The all in one customer engagement suite
Everything you need to know about the roles and responsibilities of a Change Manager
Change management is an essential part of your IT Service Management (ITSM) efforts. Without an effective change manager, your organization will be exposed to unacceptable risk.
The change manager is responsible for managing the change queue and ensuring changes are made efficiently, with minimum risk to the organization. A change manager should, ideally, facilitate change, not stop it. An effective change manager allows changes to be moved quickly to the production environment. The change manager has a duty to protect the IT systems of the organization, ensuring the changes that are made do not present an unacceptable risk. He or she must look for conflicts in active changes and determine the most appropriate time to commit changes to the production systems.
The ITIL change manager
In the ITIL® framework, the change manager is responsible for managing the lifecycle of all changes, with the primary responsibility of enabling beneficial changes to be made with minimal disruption to the business.
The change manager will convene and chair the change advisory board (CAB) and emergency change (eCAB), ensuring the information presented to these groups is complete and provides them with the information they need to make informed decisions about the changes, prioritizing and approving them, or rejecting them.
These are some of the basic responsibilities of the change manager:
On a daily basis, the change manager must work with a great variety of people, both within IT and the business. He or she must have a good understanding of the business’ needs and goals to help prioritize the changes that will have the biggest impact on the business’ bottom line.
The change manager will work closely with the incident and problem manager to ensure issues having a negative impact on the business are prioritized for repair.
The change manager will liaise with the business relationship manager to understand the business’ needs and to make certain the appropriate parties in the business understand any IT infrastructure issues that may be affecting productivity.
During this era of DevOps, the change manager will work between development and operations, providing a smooth transition of services from Dev to Ops without placing artificial barriers which may hinder an agile way of working while still managing risk for the business.
The change manager contributes a number of benefits to the organization, both in the areas of efficiency and risk management.
While many people see the change manager as someone who slows the velocity of change, the opposite should be the result of having someone in this position. An efficient change manager will hasten the progress of changes that are well documented, assessed and prioritized.
A key function of change management is to minimize risk to the organization by assessing the risks which changes pose to the IT infrastructure and business processes. This will involve assessing individual changes, looking for changes that may conflict with others and cause unexpected consequences, managing the scheduling of changes to ensure they do not occur when they would adversely affect the business, and making sure changes moving into production actually aid the business’ objectives.
When changes are properly assessed and scheduled to avoid peak times and conflicts with other changes, then there will be fewer post-release incidents. Post-release issues will be further reduced when changes are properly transitioned from development to production, training is provided and information about known errors and workarounds is available to customers and the service desk.
The change manager has the responsibility to make sure scheduled changes do not conflict with other changes. This will then result in fewer change failures, which must be withdrawn from the production system.
When one person has the responsibility and accountability for managing changes in the production system, he or she is the go-to person for all change-related matters. Every change, therefore, is recorded consistently and can be coordinated successfully, minimizing risk and maximizing value to the business.
Change management is not about preventing change, it is about ensuring change can happen safely and efficiently. Change management should increase the speed of change, not slow it. The change manager must protect the integrity of the IT infrastructure and balance it against business needs for change.
Without effective change management, changes will not be coordinated, which can result in negative impacts on business downtime. By correctly assessing changes and scheduling them efficiently, downtime will be minimized.
The change manager takes a holistic view of all proposed changes. He or she will recognize the benefits of doing the change in addition to the risks of not making the change to determine whether it will or will not be approved. The change manager will also understand the IT infrastructure and be able to assess accurately any potential flow on the change’s possible effects, and the steps that must be taken to minimize any potential risks and conflicts.
When change management is not efficiently conducted, change generally occurs on an ad hoc basis, with little or no concern for risk and conflicts. A change manager will use discovery tools to detect unauthorized changes to the IT infrastructure and act to prevent recurrences of this situation.
A smaller organization may not be able to have a dedicated change manager. In this case, the responsibilities of this role must still be vested in a single person to ensure there is accountability for change management.
When there is no dedicated change manager, it is essential that whoever assumes the role has no other which may conflict with the change management function. It would be unwise for the same person to be responsible for incident or problem management, as there are obvious conflicts between these roles – the incident manager is seeking a stable infrastructure to avoid incidents, and changes will impact his or her responsibility. The problem manager may assign a higher priority to changes that resolve problems he or she is addressing. The change manager must be able to assess and prioritize changes with a clear head, without the complications these roles would create.
A person who is knowledgeable in asset or configuration management and responsible for that work could complement and benefit the change manager’s role, and could credibly assume those duties on a part-time basis.
When an organization is large enough, it is likely it will be able to appoint a single, dedicated change manager with responsibility for all IT changes in the business. This can be an effective method to manage change in a small to medium enterprise, however, it may create some risks.
The change manager can become overloaded, which may create a bottleneck where changes accumulate and there are insufficient resources to assess and prioritize them effectively. This can be overcome by delegating change assessments to subject matter experts in other parts of the IT organization.
There is also the risk in this situation the change manager becomes too protective of the infrastructure and is unwilling to take the risk of implementing too many changes. This can stifle innovation for the business.
This is a more effective structure to conduct change management in a small to medium enterprise. A single change manager can work with a static change management board (CAB) that meets regularly to assess the change queue, accept or reject proposals and prioritize and schedule changes for release.
The downside of this structure is that the CAB can put pressure on its members who may have other busy roles. This structure can function more efficiently if the change manager restricts the changes submitted to the CAB to those of significant risk, or where there is a debatable benefit to the business. The change manager, as an individual, can then manage smaller, low-risk changes.
In a larger organization, this can be a very effective method to manage change. Distributing the responsibility for assessing, prioritizing and approving changes throughout the organization results in less stress for each person involved, and he or she is only assessing changes for which he or she has the knowledge needed to provide accurate recommendations.
In this model, the change manager will convene a different CAB each time, including members who have expertise in the areas pertinent to the changes to be discussed. This will make CAB meetings more efficient and will eliminate the need to ask the sample people to attend every meeting whose schedules are already are filled with normal work tasks.
When using the distributed change-management function, it is important the people who may be asked to assess and approve changes have a clear understanding of their roles and responsibilities. It is wise to offer specific and continuous training in this area to anyone who will be involved in this task.
One of the change manager’s first jobs will be to establish consistent processes for change management. There will be a number of different change processes in any organizations:
Major changes will receive a comprehensive assessment and risk management before the CAB approves them.
Minor changes still require assessment and risk management, but it is likely the change proposer can accomplish these tasks before the change manager approves them.
Pre-approved changes are small risks and, often, repeatable changes may occur, regularly. These changes must be clearly documented, but will not require a separate approval process.
A different process is required for emergency changes. They still must be assessed for risk, and they will need approval from the change manager or delegated before they are released into the production environment.
As many organizations move toward adopting an agile approach to change, utilizing a DevOps methodology, there is a possibility of conflict between moving changes into the production system quickly and adequately managing organizational risk. This conflict will continue to increase and today’s change manager must take a balanced approach to this situation. A change with an unacceptable risk still must be stopped, but where the risk is small and the benefit is large, a less thorough approach may be warranted.
It is not always possible to be certain of the level of risk in any particular change. There may be conflicting information about the benefits of a change and disagreements about the level of risk. In this situation, the change manager must be the final arbitrator and decide whether or not to allow the change to proceed. When time does not allow for further assessment, a change manager will have to rely, to some extent, on intuition, combined with business knowledge to decide whether or not to proceed with a change.
Occasionally, it is simply not possible to adhere to agreed processes. This is particularly true when responding to major incidents which require emergency changes. The change manager must assess whether the risks of proceeding with the change outweigh the risks of waiting for the complete change process.
A change manager must be strong in the face of pressure from other managers or corporate executives. He or she must also have the delegated authority to enforce change-management procedures, regardless of who is asking for these to be circumvented.
Its likely managers will ask a change manager occasionally to fast-track their change requests through the process. The change manager must ask the right questions and determine whether it is a valid request and whether moving the change through the process quickly will benefit the business, or whether it should simply be added to the change queue and be fully assessed, prioritized and approved.
There will always be exceptions, but it is important, whenever possible, the change manager process all changes, regardless of their origins, through standard channels. These processes exist to protect the organization from the avoidable risks of poorly managed changes.
Change managers should have strong connections with both delivery teams and operations. They must have sufficient authority to say NO whenever necessary or to move changes through the pipeline quickly when warranted.
The change manager is accountable for all change reviews and all change approvals, even if these have been delegated to other individuals. Anyone who has been delegated authority to perform these tasks must report all relevant information to the change manager. The business must know it has one “port-of-call” for all change-related inquiries.
The change manager must have the authority to say NO to change requests when the benefits do not sufficiently outweigh the risks. This may require saying no to people who are senior to the change manager in the organizational structure, which can be difficult. It will be impossible if the business and management teams have not been informed and aren’t sufficiently supportive of the change manager’s delegated authority in these matters.
The change manager is an integral member of the IT Service Management (ITSM) team, including the incident, problem and configuration managers. The change manager will have close relationships with all other managers of ITSM processes. These other areas of ITSM will likely be the sources of many change requests.
Large, individual projects or programs may warrant a dedicated change manager to oversee multiple changes related to the project or program and he or she may need to be introduced to these teams. A change manager working in this manner must still follow standard, established processes. It is also wise for these project or program teams to advise the change manager about any project changes to ensure they won’t impact other areas of the business.
A change manager will pay close attention to all details of a proposed change to assess the risk and benefits accurately.
Changes are not always straightforward. There may not always be a clear cost-benefit ratio for the business. Sometimes, a change may, on face value, have a low probability of being beneficial, but may, in fact, be worthwhile. Not all changes will fit into a standard equation. A good change manager will be able to apply his or her intuition to help decide when to overlook some of the rules.
The change manager must be able to assess when the benefits of putting a change into production outweigh the potential risks or even certain losses. Not every situation is a win-win. Occasionally, the change manager must accept a change even when losses cannot be avoided.
Risk assessment and management is a critical part of the change manager’s role. Formal training in this area is a great advantage for a change manager in the IT industry.
Communication skills are critical to the success of a change manager. It is essential the change manager is able to speak, with authority, to people at all levels of the organization.
A good change manager will be able to share information easily and train others in change management techniques. This allows the change manager to delegate authority successfully to others for change assessment and approval.
When changes must be made urgently, it is likely they are required to ensure the availability of critical business systems. When these systems fail, there is a huge amount of pressure on the ITSM team to fix what has failed. The incident manager will be the first in the crosshairs, which is then likely to move to the problem manager, as he or she determines the root cause. Last in line in this stressful situation is likely to be the change manager, as he or she rushes to implement a change to bring the system back online.
For this reason, it is essential the change manager is able to work well within stressful situations, communicate effectively during them and coordinate the recovery efforts, effectively.
There are a number of metrics that will help assess the success of the change management process, and the value the change manager is delivering:
How much time is required for a change request to proceed through the change management process from logging to either rejection or delivery? As organizations increasingly move to a DevOps type of delivery model, this cycle time must be dramatically reduced, while also keeping the risk to the organization at a reasonable level.
This is another metric with an ultimate target of zero, but it is unlikely to happen. When change is well-managed, these calls will be minimal. If they ever increase, then it is likely your change management process is at fault.
Change reviews will examine how often changes become part of the emergency change process. If this number is excessive, then it may be a sign people are using this process to avoid the standard change management process, opting, instead, to fast-track them via the emergency process. If the number of emergency changes suddenly increases with no obvious reason, then this may be another sign your processes are slowing change too much.
Modern ITSM systems have well-developed change management tools that will allow the change manager to record all relevant information about a change and its progress through the change management process.
These tools provide the change manager with the ability to schedule changes automatically to be released into the production system.
An accurate and up-to-date Configuration Management Database (CMDB) provides the change manager with vital information about relationships and dependencies within the IT infrastructure. This information is a key part of any risk analysis process, allowing the change manager to predict accurately where any effects of the change may occur.
There are many risk assessment tools available for the change manager and he or she will use them to help in the risk assessment process.
Large changes and releases may be managed as separate projects. In these cases, it will be useful to manage them with a project management tool, in conjunction with the ITSM tool.
Making informed decisions is one of the most important parts of the change manager’s role. These decisions are not always obvious or straightforward. The use of a decision matrix can be a useful tool to help make complex decisions regarding a change.
When no one is responsible for change management in a company, the business will be exposed to multiple risks. Unmanaged changes to IT systems are likely to result in a larger number of post-change incidents, potentially causing business losses. There is also an increased possibility of total change failure.
When changes are uncoordinated, they are almost certain to require more time to be introduced successfully. These delays can have a significant impact on business profitability, particularly when trying to take advantage of new technology and to overcome market pressures. When changes are not coordinated and scheduled effectively, IT systems will experience larger downtimes, because changes will not be introduced in parallel, but in a piecemeal, uncoordinated manner.
Without a change manager, unauthorized changes to IT systems will become more frequent, increasing the risk of unexpected, negative consequences for the business.
Change management is a critical role in even the smallest organization. Without at least some level of management of changes, IT systems will, almost certainly, become increasingly unstable. Choosing the right change manager for your organization is critical, whether he or she is a dedicated process owner or a part-time change manager.
Change & Release Management – It’s Complicated!
The Ultimate Guide to ITSM Best Practices
How To Effectively Manage Change With Project Management
Change Management and Agile: Best Friends or Mortal Enemies?
By clicking on "SIGN UP FOR FREE" you agree to our Terms and acknowledge having read our Privacy Notice
Start your 21-day free trial. No credit card required. No strings attached.
Sorry, our deep-dive didn’t help. Please try a different search term.