Fatskills
Practice. Master. Repeat.
Study Guide: CompTIA A+ Core Certification: Operational Procedures - Change Management
Source: https://www.fatskills.com/comptia-a-exam/chapter/comptia-a-core-certification-operational-procedures-change-management

CompTIA A+ Core Certification: Operational Procedures - Change Management

By Fatskills Exam Guides Team — the exam nerds behind 28,500+ quizzes and 2.1M practice questions across 500+ global exams.

⏱️ ~7 min read

220-1102: Objective 4.2: Explain basic change-management best practices.
Change is a constant force in the field of IT. That force needs to be managed well so that change can improve processes in the organization and avoid potential perils.

For example, if a data manager wants to make changes to a loan management software system in a bank, the manager must first make sure that the marketing department, which might rely on the loan data, has software that works with the new system.

Otherwise, improving loan management could cause problems for the marketing department.
 

Change management is the process of preparing for and controlling changes in a network, including planning, staffing, organizing, and getting feedback from impacted stakeholders.

Change management is studied by IT and business organizations such as the Information Technology Infrastructure Library (ITIL) and ISO/IEC 20000, which produce change process guidelines for their members.

Documented Business Processes and Practices
Knowing how a company performs its many tasks can help create a map of how the change should be implemented. It cannot be assumed that everyone can do without services while the network is down. In addition, tremendous overlap in network use also likely exists. For example, changes to the production end of a business could unintentionally impact other parts. An IT manager might believe that an old server is useless, not realizing that it serves as a backup server for another department.
Even small changes to a network need to have a well-planned implementation. Change management puts planning at the forefront and engages IT people and users from across the organization. It is important that all users of a network be aware of changes that will come and understand, based on detailed analysis, how those changes will impact their functions. For example, a software change made to benefit sales or marketing functions might have an adverse effect on how accounting tracks company expenses. Understanding the full impact of a change across the organization is essential, and that knowledge must be brought to the change board members.
Many parts of an organization use the IT infrastructure in different ways, and it is necessary to have a document that records how it is used. This means creating a record of who uses the network, what parts they use, and how they impact other users.

Rollback Plan
The rollback plan (also called a backout plan) is a document that lets the change administrators restore the network to the service level that was present before the change.
Sometimes even the best plans can have unintended consequences on a network, or a planned upgrade might fail. When this happens, it is important to have an exact document that tells all the planned steps and logs the configuration codes necessary to get back to normal.

Sandbox Testing
A digital sandbox, such as a virtual machine (VM) environment, is an offline area where changes and ideas can be tested before they are applied to live production networks.
By replicating the work environment in a sandbox, any flaws in the change can be identified before implementation.

Responsible Staff Member
One designated person generally coordinates changes with stakeholders throughout the organization. This person, called the change lead, can communicate planned changes to different departments so that they can check for possible impact or problems that could cause unintended consequences to other parts of the network or organization.

Change Management
As previously defined, change management is the process of preparing for and controlling changes in a network, including planning, staffing, organizing, and getting feedback from impacted stakeholders. When changes occur, it is important to record what was changed and how it was accomplished. The change documentation can include a backout plan to implement in case trouble arises at a future date. This document needs to be available for anyone who wants to make further changes to the network. The following sections document some of the finer details of change management.

Request Forms
Departments that want to plan or implement changes in their part of a larger network must submit a form, usually located in the standard operating procedures manual, to the designated person responsible for changes to the overall network. The form should require descriptions of the proposed change, the costs (both technical and financial), and the benefits of the change. The form can then be used as a basis for communication with other stakeholders in the organization.

Purpose of the Change
Clarity in purpose is essential for a successful network change or migration.
First, knowing the purpose of the project helps limit the scope of change and keeps it from getting larger than necessary. Second, users will be inconvenienced, so they need to be brought into the process to identify issues and help make the change successful.

Scope the Change
Scope refers to the extent of the impact of a change.
Scope must be determined so that all affected users and managers do not suddenly lose the capability to work when a change is implemented. Scoping a change means creating a detailed plan itemizing processes and settings that will stay the same after the change (for example, application settings needed to perform core functions), hardware or software that will go away, and the changes that have a mixed outcome (meaning some benefit, such as efficiency, but also some drawbacks, such as layoffs of loyal employees).

Date and Time of the Change
Be sure to announce the date and time of a change well in advance so that others can plan as well.
These plans usually call for changes to occur during downtime at night, when the fewest users will be impacted, especially if a system outage is expected.

Affected Systems/Impact
A key purpose in managing change carefully is to avoid unintended problems for various systems that are in place.
For example, choosing the time of a change is important; making a change at the same time a payroll run is being processed could cause problems for not just payroll, but the employees who are depending on timely paychecks. Thus, it is important to identify all systems that will be affected by the changes and to mitigate the impact to their tasks.

Risk Analysis
Some level of risk is always present when making changes to a network.
A goal of change management is to identify the risks and mitigate them. Examples of risks that IT managers plan for include delays, lower-than-expected quality, and use of more resources. When the risks are identified, managers and planners can work to neutralize them.
A change manager might assign a risk level of high-, medium-, and low-risk categories and then manage the team resources according to the potential impact on the organization.
Risk analysis is often performed using either qualitative or quantitative analysis methods. A qualitative risk assessment can involve brainstorming, focus groups, surveys, and similar processes to determine asset worth and valuation to the organization. Uncertainty is also estimated, allowing for a relative projection of qualitative risk for each threat. Risk levels can be assigned a numeric value based on their position in a risk matrix/heat map that plots the probability (very low to very high) and impact (very low to very high). Numeric values can be assigned to each state (very low = 1, low = 2, moderate = 3, and so on) to perform a quasi-quantitative analysis, but because the categories are subjectively assigned, the result remains qualitative.

A quantitative assessment is less subjective; the process requires assigning a value to all the various components. To perform a quantitative risk assessment, an estimation of potential losses is calculated.

Change Board Approvals
The change board (also known as a change advisory board, or CAB) is a group gathered from areas of the organization that will be impacted by the planned changes.
The task of the change board is to analyze requests for change (RFCs) and study the benefits and risks of implementing changes. The change manager works under the authority of the change board and gives approval for the manager to proceed with the necessary work to be done. Members of the change board are usually leadership-level employees who understand the impact that requested changes will have on the work in their respective areas.

End User Acceptance
The end users of the network will be the final arbiters of success or failure in the change migration.
Those planning and implementing the change should be informed, but because all users will have a role, they need to be involved, too. Managers might need to schedule training time, and users might have to accept and endure a learning curve. The more ownership they can have in the process, the more likely the users will tolerate the hardship of the process.



ADVERTISEMENT