"I have noticed even people who claim everything is predestined, and that we can do nothing to change it, look before they cross the road."
Stephen Hawking
Assessing the risks associated with a change can be more art than science. It is a challenge to accurately measure the urgency and impact of changes to a complex system using only quantitative methods. Some qualitative analysis can help create a fuller and clearer picture of a possible change.
Assessing risk is one step in a standard, repeatable change process. For example (and I am greatly simplifying here), the ITIL framework recommends the following steps:
- Record
- Validate
- Assess
- Authorize
- Implement
- Review and close
The assessment step is different for every organization, based on individual criteria and context. ServiceNow offers the Change Management Risk Assessment plugin as a flexible tool for designing risk assessments and obtaining some qualitative information about a change. After installing the plugin, you can do the following:
- Create a risk assessment
- Write risk questions and possible answers
- Give each question a weight
- Set thresholds to determine the risk based on composite scores (sum of all weighted scores)
- Set assessment conditions to determine the risk assessment for each change (for example, a hardware change or a software change)
When risk assessments are in place, end users answer the questions on the appropriate risk assessment form. There are sample risk assessments included with the plugin. The graphic shows the software change sample risk assessment:
After the end user answers the questions, they can click the Execute Risk Calculation related link. Calculation results appear at the top of the Change record:
After risk is determined, many decisions can be made, including whether to make the change at all, when to implement the change, and if the change needs to take place before or after another change.
Controlling changes and using a solid risk assessment process can reduce service interruptions, lower the number of emergency changes, keep the business running smoothly, and reduce project delays.
For more information, see:
Using Change Risk Assessment (ServiceNow product documentation)
Control display of UI action button on risk assessment questionnaire (ServiceNow Community Discussion)
Writing a risk assessment answer back to change form field (ServiceNow Community Discussion)
Making risk assessment actions mandatory (ServiceNow Community Discussion)
