Failures are generally caused by changes made by IT personnel -- and these failures can threaten customer satisfaction and profitability. For example, an air traffic control software upgrade caused a system failure that grounded flights at an airport and halted traffic across the region for almost an entire business day.
In another case, a healthcare provider was making a patch update to an operating system and discovered that the upgrade unraveled the entire software stack. As a result, business-critical legacy lab results and prescription applications weren't available.
Since change is inevitable in both business and technology, what can be done to make change a "friend?"
Agility is the key. As business strategy changes, the IT organization must have the agility to respond to new requirements. So, how do organizations balance control and agility, especially when approaches tend to optimize one at the expense of the other?
Consider a systematic and process-driven approach to achieving a balance to optimize both responsiveness and control.
The process starts with developing an integrated change and configuration management strategy to help the IT organization identify the relationship between the IT environment and critical business services.
When thinking about developing a change and configuration management strategy, here are ten things to consider:
Timing. Get started now. As business needs change, IT must be poised to change, as needed, to support the business. However, IT often cannot implement changes fast enough, and is frequently perceived as not responsive to changing business requirements.
Knowing what IT components support which critical business services is often difficult. Changes in one area can break things in another, causing system failures that can affect the business operations they are supposed to support.
IT also must implement changes to take advantage of technology innovation, improve applications, provide greater capacity, and counter security threats.
Unless they are carefully controlled, changes in the IT environment can create security risks or negate already implemented safeguards. The reverse is also true. Security patches can cause application failures if not coordinated with other activities.
Several factors influence the ability to manage change effectively. With tighter budgets, IT organizations must work more efficiently. Strategic initiatives that integrate and automate change and configuration best practices can free-up budget, reduce system failures, and achieve mandatory control objectives.
Pain. You are not alone. Many IT organizations experience similar issues: a change in one portion of the IT environment has often wreaked havoc in IT and on the business itself.
These happenstances are caused by changes related to databases, networks, operating systems, applications and other parts of the enterprise. Most organizations can benefit from improvements in their change and configuration practices.
By better coordinating and automating these activities, they can simultaneously improve both responsiveness and IT service quality.
Risk. Most IT organizations use some combination of approaches to try and mitigate the risk of failures caused by changes in IT. However, most current approaches reach a balance that is either controlled or responsive -- but not both.
Operating in an unresponsive or uncontrolled state poses significant risk for the IT-dependent business.
Adjusting operational processes to increase responsiveness often reduces control and increases risk of business-critical IT system failures. Adjustments that increase control can reduce system failures, but may impose a process burden on strapped IT resources, and cause business managers to wonder why IT isn't quickly responding to their changing needs.
Reduced responsiveness can leave companies vulnerable to more agile competitors. As a result, many organizations reach a compromise that leaves IT neither responsive to change nor in control of the complex IT environment.