Objective: ITIL Change Management aims to control the lifecycle of all Changes. The primary objective of of this process is to enable beneficial Changes to be made, with minimum disruption to IT services.
Part of: Service Transition
Process Owner: Change Manager
In ITIL 2011 the structure of the Change Management process has been modified to highlight that significant Changes require authorization at different points in their lifecycle. The process overview of ITIL Change Management (.JPG) shows the key information flows (see Fig. 1) of the process.
Change Management now submits major Changes to the Change Evaluation process for a formal assessment.
Change Scheduling has been revised so that the detailed planning of a Change and the corresponding Release is performed by Release Management.
Change Management according to ITIL V3 introduced Change Models, putting more emphasis on defining different types of Changes and how they are to be handled. In ITIL 2011 Change Models have been given a more prominent role in Change Management, being used not only for Standard Changes (low-risk Changes on an operational level), but also for recurring significant Changes.
These are the ITIL Change Management sub-processes and their process objectives:
Change Management Support
- Process Objective: To provide templates and guidance for the authorization of Changes, and to supply the other IT Service Management processes with information on planned and ongoing Changes.
Assessment of Change Proposals
- Process Objective: To asses Change Proposals which are typically submitted for significant Changes by Service Strategy. The purpose of assessing Change Proposals is to identify possible issues prior to the start of design activities.
RFC Logging and Review
- Process Objective: To filter out Requests for Change which do not contain all information required for assessment or which are deemed impractical.
Assessment and Implementation of Emergency Changes
- Process Objective: To assess, authorize and implement an Emergency Change as quickly as possible. This process is invoked if normal Change Management procedures cannot be applied because an emergency requires immediate action.
Change Assessment by the Change Manager
- Process Objective: To determine the required level of authorization for the assessment of a proposed Change. Significant Changes are passed on to the CAB for assessment, while minor Changes are immediately assessed and authorized by the Change Manager.
Change Assessment by the CAB
- Process Objective: To assess a proposed Change and authorize the Change planning phase. If required, higher levels of authority (e.g. IT Management) are involved in the authorization process.
Change Scheduling and Build Authorization
- Process Objective: To authorize detailed Change and Release planning, and to assess the resulting Project Plan prior to authorizing the Change Build phase.
Change Deployment Authorization
- Process Objective: To assess if all required Change components have been built and properly tested, and to authorize the Change Deployment phase.
Minor Change Deployment
- Process Objective: To implement low-risk, well-understood Changes which do not require the involvement of Release Management.
Post Implementation Review and Change Closure
- Process Objective: To assess the course of the Change implementation and the achieved results, in order to verify that a complete history if activities is present for future reference, and to make sure that any mistakes are analyzed and lessons learned.
The following ITIL terms and acronyms (information objects) are used in ITIL Change Management to represent process outputs and inputs:
CAB Agenda Template
- The CAB Agenda lists the topics for discussion in a CAB meeting.
- The addition, modification or removal of anything that could have an effect on IT services. The scope should include changes to all architectures, processes, tools, metrics and documentation, as well as changes to IT services and other configuration items.
Change Evaluation Report
- Certain types of major Changes, like the introduction of a new service or a substantial change to an existing service, require formal Change evaluations before being authorized. The results of a formal Change evaluation are documented in a Change Evaluation Report. Change evaluations may be used at different points in a Change’s lifecycle, for example before authorizing the Change/ Release build or during the Post Implementation Review (PIR).
Change Management Policy
- The decision to authorize or reject a proposed Change is based on the completed Change Assessment. In particular, the assessment is about properly understanding the risks associated with the implementation of a Change. In this context, the Change Management Policy specifies the levels of authorization required to authorize different types of Changes and other rules for assessing Changes.
- Change Models describe procedures for the handling of recurring Changes. While Change Models can be created for Changes of any scale, they are often used to define Standard Changes (low-risk, pre-authorized Changes like installing additional hardware on a client PC).
- A Change Proposal describes a proposed major Change, like the introduction of a new service or a substantial change to an existing service. The purpose of Change Proposals is to communicate a proposed major Change and assess its risk, impact and feasibility before design activities begin. Change Proposals are typically created in Service Portfolio Management.
- The Change Record contains all the details of a Change, documenting the lifecycle of a single Change. It is usually created on the basis of a preceding Request for Change (RFC).
- A Document that lists all approved Change Proposals and Changes and their planned implementation dates. A Change Schedule is sometimes called a Forward Schedule of Change (FSC).
- A Change that must be introduced as soon as possible - for example, to resolve a major incident or implement a security patch.
Projected Service Outage (PSO)
- The Projected Service Outage (PSO) document lists any expected deviations from the service availability agreed in SLAs.
Request for Change (RFC)
- A formal request for a Change to be implemented. An RFC, specifying the details of the proposed Change, must be submitted to Change Management for every non-standard Change (see also: ITIL Checklist Request for Change - RFC).
- A template to be used when formally requesting a Change. An RFC includes details of the proposed Change, and may be recorded on paper or electronically.
Templates | KPIs
- Key Performance Indicators (KPIs) Change Management
- Change Management templates and checklists:
Roles | Responsibilities
Change Manager - Process Owner
- The Change Manager controls the lifecycle of all Changes.
- His primary objective is to enable beneficial Changes to be made, with minimum disruption to IT services.
- For important Changes, the Change Manager will refer the authorization of Changes to the Change Advisory Board (CAB).
Change Advisory Board (CAB)
- A group of people that advises the Change Manager in the assessment, prioritization and scheduling of Changes.
- This board is usually made up of representatives from all areas within the IT organization, the business, and third parties such as suppliers.
Emergency Change Advisory Board (ECAB)
- A sub-set of the Change Advisory Board who makes decisions about high impact Emergency Changes.
- Membership of the ECAB may be decided at the time a meeting is called, and depends on the nature of the Emergency Change.
|Responsibility Matrix: ITIL Change Management|
|ITIL Role / Sub-Process [Details]||Change Manager||Change Advisory Board (CAB)||Emergency Change Advisory Board (ECAB)||IT Operator||Other Roles involved|
|Change Management Support||AR||R||-||-||-|
|Assessment of Change Proposals||AR||R||-||-||-|
|RFC Logging and Pre-Evaluation||AR||-||-||-||-|
|Assessment and Implementation of Emergency Changes||AR||-||R||-||R|
|Change Assessment by the Change Manager||AR||-||-||-||R|
|Change Assessment by the CAB||AR||R||-||-||R|
|Change Scheduling and Build Authorization||AR||R||-||-||-|
|Change Deployment Authorization||AR||R||-||-||-|
|Minor Change Deployment||AR||-||-||R||-|
|Post Implementation Review and Change Closure||AR||-||-||-||-|
 A: Accountable according to the RACI Model: Those who are ultimately accountable for the correct and thorough completion of the Change Management process.
 R: Responsible according to the RACI Model: Those who do the work to achieve a task within ITIL Change Management.
 see → Role descriptions...
 The documents created or managed by this process must be approved by the CAB.
 Applications Analyst, Technical Analyst, IT Operator (and others, as appropriate)
 Configuration Manager, Applications Analyst, Technical Analyst (and others, as appropriate).
The ITIL Process Map screenshots show samples of the ITIL process templates with contents from Service Transition and ITIL Change Management, including the
- high-level view of the ITIL Service Lifecycle (Level 0)
- overview of the Service Transition process (Level 1)
- overview of the Change Management process (Level 2)
- detailed process flow for the process "Assessment of Change Proposals" (Level 3)