Who Controls the Marriage Between IT Change and Configuration?
5th Oct 2016
Most people will recognize the value of change management and configuration management in supporting IT service delivery; however, these same people may not recognize the deep connection these processes must have in order for the service provider to be effective. In many organizations, one of these processes will take higher precedence in strategy, perception, and priority.
The truth of the matter, change management and configuration management must be equal partners - they must be married together.
Marriage is an apt metaphor for describing the relationship and interactivity between these two processes, particularly in discussing how the organization relates to change management and configuration management. IF we consider that a marriage can go through several states of mind, some correlations can be made and responded to appropriately.
The three primary states of mind are intimacy, conflict and separation.
The Best of Both Worlds - Intimacy
Ideally, an organization should encourage a high degree of intimacy between change management and configuration management. What does this mean? Simply put, the two processes are treated equally in importance and they are seeking to achieve the other's objectives as well as their own. In personal relationships, intimacy can be associated with 'getting to know another person.' When two people are first dating, they are asking questions about each other and growing in intimacy. One of the complaints about marriage is the loss of intimacy for most couples: this result can be attributed to people 'knowing' each other to the point where they stop asking questions about their partner. In IT service management, encouraging intimacy between two processes can be as simple as asking one basic question - 'How can I help you be successful today?'
An effective service organization will eventually realize the importance of change management and configuration management co-existing; but to be world-class, it must go beyond simply working together into building each other up. In this environment, change management is developed to be a primary means of achieving the objectives of configuration management and vice versa.
Below are two tables. In the first column are the objectives of the one of the processes as defined by ITIL 2011 Service Transition. The second column demonstrates how the other process can be used effectively to support achievement of the first process' objectives or is supporting in the achievement of their own objectives.
| Configuration Management Objectives | Change Management Supporting Characteristic |
| Ensure all assets under control of IT are identified, controlled and properly cared for though their lifecycle Control is the key word for many configuration management objectives and essentially means that changes are controlled - an activity fully supported by the change management process. For this particular objective, the responsibility of change management must bridge across the asset's entire lifecycle. In fact, it is through requests for change that a requirement for additional or changed assets is first introduced, allows them to be identified by configuration management. Procedures for properly caring for assets should be introduced in the service environment and any changes controlled appropriately | Identify, control, record, report, audit and verify service and other configuration items Change management provides a means of tracking changes to services and other configuration items, as well as determining the alignment of the service to governing strategies, policies, and regulations for which the service must comply and be audited. Change procedures require an assessment of the RFC to determine its value to the organization or customer |
| Account for, manage and protect the integrity of CIs by working with change management to ensure only authorized components are used and only authorized changes are made This objective directly acknowledges the intimate relationship between the two processes: the effectiveness of change management will impact the integrity of the configuration items managed by configuration management, while configuration management provides the necessary information to ensure proper authorization of individual changes | Ensure the integrity of configuration items and configurations required to control the services by establishing and maintaining an accurate and complete configuration management system If the above relationship is pursued further, the establishment of a configuration management system requires a technical interface with the organization's change management tool: in essence, a person should be able to retrieve a change history for any service or supporting components from within the configuration management system. |
| Support efficient and effective service management processes by providing accurate configuration information to enable people to make decisions at the right time Every decision is associated to some form of change: either as a response to change or as a desire to change in the future. Without the underlying theme of change, decisions would not have to be made. This objective shows the importance of configuration management in providing the necessary information to make appropriate decisions within the organization and for change management to validate the decision is correct and appropriate for the organization. |
| Change Management Objectives | Configuration Management Supporting Characteristic |
| Respond to the customer's changing business requirements while maximizing value and reducing incidents, disruption and re-work Remember that decisions and change are tightly coupled; and effective decisions need sufficient information to ensure the success of the change. This information is provided by configuration management and consists of details about the impact configuration items and their relationships across the service environment. These relationships are essential for assessing the impact and risks of change on the service and the service environment. | Ensure changes are recorded and evaluated, and authorized changes are controlled appropriately (prioritized, planned, tested, implemented, documented and reviewed) Like the previous objective, this one assumes some understanding and tracking of information relevant to the individual change, specifically the relationship between plans, test results, schedules, and priorities. While these may be documented within a change record, the information can also be useful outside of the record and should be documented within the configuration management system. |
| Ensure requests for change by the business or IT will align services to meet the needs of the business This objective assumes that the organization is well-informed about the services and the needs of the business: the quality of this information is directly attributed to the effectiveness of the configuration management and its implemented system. | Ensure all changes to configuration items are recorded in the configuration management system This objective directly acknowledges the intimate relationship between change management and configuration management and supports the approach addressed in the previous objective as well as the first four objectives of configuration management. However, why should changes be recorded in the CMS? Essentially, the CMS provides a comprehensive survey of everything impacting an individual configuration item. To be realistic, this objective does not require the details of the change to be recorded in the CMS, only that the changes are recorded: this means that the organization can maintain a historical list of changes or change record identifiers for each configuration item. Optimize overall business risk The CMS can be a wealth of information about individual configuration items and their relationships. In addition to a historical record of changes, configuration records can also include incidents and known problems, supported services, pending improvements, risks and corrective controls. All this information contributes to the efforts to optimize business risk. |
The relationship between change management and configuration management can be made in simple terms: the former process ensures the 'right' decisions are being made and the former provides enough information to determine what the 'right' decision should be. In this context, the two processes are equally important. However to obtain an intimate relationship, both processes must serve the other appropriately - they must both give to each other equally.
The Emergence of Conflict
The challenge of an intimate relationship does not necessarily reside with the couple, but can be influenced by cultural, environmental or regulatory concerns. In developing and maintaining the two processes, how the organization relates to them as a couple is just as important as what the two processes are actually doing for each other. If some imbalance exists in the commitment, understanding or use of change management and configuration management, conflict breeds. This is further complicated that in most instances, change management has a greater public spotlight than configuration management: it's effectiveness is continually seen by everyone in the service organization, customers, suppliers and stakeholders. As a result, it is easier to justify the value of change management over any other service management process, including configuration management. However, if the effectiveness of the decisions made in change management is entirely dependent on the quality of the information used to make those decisions, should configuration management's hidden value any less important.
Conflict breeds problems. The most prominent being the perception that one process is more important than the next. If intimacy is based on sharing and giving, than the lack of intimacy is evident with selfishness, entitlement and taking from one another. Imagine the value of information if it's not used to support all decisions, or information-related activities are restricted to a narrow collection of information. Many organizations will focus their implementation on configuration management on technical information - hardware and software specifications or fixed assets. The nature of service delivery goes beyond the technical aspects of the solution, as these IT components must be associated to the processes they serve, the services they support, and the business objectives they achieve.
Consider any given server on the network. Technically, information about its availability, capacity, performance, security and continuity is relevant and should be tracked appropriately. But this information has little value alone until it is compared against the service targets agreed with the customer. At this point, a server's planned downtime for two hours on Monday can be reviewed and a determination made on whether the downtime will have an adverse impact on achieving the 99.9% availability service target. Additionally, the server likely exists to provide some functionality to the service it supports, such as file services, web management, printing, or most common, hosting an application. Understanding how the functionality is delivered to the customer is important for ensuring the customer can complete their business processes and create value for themselves. Like IT, some business processes tend to have greater importance than others: some are core processes needed to establish the customer's business in the market while others are more administrative and shared across the organization. For car manufacturers, the manufacturing processes are more important to the core business than human resources. In this context, it is important to track how individual IT components are used to support the business: is the server used to support the production line or manage employee records.
This necessity to establish relationships between the different tangible and intangible aspects of IT from strategy to fixed assets is the basic reason for establishing a comprehensive configuration management system. This information is also the key to effectively evaluate changes: for instance, what would be the impact on the environment if the strategy changed even slightly? In manufacturing, what happens to the demand on IT if the strategy is to reduce overall expenditures by closing down a couple of factories? Alternatively, what is the impact on business objectives if changes were made to individual IT components? If all personnel records resided on a single server based on design, any change to the server would have a higher risk of losing those records on it. Service design can mitigate this risk by introducing redundancy, replication, or some other solution; however the actual design is dependent on the strategies, investments, and priority offered by upper management.
The dynamic of the decision-making process around service delivery demonstrates the equality of change and configuration management in supporting decisions. When one process is perceived as more important or valuable than the other, the entire organization suffers. Equality does not mean that budgets or other resource allocations have to be the same; it simply means that one process is not allowed to overshadow the other in priority and development of both processes is performed in conjunction or consideration to each other. In a marriage, improvements occurring for one party will often create some improvement for the other party simply out of associations. For this reason, it justifies change management's involvement in improvement proposals for configuration management, and vice versa.
To ensure both processes are managed on equal terms, it is important to create an organization which acknowledges the value of the individual processes as a component to the larger service management system. This requires a proper approach to awareness and training on the processes, as well as understanding how results in reporting metrics, audits and reviews for one process can provide valuable information on the performance of the other process.
Preventing Separation and Divorce of the Processes
A clear indication that the conflict between change management and configuration management is reaching an all-time high is decentralization of the processes or tools within the organization. When one department becomes disenchanted with how a process is managed, they will often seek alternative solutions usually resulting in a different implementation of the process or tool. For example, one department is not receiving enough information to make the right decisions for their organization, so they decide to gather, maintain and report on information using their own devices, independent from any central effort. In essence, the department is divorcing themselves from the standard configuration management process and system.
This divorce puts the entire organization at a disadvantage. First of all, the information maintained by the department is controlled by the department. This may seem a benefit to the department; but if they are using it to inform decisions made outside of the department, other parties in the decision must have access to the same information. If access is not granted, the information becomes privileged and creates even greater conflict at the organization level, rather than the process level. Isolated information stores like this are often difficult to validate and ensure perspective against the larger landscape of the decisions being made. The effectiveness of larger concerns, such as knowledge management, service level management, service portfolio management and change management are impacted: the result is similar to two people reading different novels of the same name.
When individual departments decide to separate themselves from the larger standard, they create risks in both change management and configuration management. This does not mean that individual departments cannot have dedicated systems and tools which are integrated into the larger solution; only that they cannot bypass the governing principles of the enterprise solution. Why would a department even consider such a separation? The main reason will likely be they are not getting what they expect from the relationship any more. As with the example above, decisions about changes are not well-informed because configuration management is poorly implemented or information about changes or resulting from changes is not being properly documented within the CMS.
The real problem leading to a divorce between change management and configuration management isn't necessarily based on what the processes actually provide; but on the perception from the organization about what the processes provide. But it is more than simple perception, because in a mature organization, such issues can be addressed long before divorce is imminent. The underlying conviction has to be that the issue will never be addressed appropriate until 'I take control.' When discussing the intimacy between change management and configuration management, the prominent question suggested for both processes is 'what can I do to help you succeed today?' In a divorced in environment, this question isn't being asked, or worse, replaced by a question similar to 'what can you do to help me succeed today?'
The question for your organization should be 'how well are we encouraging the marriage between change and configuration management?'