Controlling Change in IT Departments

Using DMAIC
Gaurav Shah and Khyati Shah 0

During a Six Sigma project at an information technology (IT) department, there are many good reasons why
a process or a system needs to change. There also are a few bad reasons bad, but unavoidable. Its up to
the practitioners to decide how to transform bad reasons into good ones, and how to prevent good reasons
from going bad, by implementing proper change control mechanisms.
Change control is a method used for requesting and managing changes to work processes that are created or
maintained by the organization. Change control helps facilitate communication about requested process
modifications among the team members, provides a common process for resolving requested changes and
reported problems, and reduces the uncertainty around the existence, state and outcome of a change that has
been requested.

Having such a system in place reduces the possibility that faults or unnecessary changes will be introduced to
a process without forethought, and lessens the likelihood of undoing positive changes made by other users.
The goals of a change control procedure usually include minimal disruption to services, reduction in back-out
activities and cost-effective utilization of resources involved in implementing change.

Applying the DMAIC Roadmap

One of the best ways to ensure full benefit of change control is to employ the power of DMAIC (Define,
Measure, Analyze, Improve, Control). For IT departments, following a DMAIC roadmap for a process change
request such as the upgrading of databases and server hardware can provide organizations with the
necessary framework to ensure that all changes are made in the most efficient manner possible.
The following change control steps, which mirror the DMAIC path, should be used by IT departments while
implementing any type of procedural changes.

1. Define need for change control First off, the person responsible for effecting change in the IT
department (the change owner) needs to identify the basic requirements of change control. These
requirements can be either an improvement in performance or the replacement of existing processes. The
change owner needs to identify the scope of change control in terms of practical problems in existing
processes and document a proposed solution on a change request template.
To build a strong business case, this person also must enumerate the reasons for the upgrade of the server
(the process change being used in this example), such as higher storage capacity, faster processing speeds
and tighter security. This Define step is critical for the change owner to demonstrate the value of the project
and convince the organization to provide its full support for the proposed change.

2. Request change control and measure performance Next, the change owner should list these critical
criteria while making the change request.
a. Provide a detailed description of the change Specifications of the new server
b. Describe the type of change Hardware upgrade
c. List the reasons for the change Higher storage capacity, a faster application process, better security
d. Describe how the newly proposed changes will replace existing procedures How will hardware be
changed? How will data on current hardware be migrated to new hardware? What are the design and
installation qualification protocols?
e. Technical evaluation The head of the IT department should describe how this will be carried out in terms
of a risk-to-benefit ratio. The operation qualification of the upgraded server also must be performed to check for
capability.
f. List the impacts What are the human manpower requirements for ensuring that this proposed change is
made? What will the financial effects be as a result?
This change request should be sent to both the organizations management and its quality personnel for
approval. The priority of the above criteria will be decided by management.

3. Analyze the proposed change control request Once the proposed change control is approved by
management, it also should be analyzed by all other departments that will be affected by the proposal. This
impact assessment and risk analysis should be based on but not limited to the criteria above (a to f). The
results of this impact assessment and risk analysis should be reported using the levels low, medium or
high by operational qualification.
The analysis can be sent back to the change owner in case it is rejected or if more clarification is required for
the criteria. All concerns and suggestions for rejection or clarification should be noted on the change request
form. After these concerns are addressed, the change request should be sent back once more to management
for approval.

4. Improve, confirm and test the statistical solution Upon final approval by authorized personnel, the
change request should be subject to performance qualification. Before the proposed change can be
implemented in this case, an upgraded server the data on the current server needs to be backed up. Only
then can the change be implemented.
To verify the new upgrade against the current server system, practitioners should take a pilot run and analyze
the process; this test also should include the migration of legacy data. The new change can be evaluated by
performing technical tests decided as per protocol.

Statistical evaluation of all affected parameters should be performed against the outputs of the process. If the
implemented change shows the expected improvements in performance, then an implementation plan must be
developed and enacted. After completion of this procedure, a note should be made on the change request that
impacts have been assessed and that the change is ready for implementation in routine practice.

5. Set up a control system with routine verification Controlling and maintaining the change is essential to
the projects success. Newly implemented changes should be assessed at regular intervals to ensure that they
are running effectively. In case of future personnel changes, it is important to provide proper training to all
personnel for handling the new process.
DMAIC is a familiar method to affect change in IT performance. However, to ensure that change is controlled
effectively, practitioners should remember that the DMAIC roadmap also can be employed as an organizational
resource. Six Sigma provides the tools to improve the capability and reduce the defects in any process, and
change control can benefit from this structured approach.