The definition of different process models will allow an organization to maintain a balance between providing an appropriate level of control for changes without causing bottlenecks or restricting business growth. Change Models defines how various categories of changes are assessed and authorized, with different mechanisms and activities used to process and deliver changes based on the change type. The defined Change Models should also include:
* What steps should be taken to manage the change
* Roles and Responsibilities
* Timescales and thresholds for actions
* Escalation procedures.
Change Models defined within ITIL® include the following:
A change that follows all of the steps of the change process. It is assessed by either a Change Manager or Change Advisory Board. Normal Changes will often be further defined by the relative impact and complexity, which will escalate the Change for assessment to the most appropriate person or group.
A pre-approved Change that is low risk, relatively common and follows a procedure or work instruction. E.g. password reset or provision of standard equipment to a new employee. RFCs are not required to implement a Standard Change, and they are logged and tracked using a different mechanism, such as a service request. While standard changes are effectively pre-approved by Change Management, they may still require forms of authorization such as other groups such Human Resources (HR) or Financial departments.
The main elements of a standard change are that:
* Authority is effectively given in advance
* The tasks are well known, documented and proven
* There is a defined trigger to initiate the Request For Change (RFC)
* Budgetary approval is typically defined or controlled by the requester
* The risk is usually low and always well understood
Over time and as the IT organization matures the list of standard changes should increase in order to maintain optimum levels of efficiency and effectiveness.
A change that must be introduced as soon as possible.
E.g. to resolve a major incident or implement a security patch.
The change management process will normally have a specific procedure for handling Emergency Changes quickly, without sacrificing normal management controls. Organizations should be careful to ensure that the number of emergency changes be kept to a minimum, because they are typically more disruptive and prone to failure.
To enable this to occur, methods of assessment and documentation are typically modified, with some documentation occurring after the change has occurred.