Have you ever suffered from a business outage that should never have happened? Or maybe you did a ‘simple server restart’ which cost your business days of productivity and thousands of dollars?
I’ve seen on too many occasions, when taking on new clients, where even simple ITIL processes weren’t followed by the previous service provider. Things like:
- a simple server restart failed and the client’s backup has not worked for months and resulted in a loss of data.
- a third party vendor applied a new update, which failed during install, with no rollback process, resulting in days of rebuilding the environment.
- someone held in the power button on the server because “It was taking too long to shut down”, again, with no good backups AND eventuating in the loss of critical data and the re-entry of months of work.
Implementing ITIL into a small business shouldn’t be expensive or time consuming. There are no licensing costs, no hardware requirements, and providing your service provider has embraced ITIL, it should be free and seamless. No business should operate without it.
A MUST of the many ITIL processes is that businesses need to ensure their ICT provider is enforcing Change Management and critical to this process is the Request for Change (RFC) form. A simple RFC form asks the compulsory questions of the service provider, ensuring you have the information necessary to enable you to make an informed decision when approving a change (regardless of your knowledge of IT).
Some of the key questions should cover off:
The purpose of the change – Why the change and what is the impact if the change is or isn’t made.
The priority of the change – Is this critical? Does this need to be applied immediately or can it be scheduled for a more appropriate time, i.e. after hours?
The business impact – Do you need to retrain staff after the change? Will this change affect other applications or services within your organisation?
Classification – Major, significant or minor. What percentage of the users will be affected? Will it affect other business systems? Is an IT outage required?
Rollback Plan – Probably the most important questions to ask. Are your backups working? Have you completed a test restore from your backups? Does this change require a disaster recovery backup and test restore? Do you need to do more testing off-line and involve key areas of the business in testing before implementation?
Schedule – Based on all the information gathered, what is the date/time that the change is scheduled to be applied?
Trusted Advisor Sign-off – Is the person that you trust with your ICT willing to accept that the changes are necessary, that the impact to the organisation has been assessed and that, if for any reason the change fails, there is a solid rollback plan in place to remove the risk to your business?
Your Sign-off – You, as the business owner, is satisfied that the information provided mitigates the risks to your IT environment.
ITIL is not just for big business or government but for every business that relies on ICT to function. Whether it is your email, accounting software, point of sales or company shared files, ITIL is crucial to ensuring business continuity. Remembering that in small business when your single server fails it means that 100% of your organisation is offline. In big business or government, a similar failure may only affect a very small percentage of users and potentially none at all. This highlights that ITIL is critical to follow in small and medium business, and, if followed correctly, ITIL will save your business - if not today then almost certainly in the future.