Change Management
When Change Management is first introduced into an IT Organization, it can be disruptive to day- to-day progress. This discipline ensures that standardized methods and procedures are used for efficient and prompt handling of all Requests for Change (RFCs), in order to minimize the impact of change-related incidents upon service quality – and consequently to improve the day-to-day operations of the organization.
Business Problem
Change-induced incidents are often reported as the No. 1 cause of downtime for services provided by IT. A well-architected IT system can run without interruption indefinitely. Yet, changes are often necessary to improve and expand services that the business relies on. A process must be established to control the changes that are introduced to the IT environment to minimize disruption to service availability.
The NetIQ Solution
There is tremendous focus in Change Management on implementing a system for recording and tracking Requests for Change (RFCs). This can be accomplished through something as simple as a web-based form tied to a database, or through the use of common help desk ticketing applications. The bigger challenge, though, is in identifying unmanaged and high-risk change that should be brought under control of the process and the Change Advisory Board (CAB). NetIQ refers to this aspect of Change Management as Operational Change Control (OCC).
NetIQ has recently developed new OCC technologies, such as Change Guardian, which provides the ability to alert and report on change activities as well as access control technologies such as NetIQ Change Administrator (NCA) which delegates entitlements to make changes by individual, time and specific application. These technologies provide the CAB with the assurance that the Change Management process is not being circumvented, and will give administrators the right level of access to accomplish their work while limiting their exposure to internal policy and regulatory compliance violations.
NetIQ Change Administrator controls entitlements to make changes, to prevent circumvention of Change Management.
Another important benefit of Operational Change Control is the ability to differentiate between high-risk and insignificant change. ITIL recognizes that there must be a cost-effective lower limit to the scope that Change Management will govern. To accomplish this, it describes the concept of Standard Changes, which are common tasks that can be documented and authorized in advance, freeing the Change Management process, and the CAB in particular, from drowning in minutiae. OCC tools from NetIQ support this concept by differentiating between Managed Changes, Unmanaged Changes and High-Profile Changes, enabling logging, reporting and alerting on change type depending upon policy.
Key Features
- Ensures operational integrity by confining administrative changes to specific tasks or times and leverages a rich delegation model to define access parameters for servers, applications and timeframes.
- Increases control over the implementation of changes by ensuring the right personnel have the correct permissions to make required changes to the IT infrastructure.
- Enforces key change management processes by allowing you to input and search for operational data from ticketing and change management systems.
- Identifies managed and unmanaged changes by alerting in real time on unmanaged Active Directory and Group Policy changes, enhancing control over policy compliance.
- Detects high-profile changes across well-known privileged groups and produces detailed reports and alerts on changes across your environment.
