
- Has it met your accepted and agreed process for creating a standard change?
- Is the change repeatable?
- Is it low risk?
- Are the activities well known and adequately documented?
A word of warning though – it’s possible that your organization might want to include changes other than those that are low risk, but this should be properly considered beforehand. By introducing a change without manual approval you’re automatically increasing the risk, however slight. To include a medium risk change may well be one step too far.
The CAB is one of the most powerful tools to manage your IT environment and services. By implementing the four tips above you’ll be able to make it a valuable meeting that reviews only those changes that need attention. You’ll be able to get through greater volumes of change with increased safety and significantly less failure. The acid test is whether you can invite your business colleagues to the meeting and be confident that they both understand what’s happening and get value from doing so.