Improve service delivery while limiting security vulnerabilities! Have I got your interest?

If emergency changes aren’t already a big issue for your IT shop, they should be. Why? Well, let’s get clear on what an emergency change is in the first place. They are changes have an expedited process because something has gone done, and they can be recorded or approved after they have been made.

 

This means greater risk for the business. COBIT 5 worries enough about this category of change that they have even created a KPI to measure emergency changes that are not approved post implementation. Think about this, the change is implemented and management doesn’t approve it. What do you do now? Do you take the risk of backing it out? You might ask why would someone record or approve an emergency changes after the face. It is done largely for compliance reasons. And while they can fix an implementation gone south, they can introduce enterprise risk and possibly security vulnerabilities.

 

For this reason, these types of changes bear business and service delivery risk because they did not go through the regular controls—the CAB process. Now, in most IT environments, there will always be a small number of emergency changes, but the greater the number, the more likely that the change process isn’t being managed effectively and that the business and IT are being subjected to undue services and application risk. Given the importance of this measure, we asked several HP customers to share their opinion on this metric. Additionally, we asked them share (confidentially, of course) their actual performance. Today, I would like to share the aggregated benchmark as well as where customers are really performing.

 

What’s a good benchmark for change success rate?

By taking a weighted average of these customers’ responses, I determined that our participants as a whole felt the benchmark for the percentage of emergency change should be 4 percent or smaller. And, as important, 54 percent said it should be 2.5 percent or less. In terms of how many actually achieve this number, only 31 percent of respondents actually said their percentage of emergency changes were less than 5 percent. To really find out what the benchmark number should be, however, we would like a bigger group to participate in our survey. So as we said the last few weeks, we want you!

 

Want you.jpg

 

We would like you to vote on this and other service management benchmarks. Please click the link below and confidentially share what you think the benchmark performance should be for change success rate and other important service desk measures: http://svy.mk/QoeuES.

 

Why does this benchmark matter?

To me emergency changes are controllable, and so is the risk they entail. A high number of emergency changes can also indicate that an IT environment is unstable and therefore, needs to be made more stable. The saying “just say no” comes to mind when I think of emergency changes and the resulting impact on the quality of the change process. You should just say no unless the change is needed to reestablish or protect services. Otherwise, changes should go through CAB processes so that the business and IT risks are considered. Or you should establish an emergency change process. What do you think? I would love to hear back from you. Change is too important, it needs more consideration by you and me.

 

Related links:

Solution page: HP Service Management

Twitter: @MylesSuer

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
Mr. Suer is a senior manager for IT Performance Management. Prior to this role, Mr. Suer headed IT Performance Management Analytics Product ...


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation