Change Management Plans for Secure IT Systems - Essay Example

Change Management Plans for Secure IT Systems Insert Insert Executive Summary A change management plan for secure IT systems is the best to present changing practices in change management. Qualified network operation personnel, managers and experts in IT service management facilitate these changes. This change management ensures it reduces downtime in service delivery and that there is recording of requests for change, evaluation, authorization, prioritizing, planning, testing, implementing, documenting and reviewing of this requests (Bon, 2004). Introduction Many organizations and industries more so those offering financial services and communication nowadays depend on high network and IT in order to meet their needs. This includes the issue of online business transaction where IT and network are key components in ensuring efficient and effective transactions. Teams on network operations are trying to make improvements to the quality of the IT quality for the reason of meeting customer needs. These organizations and industries, therefore, to achieve the improvements have examined the processes in the areas of change management that the network changes are a source of downtime (Peters, 2000). These management changes need to be done due to various reasons. These reasons include; 1. Business wants The change management in this sector ensures that there are efficient and prompt standardized ways and procedures in handling of all changes. It also leads to recording of configuration items and the changes to service assets in the management system. There is also support for business goals and wants due to the authorized changes, and business risk is reduced. Then the changes are managed to reduce the exposure of risk, reduce the impact of interruption and enhance successfulness of the management changes (Jacques, 2005). 2. Target Market Management change provides required information and provides guidance on different size and kinds of organizations and changes that are either simple or complex changes for each lifecycle stage. It also shows the major and minor changes and the different levels of funding and budget to enhance effective change. The change management ensures that the business changing customers’ requirements are met by maximizing the value, minimizing the incidents, interruption, maximizing, and improving the network. It ensures the IT and businesses want requests are met, and there is a large room for information technology. There is management change in modifying, adding or removal of authorized service to meet the effective demands. This need for change erupts due to various reasons aimed at effectiveness. These changes, for example, may resolve mistakes and adapt to change circumstances that lead to reducing costs and improve services and enhance effectiveness to the business. These management changes can be effectively brought to reality through configuration and IT infrastructure (Bon, 2004). The management changes may be application changes, software changes, network changes, hardware changes, environment changes and documentation changes. All these changes pass through requests for verification. These changes of the request include open, which shows that the change is received but is not assigned. In-process change it shows it has been received, acknowledged and assigned but approved shows the technical and business assessment is been completed, and the change is approved and committed to the change schedule. The request may be rejected, and these shows that the change is rejected and is turned back to the requester and with explanation with recommended course of action. Closed shows change was closed and canceled which shows the change is canceled (Peters, 2000). The management change processes play very important roles in through its separate and distinct roles. These roles include change initiator, change manager, change advisory board, and implementation team change. The person, which requires the need for change, develops, plans, and does the initial requirements for a request for change is referred to the change initiator. These change initiators comprise of a product manager who is interested in a new or changed feature on an application. There is also a requirement for an engineer to upgrade the network capacity to overcome the issue of the increased traffic and improve the functionality of the network. There should also service manager who should change the vendor procedures and update documentation. There should also an engineer to replace any defective part in a network and security manager for configuration and document change to respond to a newly discovered vulnerability (Bon, 2004). There is also manager change for large industries and organizations that ensures there is update and communication change procedure. Ensures there is team review that accepts the approved change and conduct and manage periodic change review meetings. It also ensures compilation and archive change requests. They also edit network changes to enhance the correct record of the change with work, ensure the appropriate configuration of items, effective update documentation and notification and communication change. It still enhanced change management postmortems, created, and compiles management change metrics. It also has change advisory board that ensures authorization of change and assist in access to change management and priory’s changes. It determines and reconsiders the adoption or rejection of changes to ensure appropriate authorization and recommend enhancing appropriate change authority (Peters, 2000). Change initiator or requestor in impacted review change should be considered to enhance change. These changes ensure there is effective change management. Some of the roles of different individuals in change management include; (Jacques, 2005). ROLE FUNCTIONAL RESPONSIBILITIES Board members They will always make sure that the necessity of information security controls shall be implemented according to the policy. Manager in charge of information Security Establish and reconsider the data security methodology, arrangement and gauges for change administration and control with information from vested parties and backups; Facilitate and co-ordinate the fundamental countermeasures to change administration and control activities and assess such arrangements and norms; Co-ordinate the general correspondence and mindfulness technique for change administration; Acts as the administration champion for change administration and control; Provide specialized information to the administration prerequisites and co-ordinate influenced changes to SLA is the placed material. Co-ordinate the usage of new or extra security controls for change administration Operations Manager Implement, keep up and upgrade the change administration and control system, baselines, models, strategies and methods with data from all partners; Ensure that all application proprietors are mindful of the relevant approaches, norms, methodology and rules for change administration and control; Ensure that approach, principles, and procedural changes are imparted to material proprietors and administration discussions; Establish and amend the data security method, approach and norms for change administration and control; Facilitate and co-ordinate the important change administration and control activities inside of every organization; Report and assess changes to change administration and control strategies and gauges; Co-ordinate the general correspondence and mindfulness methodology for change administration and control; Co-ordinate the usage of new or extra security controls for change administration and control Provide standard reports on change administration and control activities and the suitable application; Evaluate and prescribe changes to change administration/ variant controls IT Service Provider • Shall follow all change administration and control articulations of this arrangement. Solution Owners • Shall agree to all data security strategies, gauges and methods for change administration and control; and • Report all deviations References 1. Bon van, J. (2004). IT-Service management: een introduction op basis van Haren Publishing. 2. Peters, Louk M. (2000). Security Management, Stationery Office. 3. Cazemier, Jacques. (2005). Security in Modern Business: Security Assessment Model for Information Security Practices. Hong Kong. Read More