Working Together. ICT Change. Management Policy. August Uncontrolled Copy. ICT Change Management Policy

Transcription

1 ICT Change Working Together Management Policy August 2014 Borders College 5/9/ Working Together

2 History of Changes Version Description of Change Authored by Date 1.1 P Smith Borders College 5/9/ Working Together

3 ICT Change Management Policy 1.0 Introduction 1.1 The purpose of this document is to ensure that changes to ICT supported information technology are managed and implemented in a way that minimises risk and impact Borders College and, where relevant, Heriot-Watt University and other users of the technology. 1.2 For the purpose of this document a change is defined as action that transforms, alters, or modifies the operating environment or standard operating procedures where that action has the potential to affect the stability and reliability of the supported information technology infrastructure and disrupt the business of those using it. A change can be planned or unplanned. 2.0 Scope 2.1 This policy covers changes to all systems (hardware, software, applications, and network environment) supported by the ICT Department upon which any functional unit of Borders College or, where relevant, Heriot-Watt University or any other user relies in order to perform its normal business activities. 2.2 Changes not covered by this policy include, but are not limited to, changes to: - an employee s desktop or laptop computer; allocation of IP addresses; allocation, setting-up or closing user accounts; user-enabled changes to software or personally-allocated hardware; any changes that affect the integration and day-to-day working of business software managed by a designated department; changes to access permissions; or updates to an office phone, etc. 2.3 This policy applies to ICT Department staff who install, operate or maintain the shared service infrastructure and associated equipment. It also applies to all end users who may have occasion to request a change, approve and test the effectiveness of a change. Borders College 5/9/ Working Together

4 3.0 Key Principles 3.1 Changes can be categorised into three key groupings. Depending on which grouping a change falls into, a specific set of procedures will apply to that change. Where there is any doubt as to how to categorise a change, the ICT Manager must be consulted Maintenance and Minor Changes These changes may include: - Application-based security or business needs patches, operating system patches (critical, hotfixes and service packs); Regularly scheduled maintenance; or Changes that are not likely to cause a service outage. Such changes will normally be identified by the ICT Department in response to an internally-identified issue or external advice. The ICT Department will record all such changes, identifying the systems or software affected, the reason for the change, and any testing to ensure the change was effective Planned Major Changes These changes include: - Change that results in or could result in business interruption during regular business hours; Change that results in or could result in academic interruptions within a term; Change that results in or could result in business or operational practice change; Changes in any system that may affect disaster recovery or business continuity; or Introduction or discontinuance of a new information technology service. Borders College 5/9/ Working Together

5 The principle driver for such change will come from the implementation of the College s ICT Strategy. Such changes will therefore be planned well in advance and scheduled to both meet business need and minimise disruption. Full consultation will take place with affected areas of the College and will be carried out at the direction of the ICT Strategy Committee. The ICT Strategy Committee will also monitor the progress of changes against defined targets and assess the impact of the changes once made. It is expected that this type of change will be managed through a project planning methodology. Other major changes will normally be identified either by the ICT Department in response to an internallyidentified issue or external advice, or may be at the request of enduser departments or faculties due to a planned change in their learning and teaching or business practices. A clear process for such a change has been agreed, with documentation, including a change request form that includes: - Who is initiating the change and the reason for the change; Benefits; Resources required financial, time, software, hardware, etc.; Impacts; Approvals as necessary. Where necessary, the ICT Manager will discuss with the change requester the feasibility of the change and whether a full project group should be formed. They will also agree the resources required from both the ICT Department and requesting department or faculty in terms of project management, procurement, testing and final sign-off. Where there is any doubt as to approval of a major change or project, this will lie with the ICT Strategy Committee. Note that all key corporate information systems have an owner manager who must sign off all planned changes before any work is initiated and also that those changes are complete and tested to their satisfaction. Under normal circumstances, that manager should act as project manager for major changes. The identified systems and managers are shown at Appendix A. Borders College 5/9/ Working Together

6 3.1.3 Emergency and Unplanned Outage Changes Such circumstances include: - Building is without service; A severe degradation of service needing immediate action; A system/application/component failure causing a negative impact on business operations; A response to a natural disaster; A response to an emergency business need; A change requested by emergency responder personnel; or Any other unplanned critical circumstance which requires a response. In these situations, the ICT Department will utilise its Disaster Recovery Plan (DRP) which forms part of the College s Business Continuity Plan (BCP). These plans include the full documentation of situations leading to an emergency response, action taken, resources expended, outcomes, lessons learned for future incidents. 3.2 An Equality Impact Assessment will be carried out when planning any changes which may affect the way in which a user interfaces with that system to ensure that after change the system meets accessibility and other equality requirements in compliance with equality legislation. 4.0 Responsibilities 4.1 The Finance and General Purposes Committee is responsible for approving the Policy. 4.2 The Vice Principal Finance and Resources is responsible for the implementation of the Policy. 4.3 The ICT Manager is responsible for the application of the Policy and ensuring that all supporting procedures are in place and applied effectively. 4.4 ICT Department staff members are responsible for understanding and applying the Policy and supporting procedures. Borders College 5/9/ Working Together

7 4.5 All end users have responsibility for using the Policy and procedures appropriately, and specifically: - Submitting a change request; Participating in testing, pre-deployment testing and post deployment testing; and Timeous sign off for the change. 4.6 Heads of Departments or Faculties have responsibility for ensuring that their staff use the Policy appropriately, and specifically: - Verifying that change requests are valid; and Timeous sign of for the change. 5.0 Related Documents 5.1 ICT Change Management Process 5.2 Disaster Recovery Plan 5.3 Business Continuity Plan 6.0 Review 6.1 The Policy will be reviewed every three years or earlier, as required. Borders College 5/9/ Working Together

8 Appendix A Corporate Information Technology Systems Identified Managers System Name Purpose Manager SUN Accounts Financial Management Financial Controller PECOS Procurement Financial Controller Vision Q&A Financial Reporting Financial Controller CHRIS 21 HR Management Head of HR & Development HR21 HR Self-serve Head of HR & Development TEQUIOS Student Funding Head of Student Services UNIT-E Student Records Head of MIS VLE and e-portfolio Curriculum & HR VP Quality & Innovation Digital Asset Management Curriculum VP Quality & Innovation Website and Intranet Marketing & Communication Head of Student Services Borders College 5/9/ Working Together

9 Equality Impact Assessment (Rapid impact assessment tool) What Impacts may there be from this proposal on any group s ability to use the College services? Policy: ICT Change Management Policy Positive Impacts (Groups affected) The policy will have a positive impact on all Groups, in that it will ensure the needs of all Groups are considered when any changes are planned. In particular, it is expected to have a positive impact on those who have a disability that may cause difficulty in the way they interact with our systems. Negative Impacts (Groups affected) n/a Actions taken to alleviate any negative Impacts: n/a Recommendations: n/a From the outcome of the rapid equality impact assessment, have negative impacts been identified for any protected characteristic or any other potentially disadvantaged group? Has a full Equalit Impact Assessment been recommended? Yes No x Reason for recommendation: Borders College 5/9/ Working Together

10 Status: Approved by Finance and general Purposes Committee of the Board Policy Dated: August 2014 Author: Vice Principal - Finance and Resources Review Date: August 2017 Equality Impact Assessed: Yes Borders College 5/9/ Working Together