Reconciling change management and continuous delivery.
The secret to automating releases, mitigating risk, and maintaining compliance.
Why heavy change management exists in the first place
Traditional change management frameworks, such as the popular Information Technology Infrastructure Library (ITIL), serve an important purpose. We’re not here to denigrate ITIL.
It’s worth noting that ITIL, too, has evolved to meet the demands of a fast-paced digital world. For example, a guiding principle of ITIL 4 is: progress iteratively with feedback. This aligns with modern development ideas like Agile, DevOps, and continuous delivery.
Here are some of the pros of legacy change management:
1. For one thing, it governs far more than just deployment and release management. Software updates represent a fraction of all changes that a CAB oversees.
2. It can mitigate risk and guard operational health in some circumstances.
3. It ensures regulatory compliance. For example, we interviewed a publiclytraded U.S. company that supplies electronic health record technology, and they attested that their CAB helps them comply with government regulations such as SOC II.
4. It supports auditability. In the absence of modern tools that automatically record application updates (e.g., version control systems), change managers help log software changes. This paves an audit trail for regulators. Such tracking also preserves institutional knowledge.
5. Change management helps maintain harmony between a multitude of engineering teams, informing each of what the others are doing.