Everything in IT Service Management is a change, and the goal of Change Management is to ensure that standardized methods and procedures are used for efficient and prompt handling of all changes. This is in order to minimize the impact of change-related incidents on service quality, and consequently, to improve the day-to-day operations of the organization. But, there is one type of change that requires swift reaction and prompt implementation with little or no time for in-depth impact analysis or testing: the Emergency Change.
Before we continue, you can find a lot of information regarding Change Management (in order to familiarize yourself with Change Management, you can start with the following article: ITIL V3 Change Management – at the heart of Service Management).
What is an Emergency Change?
Every business is application driven, which leaves businesses vulnerable to a wide array of security and security-related risks. One of the most popular and dangerous risks is called “0-day exploit” (zero-day exploit). A zero-day vulnerability refers to a hole in software that is unknown to the vendor. This security hole is then exploited by hackers before the vendor becomes aware and hurries to fix it – this exploit is called a zero-day attack.
Even when a fix becomes available (and even more people become aware of the exploit), not all IT organizations implement the fix right away, leaving enough time for malicious people or software to actually try to break into systems that haven’t been patched.
Implementing such high-risk security patches is the most common example of an Emergency Change – a change that must be implemented as soon as possible, for example to resolve a major incident or implement a security patch.
Organizing the Emergency Change process
Due to the nature of the Emergency Changes, it’s clear that there is no time to wait for a formal Change Advisory Board (CAB) meeting, nor is it possible to even attempt to organize an impromptu meeting. However, Emergency Changes should not be handled outside of Change Management. According to ITIL, the Emergency Change process should still retain a high level of authorization and control, but those processes can be looser than those for a normal change. The number of Emergency Changes should be kept to an absolute minimum, with every Emergency Change being reevaluated after implementation to determine whether it was actually an Emergency Change, and if not, how to prevent such changes from being processed as Emergency Changes in the future.
A Normal Change relies heavily on changes being tested prior to deployment, and the decision on whether to allow deployment into the live environment will be based on test results. In the case of Emergency Changes, it is still strongly recommended to perform at least basic testing prior to deployment, as untested changes may cause even more damage than the risk we were trying to prevent! At the end of the day, it all comes down to numbers; is the potential damage caused by an untested emergency change (e.g., a patch) smaller or greater than the damage currently caused by the identified risk (e.g., a security breach)? If it’s smaller, then the Change Manager has a good argument to allow such change.
Roles in the Emergency Change process
In order to define roles specific to Emergency Change, first we have to look at who is doing what in the case of Normal or Emergency Change:
- Change Manager – primarily responsible for the lifecycle of all changes, allowing beneficial changes to be made with minimal or no disruptions to the service. For Emergency Changes, the Change Manager is responsible for forming the ECAB in order to discuss the proposed Emergency Change, and to decide whether it should be implemented as such, or if it can be re-categorized as a Normal Change. The Change Manager has to ensure that all necessary preparations are made before change implementation.
- Change Advisory Board (CAB) – advisory group consisting of representatives from all areas within the IT organization, business, and third parties with the goal of aiding the Change Manager in change assessment, prioritization, and scheduling. The CAB is not impacted by Emergency Changes, other than the fact that some members may also be a part of the ECAB.
- Emergency Change Advisory Board (ECAB) – specific type of CAB, responsible for making decisions regarding Emergency Changes. ECAB membership may be decided at the ECAB meeting and depends on the Emergency Change nature. The Change Manager can appoint anyone who may help with knowledge, experience, and expertise to the ECAB.
- Others – e.g., Configuration Manager, Application Analyst, Technical Analyst or others as appropriate for any given situation.
- IT operator – person(s) who are responsible for operating the underlining technology of a system (e.g., networking, storage, operating system, etc.). During an Emergency Change, the IT operator may be involved, depending on his/her technical skills, for Emergency Change testing, implementation, and performing the back-out plan if implementation fails.
- Change Requester – person who triggered the Change Management process.
Conclusion
In my personal experience, Emergency Change management often falls into the trap of being a quick way of implementing changes without the “bureaucracy” and hassle present in the normal change process. This may be an indicator that the normal change process requires some revision. Personally, I’ve seen cases in which changes on systems considered vital (ERP, E-mail, web, file share, printing, and the list goes on until you realize everything is considered vital) were not implemented unless approved by top-level management. IT found a “workaround” and started to implement changes on those systems as Emergency Changes, because no one from top-level management was part of the ECAB.
Emergency Change exists only to address the needs of the organization when normal Change Management can’t be followed, generally due to time constraints and risks involved. There is no magic wand that will solve all of the specifics, and each organization should find the solution that fits best into their own operational model; prompt and efficient handling of all changes will serve to minimize the impact of change-related incidents on service quality.
Use our free ITIL Gap Analysis Tool to check how your activities comply with ITIL recommendations for Change Management.
Options are :
- Supplier management
- Problem management
- Incident management
- Deployment management
Answer : Incident management
Options are :
- Focus on value
- Optimize and automate
- Progress iteratively with feedback
- Keep it simple and practical
Options are :
- Focus on value
- Collaborate and promote visibility
- Progress iteratively with feedback
- Start where you are
Answer : Start where you are
Options are :
- A low-risk computer upgrade implemented as a service request
- The implementation of a security patch to a critical software application
- The implementation of a planned new release of a software application
- A scheduled major hardware and software implementation
Answer : The implementation of a security patch to a critical software application
Options are :
- 'focus on value' guiding principle
- 'service request management' practice
- service value system
- four dimensions of service management
Answer : service value system
Options are :
- By using a combination of practices
- By using a single functional team
- By implementing process automation
- By determining service demand
Answer : By using a combination of practices
Options are :
- To minimize the negative impact of incidents by restoring normal service operation as quickly as possible
- To protect the information needed by the organization to conduct its business
- To ensure that accurate and reliable information about the configuration of services is available when and where it is needed
- To systematically observe services and service components, and record and report selected changes of state
Answer : To systematically observe services and service components, and record and report selected changes of state
Options are :
- outputs
- costs
- risks
- outcomes
Options are :
- 3 and 4
- 2 and 3
- 1 and 4
- 1 and 2
Options are :
- To help identify problems
- To ensure effective handling of service requests
- To escalate incidents to the correct support team
- To engage the correct change authority
Answer : To help identify problems
Options are :
- The guiding principles
- The service value chain
- The four dimensions of service management
- Practices
Answer : The guiding principles
Options are :
Options are :
- Known errors are managed by technical staff, problems are managed by service management staff
- Known errors cause vulnerabilities, problems cause incidents
- Known error is the status assigned to a problem after it has been analysed
- A known error is the cause of one or more problems
Answer : Known error is the status assigned to a problem after it has been analysed
Options are :
- Relationship management
- Release management
- IT asset management
- Service desk
Answer : IT asset management
Options are :
- analysed
- closed
- escalated
- logged
Options are :
- Service offering
- Service provision
- Service relationship management
- Service consumption
Answer : Service relationship management
Options are :
- Start where you are
- Progress iteratively with feedback
- Optimize and automate
- Focus on value
Answer : Progress iteratively with feedback
Options are :
- Engage
- Plan
- Obtain/build
- Improve
Options are :
- Processes and procedures
- Compliments and complaints
- Self-service tools
- Incident management
Answer : Processes and procedures
Options are :
- Service desk
- Service request management
- Service configuration management
- Service level management
Answer : Service level management
Options are :
- Service desk
- Service configuration management
- Monitoring and event management
- IT asset management
Answer : Service configuration management
Options are :
- Ensure suppliers include details of their approach to service improvement in contracts
- Ensure that all supplier problem management activities result in improvements
- Require evidence that the supplier implements all improvements using project management practices
- Require evidence that the supplier uses agile development methods
Answer : Ensure suppliers include details of their approach to service improvement in contracts
Options are :
- Service request management
- Service level management
- Incident management
- IT asset management
Answer : Incident management
Options are :
- An addition or modification that could have an effect on services
- Any change of state that has significance for the management of a configuration item
- A cause or potential cause of one or more incidents
- An unplanned reduction in the quality of a service
Answer : A cause or potential cause of one or more incidents
Options are :
- An emergency change
- A standard change
- A normal change
- An application change
Answer : A standard change
Options are :
- Incident management
- Service request management
- Change control
- Problem management
Answer : Service request management
Options are :
- Contracts and agreements
- Level of formality
- Type of cooperation with suppliers
- Corporate culture of the organization
Answer : Corporate culture of the organization
Options are :
- A practice
- An output
- Continual improvement
- A service
Options are :
- It should be diagnosed to identify possible solutions
- It should have a workaround to reduce the impact
- It should be resolved so that it can be closed
- It should be prioritized based on its potential impact and probability
Answer : It should be prioritized based on its potential impact and probability
Options are :
- An up-to-date balanced scorecard
- Details of how services are measured
- A recent maturity assessment
- Accurate and carefully analysed data
Answer : Accurate and carefully analysed data
Options are :
- A mobile phone enables a user to work remotely
- A password allows a user connect to a WiFi network
- A license allows a user to install a software product
- A service desk agent provides support to a user (Correct)
Answer :A service desk agent provides support to a user
Options are :
- Changes included in the change schedule are pre-authorized and do not need additional authorization
- Normal changes should be assessed and authorized before they are deployed (Correct)
- Emergency changes should be authorized by as many people as possible to reduce risk
- Normal changes are typically implemented as service requests and authorized by the service desk
Answer :Normal changes should be assessed and authorized before they are deployed
Options are :
- It uses prescriptive inputs and outputs
- It is a value chain activity
- It integrates practices for a specific scenario (Correct)
- It is used to provide governance
Answer :It integrates practices for a specific scenario
Options are :
- They consist of several outcomes
- They capture customer demand for services
- They contribute to the achievement of outcomes (Correct)
- They describe how the service performs
Answer :They contribute to the achievement of outcomes
Options are :
- The number of passengers checked in (Correct)
- The average time to respond to change requests
- The average resolution time for incidents
- The number of problems resolved
Answer :The number of passengers checked in
Options are :
- The service value system (Correct)
- The 'deliver and support' value chain activity
- The 'focus on value' guiding principle
- The 'value stream and processes' dimension
Answer :The service value system
Options are :
- Service request management
- Service level management (Correct)
- Service desk
- Incident management
Answer :Service level management
Options are :
- An unplanned interruption to a service, or reduction in the quality of a service
- A cause, or potential cause, of one or more incidents (Correct)
- An incident for which a full resolution is not yet available
- Any change of state that has significance for the management of a configuration item (CI)
Answer :A cause, or potential cause, of one or more incidents
Options are :
- Incident management
- Continual improvement
- Service desk (Correct)
- Relationship management
Answer :Service desk
Options are :
- The functionality offered by a service to meet a particular need (Correct)
- Assurance that a service will meet agreed requirements
- The amount of money spent on a specific activity or resource
- The perceived benefits, usefulness and importance of something
Answer :The functionality offered by a service to meet a particular need
Options are :
- Incident management (Correct)
- Problem management
- Change enablement
- Service desk
Answer :Incident management
Options are :
- By using all the guiding principles equally when making any decision
- By using the one or two guiding principles that are most relevant to the specific decision
- By using the 'focus on value' principle and one or two others that are relevant to the specific decision
- By reviewing each guiding principle to decide how relevant it is to the specific decision (Correct)
Answer :By reviewing each guiding principle to decide how relevant it is to the specific decision
Options are :
- Collaborate and promote visibility (Correct)
- Start where you are
- Focus on value
- Keep it simple and practical
Answer :Collaborate and promote visibility
Options are :
- Service desk (Correct)
- Change enablement
- Service level management
- Supplier management
Answer :Service desk
Options are :
- Information security management (Correct)
- Continual improvement
- Monitoring and event management
- Service level management
Answer :Information security management
Options are :
- Start where you are
- Optimize and automate
- Keep it simple
- Focus on value (Correct)
Answer :Focus on value
Options are :
- Check that the activity has already been optimized (Correct)
- Check that suitable new technology has been purchased
- Ensure that DevOps has been successfully implemented
- Ensure the solution removes the need for human intervention
Answer :Check that the activity has already been optimized
Options are :
- Complex service requests should be dealt with as normal changes
- Service requests that require simple workflows should be dealt with as incidents
- Service requests require workflows that should use manual procedures and avoid automation
- Service requests are usually formalized using standard procedures for initiation, approval and fulfillment (Correct)
Answer :Service requests are usually formalized using standard procedures for initiation, approval and fulfillment
Options are :
- The amount of money the customer pays for using the service
- The financial return the customer gets from using the service
- The outcomes the customer receives by using the service
- The customer's perception of the benefits of using the service (Correct)
Answer :The customer's perception of the benefits of using the service
Options are :
- Release management
- Deployment management (Correct)
- Change enablement
- Supplier management
Answer :Deployment management
Options are :
- Highest levels of the organization (Correct)
- Society
- Service manager
- All members of society
Answer :Highest levels of the organization
Options are :
- User
- Sponsor
- Customer (Correct)
- Service provider
Answer :Customer
Options are :
- Relationships with all key stakeholders are understood and managed. (Correct)
- Suppliers and investors are known form the start of the service
- Government regulation are added as requirements
- Users define requirements
Answer :Relationships with all key stakeholders are understood and managed.
Options are :
- One or more of its services
- One or more of its products (Correct)
- One or more of its suppliers
- One or more of its customers
Answer :One or more of its products
Options are :
- 1 and 2 only
- 1 and 3 only
- 1 and 4 only
- All of the above (Correct)
Answer :All of the above
Options are :
- Cost and risk (Correct)
- Cost and time
- Cost and technology
- Cost and products
Answer :Cost and risk
Options are :
- Need for a stakeholder
- Set of related services
- Result for a stakeholder enabled by one or more outputs (Correct)
- Result for a service provider enabled by one or more products
Answer :Result for a stakeholder enabled by one or more outputs
Options are :
- Service gifts
- Service offerings (Correct)
- Products
- Resources
Answer :Service offerings
Options are :
- 1, 2 and 3 (Correct)
- 1 and 4 only
- 3 and 4 only
- All of the above
Answer :1, 2 and 3
Options are :
- Supplier
- Service provider
- Stakeholder
- Consumer (Correct)
Answer :Consumer
Options are :
- Government regulations
- Agreement (Correct)
- Service provider requirements
- Method of delivery
Answer :Agreement
Options are :
- Goods
- Access to resources (Correct)
- Service actions
- Technology
Answer :Access to resources
Options are :
- Service offering
- Service technology
- Service relationship (Correct)
- Service meeting
Answer :Service relationship
Options are :
- Outcome
- Output (Correct)
- Deliverable
- Scope
Answer :Output
Options are :
- Costs removed and cost imposed by the service (Correct)
- Risk cost and product cost
- Risk cost and cost removed
- Cost imposed and risk cost
Answer :Costs removed and cost imposed by the service
Options are :
- Service failure
- Risk (Correct)
- Service loss
- Service risk
Answer :Risk
Options are :
- Warranty
- Service function
- Service performance
- Utility (Correct)
Answer :Utility
Options are :
- Relationship management practice (Correct)
- Stakeholder Management
- Conflict management
- Problem management
Answer :Relationship management practice
Options are :
- Prevention
- Detection
- Correction (Correct)
- Users
Answer :Correction
Options are :
- Service
- Utility
- Warranty (Correct)
- Usage
Answer :Warranty
Options are :
- Confidentiality
- Integrity
- Non-repudiation (Correct)
- Availability
Answer :Non-repudiation
Options are :
- Information and technology
- People
- Processes
- Resources (Correct)
Answer :Resources
Options are :
- Cost of service being too high
- Risk not being removed
- Failing to address all four dimensions properly (Correct)
- Service introducing new risk
Answer :Failing to address all four dimensions properly
Options are :
- Their contribution towards creating value (Correct)
- Their authority levels
- Their skillset and abilities
- Their work schedules
Answer :Their contribution towards creating value
Options are :
- 1, 2 and 3
- 1 and 2 only (Correct)
- 1 and 3 only
- None of the above
Answer :1 and 2 only
Options are :
- Service requirement
- Service goal
- Service achievement
- Service level (Correct)
Answer :Service level
Options are :
- Phased deployment
- Continuous delivery
- Big bang deployment (Correct)
- Pull deployment
Answer :Big bang deployment
Options are :
- Service Asset
- Product Asset
- User Asset
- IT Asset (Correct)
Answer :IT Asset
Options are :
- Users
- Senior level management (Correct)
- IT Workers
- Regulators
Answer :Senior level management
Options are :
- Service
- Utility (Correct)
- Warranty
- Usage
Answer :Utility
Options are :
- Change the service
- Detection of the security of incident (Correct)
- Correction of the security of incident
- Changes in user training
Answer :Detection of the security of incident
Options are :
- IT Assets
- Behavior of people (Correct)
- Software used throughout the organization
- Skills of IT workers
Answer :Behavior of people
Options are :
- Confidentiality
- Integrity
- Non-repudiation
- Authentication (Correct)
Answer :Authentication
Options are :
- Warranty (Correct)
- Service function
- Service performance
- Utility
Answer :Warranty
Options are :
- Information security management (Correct)
- Asset security management
- User security management
- Problem management
Answer :Information security management
Options are :
- 1, 2, and 3 (Correct)
- 1 and 2 only
- 2 and 3 only
- 1 and 3 only
Answer :1, 2, and 3
Options are :
- Offering
- Capability (Correct)
- Skills
- Competence
Answer :Capability
Options are :
- Resources
- Information and technology
- One or more services based on one or more products. (Correct)
- One or more configuration based on one or more technology
Answer :One or more services based on one or more products.
Options are :
- Change strategy
- Change method
- Change model (Correct)
- Change types
Answer :Change model
Options are :
- Confidentiality (Correct)
- Entitled
- Availability
- Authentication
Answer :Confidentiality
Options are :
- IT-enabled (Correct)
- Cloud enabled
- Security enabled
- Service desk enabled
Answer :IT-enabled
Options are :
- Service value system and service desk
- Service value system and four dimensions model (Correct)
- Four dimensions model and service desk
- Four dimensions model and practices
Answer :Service value system and four dimensions model
Options are :
Answer :5
Options are :
- Service value chain
- Practices
- Guiding principles (Correct)
- Continual improvement
Answer :Guiding principles
Options are :
- Services (Correct)
- Technology
- Financial resources
Answer :Services
Options are :
- IT management
- Service desk management
- Service delivery management
- Service management (Correct)
Answer :Service management
Options are :
- Cost of the service
- Perception of the stakeholder (Correct)
- Method of delivery
- Technology used
Answer :Perception of the stakeholder
Options are :
- Value is co-created between providers and technology
- Value is co-created between providers and suppliers
- Value is co-created between providers and consumers (Correct)
- Value is co-created between providers and management
Answer :Value is co-created between providers and consumers
Options are :
- Service desk
- Service support
- Service value
- Organization (Correct)
Answer :Organization
Options are :
- Service consumer
- Service provider (Correct)
- Consumer
- Provider
Answer :Service provider
Options are :
- Customer
- Service provider
- Senior management
- Sponsor (Correct)
Answer :Sponsor
Options are :
- Organizations and people
- Information and technology
- Partners and suppliers
- Process streams and procedures (Correct)
Answer :Process streams and procedures
Options are :
- To setup technology for customers
- To meet customers' needs
- To create value for stakeholders (Correct)
- To manage IT Services for customers
Answer :To create value for stakeholders
Options are :
- Providers and consumers (Correct)
- Providers only
- Providers and technology
- Providers and software
Answer :Providers and consumers
Options are :
- Service consumer (Correct)
- Service installer
- Supplier
- Stakeholder
Answer :Service consumer
Options are :
- Services
- Processes
- Value (Correct)
- Customers
Answer :Value
Options are :
- Find out the consumer perspectives of value (Correct)
- Find out the customer experience
- Find out the way to measure value
- Find out how to provide the service
Answer :Find out the consumer perspectives of value
Options are :
- Remove all unneeded services
- Understand all resources needed for the new service
- Consider what is already available to be leveraged. (Correct)
- Speak to the service consumer
Answer :Consider what is already available to be leveraged.
Options are :
- Quick and cost effective
- Iteratively with feedback (Correct)
- Iteratively and Quick
- Quick with feedback
Answer :Iteratively with feedback
Options are :
- Customers giving the same feedback
- Never ending feedback
- An output of one activity is an input to another activity (Correct)
- Part of an output is assessing
Answer :An output of one activity is an input to another activity
Options are :
- Complete product
- Cost saving product
- Least useable product
- Minimum viable product (Correct)
Answer :Minimum viable product
Options are :
- Isolated work (Correct)
- Collaborate work
- Group work
- Pool work
Answer :Isolated work
Options are :
- Technology
- Co-location
- Trust (Correct)
- Dedication
Answer :Trust
Options are :
- Insufficient team
- Insufficient time
- Insufficient visibility of work (Correct)
- Insufficient practices
Answer :Insufficient visibility of work
Options are :
- Think and work together
- Think and work holistically (Correct)
- Integration of services
- Integration of technology
Answer :Think and work holistically
Options are :
- Use the maximum number of steps
- Use the minimum number of steps (Correct)
- Use complex steps
- Use steps you understand
Answer :Use the minimum number of steps
Options are :
- Quick Steps
- Complex steps
- Simplicity (Correct)
- None of the above
Answer :Simplicity
Options are :
- Optimization
- Automation (Correct)
- Computerization
- Value Steams
Answer :Automation
Options are :
- Accountable only to government compliance
- Accountable to the service desk
- Accountable for policies
- Accountable for the organization's compliance with policies and any external regulations. (Correct)
Answer :Accountable for the organization's compliance with policies and any external regulations.
Options are :
- Problem management (Correct)
- Service desk
- Incident management
- Change Enablement
Answer :Problem management
Options are :
- Plan (Correct)
- Improve
- Engage
- Design
Answer :Plan
Options are :
- Purchases
- Networking
- Copying (Correct)
- Installation
Answer :Copying
Options are :
- Location
- Identification (Correct)
- Damages
- Usage
Answer :Identification
Options are :
- Related contracts (Correct)
- Usage
- Disposal
- Re-use
Answer :Related contracts
Options are :
- Configuration management system (CMS) (Correct)
- System management system (SMS)
- Central management system (CMS)
- Asset management system (AMS)
Answer :Configuration management system (CMS)
Options are :
- Active monitoring
- Passive monitoring (Correct)
- Self-monitoring
- System monitoring
Answer :Passive monitoring
Options are :
- Active monitoring (Correct)
- Passive monitoring
- Self-monitoring
- System monitoring
Answer :Active monitoring
Options are :
- Error control
- Incident control
- Known errors (Correct)
- Problem prioritization
Answer :Known errors
Options are :
- Cost of fixing
- Time needed to fix
- Who is being affected
- Risk they pose (Correct)
Answer :Risk they pose
Options are :
- Risk register
- IT asset register
- Problem register
- Problem records (Correct)
Answer :Problem records