Risk Assessment questions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-14-2014 11:16 AM
We will be implementing ServiceNow soon. I am looking for examples of Risk Assessment questions for Change Management that you have used that have given you an accurate rating of the change request. How have you weighed the answers to get an accurate rating? Thanks.
- Labels:
-
Service Mapping
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎11-14-2014 05:19 PM
Hi Bob,
Here are the risk questions that we have in our change management module.
Knowledge of Impacted Configuration Items:
- All affected upstream and downstream applications (CI's) being changed and impacted are understood - 1
- It is not understood what affected upstream and downstream applications (Cis) are being changed and impacted - 5
- Some affected upstream and downstream applications (CI's) being changed and impacted are understood - 3
Change Conflict:
- There is a known conflict with this change - 5
- There is a potential conflict with a change shortly before or after this change - 3
- There is no known conflict with this change - 1
Testing/Implementation Capability:
- Testing completed and this type of change has been implemented previously - 1
- Testing completed, but this type of change has never been implemented previously - 2
- Testing has not been completed, and /or this type of change has never been implemented previously - 5
- Testing has not been completed, but this type of change has been implemented previously - 3
Technology Maturity:
- The change is applied to a new infrastructure/applications - 5
- The change is applied to existing infrastructure/applications that have known stability issues identified - 3
- The change is applied to existing stable infrastructure/applications - 1
Service Availability:
- The change applied during affected customer business hours but during Maintenance Window Agreement - 1
- The change applied during affected customer business hours with no Maintenance Window Agreement - 5
- The change applied outside affected customer business hours with no Maintenance Window Agreement - 3
User Impact:
- The change applied impacts half of users - 3
- The change applied impacts less than half of users - 1
- The change applied impacts more than half of users - 5
Service Impact:
- Services impacted and have no documented work around - 5
- Services impacted but have documented work around - 3
- Services not impacted - 1
Integer values are set for each of these options as shown above and there is a business rule to calculate the risk as high medium low based on the sum of integer values of the above replies.
The business rule has the following logic:
if risk < 13 - set risk to low
else if risk < 25 - set risk to medium
else - set risk to high
Thanks,
Swathi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-20-2022 02:43 AM
Very useful Swathi!
