What is IT Change Management?

IT change management describes the practices designed to ensure successful prioritizing, approval, scheduling, and execution of changes to IT systems.

As technologies advance, markets adapt, and businesses grow, organizations’ IT infrastructures need to be able to evolve to address new needs. However, rolling out change requests to a company’s internal systems can be difficult, risky, and time consuming.

Perhaps even more importantly, IT changes can directly affect the productivity and engagement of employees who depend on company technology. And whether the change is limited to adding a new office printer, or involves a new technology being implemented across an entire organization, necessary documentation, approval, and implementation practices are vital.

IT change management classifies all changes as either standard, emergency, or normal, and relies heavily on automation wherever possible. This helps ensure a smooth transition, establishing a standardized set of processes to guide IT changes from conceptualization to closure. IT change management is different from organizational change management, which typically refers to managing changes to employee roles and processes within an organization.

Consider something as routine as applying a scheduled antivirus update. This necessary maintenance task is usually very straightforward and relatively painless. However, while security patches are being applied, inward- and outward-facing systems may experience downtime or other issues. As such, the organization is presented with a difficult choice: experience regular interruptions while updating systems, or risk potentially devastating consequences from not updating their security tools.

For organizations to remain competitive, their IT teams need to be able to provide stable, reliable, consistent service. At the same time, they must help the organization adapt to changing needs through regular service updates. Unfortunately, these two directives are often at odds with one another—stability and reliability demand consistency, while service updates, by their very nature, introduce change.

Scenarios for IT Change Management

IT change management takes a best-of-both-worlds approach, providing a defined path for businesses to implement vital changes, while minimizing the resulting disruptions of service. It does this by helping organizations do the following:

  • Prioritizing changes and allocating resources.
  • Collecting relevant information and organizing it into easy-to-understand documents.
  • Implementing reliable testing and vetting of proposed changes.
  • Establishing a definitive framework for managing change processes.
  • Creating communications channels between necessary stakeholders.
  • Establishing effective approval processes.
  • Streamlining the entire change process, significantly reducing service downtime while also delivering value to end users more quickly.

IT change management incorporates a few terms and acronyms, including the following:

IT infrastructure library (ITIL)

ITIL is a framework for standardizing the lifecycle of IT services within an organization. ITIL improves the efficiency and predictability of IT-service selection, delivery, management, maintenance, etc.

ITIL is one of the most popular frameworks for IT service management (ITSM), and is used throughout nearly every industry. In terms of IT change management, ITIL categorizes change into three groups:

  • Standard changes
    Standard changes are low-risk changes that follow an established procedure. These changes are pre-authorized and usually very low risk. Because they follow a set process, these may be easily automated. Examples of standard changes include software patching and updating, replacing outdated hardware, and making new DNS entries.
  • Emergency changes
    Emergency changes are unexpected, and generally must be implemented immediately to mitigate or minimize the negative effects of an emergent situation. Emergency changes may include isolating a network from a large-scale DDoS attack or applying an emergency patch in response to a zero-day exploit.
  • Normal changes
    Normal changes describe any changes that are not standard changes or emergency changes. These changes are further categorized as minor, significant, or major, based on the amount of risk involved. These changes are not pre-authorized or scheduled, but also do not carry the same urgency as emergency changes.

Learn more about change management and request types supported by ServiceNow.

Request for change (RFC)

RFC is a formal request for implementing a specific change. The RFC should contain all information necessary for evaluating and approving or rejecting the change, with the level of detail depending upon the size of the change and its potential impact and risk.

The RFC is a detailed request for change but is not the change itself. This request is sent to the CAB and must provide them with all the information they need to accurately assess the change.

Change advisory board (CAB)

CAB describes the team of individuals tasked with evaluating proposed changes to the IT environment. The formality and complexity of a CAB will vary from organization to organization and may be as simple as an email list or forum, or something as formal as an actual board led by a designated chairman. In all cases, the CAB must be composed of IT decision makers and technical experts, who can apply their own knowledge and experience in reviewing changes.

When a change is suggested, the CAB receives the relevant RFC and uses that information to inform their evaluation. However, the CAB is not responsible for making the final decision. Final approval instead falls to the change manager.

ServiceNow CAB

The CAB workbench assists you in managing CAB meetings in the following ways:

  • Define a schedule for CAB meetings
  • Define CAB meeting attendees
  • Define CAB meeting agenda
  • View change calendar
  • Approve or reject a change request
  • View and record meeting note

Learn more about ServiceNow’s Change Advisory Board.

IT change management has an impact on essentially every part of an organization. As such, the roles and responsibilities associated with change management can be difficult to clearly define. Likewise, different businesses may assign different tasks to different roles, making a universally standardized list impossible. That said, many companies include the following (or similar) roles in their change management initiatives:

Change owner

Oversees and takes responsibility for the entire change management process.

Change manager

Manages the CAB, coordinates teams and stakeholders, makes final decisions to approve or reject proposed changes, and directs the implementation of approved changes.

Change initiator

Proposes changes, collects, and organizes relevant details, and creates plans for change implementation.


Analyzes and evaluates proposed changes and provides recommendations that the change manager may use in making approvals.

Software developer

Often takes on the role of ‘change initiator;’ software developers are directly involved in most IT changes and are worth considering in conjunction with most other IT change management roles.

While IT change management relates to the processes of requesting, evaluating, authorizing, implementing, and reviewing IT changes, release management is more involved in the details of planning and rolling out changes.

The primary purpose of release management is to ensure that everyone involved is fully aware of available resources, how these resources are being deployed, what changes are being made by which teams and departments, and the sequence of tasks being followed.

While there is some overlap, release management is a different—but related—function from change management. Release management often incorporates advanced automation to facilitate seamless review, tracking, and oversight.

IT change management is an essential aspect of business growth and adaptation. The key objectives of IT change management include the following:

Help organizations control changes

Without the right processes, changes can quickly get out of hand. IT change management gives organizations more control over the changes they implement, allowing for effective administration every step of the way, including planning, risk assessment, and tracking. This helps minimize risk and ensures that changes are implemented quickly and accurately.

Improve the implementation of changes

IT change management tracks all change requests. This not only allows for a more organized and manageable approach to IT changes, but it also helps eliminate unauthorized changes. By creating a single set of processes and establishing clear responsibilities, organizations can optimize change implementation throughout their business.

Promote continuous improvement

Huge, sweeping changes tend to entail significant risk, and often throw everything into disarray. On the other hand, ongoing changes that take small, on-going steps to refine and enhance IT infrastructure are much more manageable. Proper IT change management allows businesses to maintain continuous improvement, keeping up with industry trends and rolling out important changes without significantly interrupting their day-to-day operations.

Bring together ITSM, ITOM, and DevOps teams

Possibly the most important goal of IT change management should be to unite teams across ITSM, ITOM, and DevOps. As DevOps and related approaches demand increased rates of change, change managers may find themselves feeling increased pressure. Top change management solutions not only incorporate advanced automation and governance capabilities to ensure that changes are being effectively and timely implemented, but they also need to be able to facilitate improved communication and coordination between departments.

By bringing together each of these key players and providing a single centralized source of truth throughout the entire organization, the ServiceNow Now Platform makes optimal change management collaboration possible.

Effective IT change management demands clear processes for submitting, assessing, approving, and implementing changes. As such, most organizations follow a sequence of prescribed steps:

1. Change request

When the need for change becomes apparent, the first step is to collect basic change information, including notes on possible risks, rewards, and systems that are likely to be affected. This information is then organized into an RFC.

IT Change Management Process | ServiceNow

2. Change request review

Before being sent off, the RFC is reviewed to ensure accuracy, and to validate that the requested change is necessary and feasible.

3. Change planning

With the request finalized, the change must now be fully planned out. The planning stage should incorporate and document details such as impact, rollout plans, backout plans, change roles, and any associated downtime the change might necessitate.

4. Change approval

The RFC is sent to the CAB, as well as any other authorities or internal groups that might have a stake in the change. The CAB reviews the available information, makes an educated assessment of the risk and rewards, and provides a recommendation to the change manager responsible for giving final approval. The change manager then accepts or rejects the change.

5. Change implementation

With approvals in place, the organization can begin implementing the change. Implementation includes scheduling, assigning, and delegating related tasks. Also, by leveraging IT project management, organizations can more effectively handle large-scale changes, more easily directing increased numbers of people and tasks.

6. Change review

Once the change has been implemented, organizations must then review and assess to determine whether the change was successful and if there are any unacceptable deviations from the plan. If any issues are present, they must be resolved before the change can be closed.

7. Change closure

As a final step, the implemented and reviewed change is recorded as either successful, failed, or incomplete. Proper closure documentation helps reduce the risk of duplicate work and prevents essential changes from falling off the company’s radar.

By providing a set or clear processes to follow in planning, approving, and implementing IT changes, change management provides several significant advantages.

Benefits to the organization

  • Decreased number of change collisions, in which too many changes are scheduled simultaneously, resulting in conflicts and strained resources.
  • Increased ability to roll out changes without negatively impacting other operations.
  • Fewer failed changes, due to detailed documentation and effective review and evaluation processes.
  • More-accurate change classification.
  • Integrate organization-wide change processes.
  • Improved change automation, streamlining processes and freeing up teams to focus on other vital tasks.
  • Enabling of business outcomes, in line with ITIL 4, which blends key DevOps concepts—such as CI/CD, safe-to-fail testing, and shortened feedback loops—into change activities.

Benefits to end users

  • Enhanced transparency related to scheduled changes.
  • Reduced downtime due to improved communication.
  • Fewer disruptions because of unauthorized or poorly planned changes.

While the benefits of IT change management are widely recognized, there are also several challenges that can easily stand in the way and hinder effective deployment.

Prohibitive costs

Depending on the scope of the proposed changes, IT change management processes may be prohibitively expensive to deploy.

Reduction in process speed

Occasionally, incorporating a detailed, step-by-step change process may slow down the overall time to delivery, particularly in the case of standard changes that could otherwise be handled without having to include them in the IT change management process.

Failed changes

A high number of failed changes may be indicative of a poor change management process and can eat up resources and time without producing viable results.

Unauthorized changes

Unauthorized changes occur when IT change management adoption is not widespread, approval mechanisms are not effective or not in place, or relevant stakeholders are not included in the approval process. Unauthorized changes incur expenses without being properly documented and are thus difficult to track. They can also create unanticipated problems that could otherwise be avoided by following established procedures.

Change collisions

Poor communication and ineffective planning may lead to multiple changes being scheduled for implementation at the same time. This can cause interruptions in the changes themselves and result in further complications within the IT infrastructure.

High number of emergency changes

Because emergency changes must be addressed as quickly as possible, they tend to circumvent certain parts of the IT change management process. When too many changes are flagged as emergency changes, it can easily lead to delays, confusion, and failure to handle actual emergencies with the earnestness they require.

To ensure the best possible results, organizations should approach change management using the following best practices:

Categorize changes and create specific processes

Different kinds of changes may demand different sets of processes. Creating specific categories for proposed changes, and establishing processes for each that are most effective, depending on priority and other requirements empower organizations to approach each change in the most efficient way possible.

Understand risks and regulations

Organizations have their own levels of risk tolerance and regulatory restrictions. Understanding these considerations and incorporating them into planning and evaluation phases will help ensure that proposed changes don’t create unnecessary problems.

Delegate roles and responsibilities

Where possible and appropriate, change managers and other change leaders should be willing to delegate responsibilities to other reliable individuals. This will allow them to focus on the bigger picture without getting too bogged down in the day-to-day tasks.

Document change proposals

Change documentation should begin during the change-request stage. Managing and proposed changes in a single digital location allows organizations to prioritize changes more effectively, and to revisit lower-priority changes when bandwidth allows.

Perform risk and impact analysis

Every proposed change brings with it certain risks and resource requirements. Applying risk and impact analysis to each change gives decision makers clearer insight to use in making final approval.

Automate wherever possible

The change management process often includes many different steps incorporating a range of roles and can easily get bogged down waiting for approvals or other information. Effective automation helps streamline the entire process and should be employed liberally to ensure that the change is proceeding on schedule.

Leverage reusable change-process templates

Change-process templates are essentially forms that can be customized to the needs of individual organizations. Creating and using these templates can help standardize change requests and the assigning of relevant tasks.

Normalize change

IT change management is as much a cultural shift as it is a procedural one. Organizations should work to make ongoing change the new normal and strive for full adoption among all relevant departments and stakeholders.

Select a framework that fits the business need

A range of frameworks exist for facilitating effective change management. Businesses should take the time to fully review the advantages of each and select the framework that best fits their needs.

Keep stakeholders informed of schedules

When stakeholders are not informed of planned change schedules, it can lead to incidents and confusion, and can also negatively impact other services. Including stakeholders in scheduling not only helps eliminate possible problems, but also encourages continued support from management.

Establish and measure key metrics and KPIs

To determine how effective a change process is, businesses must first identify relevant metrics and KPIs. Quantifying and measuring change management success provides concrete data that can be used to improve processes going forward.

Create contingency plans

Not every change is going to produce the desired outcome. When changes fail, having a backout plan can help organizations cut their losses, and may be the only thing standing in the way of damaging the existing IT infrastructure.

ServiceNow Change Management provides the tools and support to streamline and accelerate complex IT change processes. Built on the award-winning Now Platform, Change Management delivers advanced automation and AI functionality, allowing for easier, more effective change management solutions. And this is only the beginning.

ServiceNow Change Management provides the tools and resources necessary for optimizing, monitoring, and streamlining change in any organization. ServiceNow Change Management capabilities include:

  • Multimodal change
    Customize change activities and workflows to specific cases.
  • Automation of success scores
    Assign numeric-change success scores and evaluate success probability for automating approvals for low-risk changes.
  • Dynamic approval policies
    Use approval definitions to generate approvals according to business requirements.
  • Built-in risk assessments
    Apply out-of-the-box machine learning capabilities to improve risk-assessment effectiveness.
  • Conflict detection
    Identify and resolve scheduling conflicts based on configuration items and planned change start and end dates.
  • Concurrent change management
    Use interactive calendars to view planned changes, blackouts, and maintenance schedules.
  • Guided setup
    Refer to guided steps, visual status checks, and other embedded help options to fast-track deployment.
  • CAB workbench
    Create and run effective Change Advisory Board meetings, to bring together high-level strategists for guidance, assessment, and to review potential failed changes.
  • Single, unified platform
    Bring ITSM, ITOM, DevOps, change management, and more together onto a single platform. This facilitates optimal cross-team collaboration and provides organizations with a single system of record from which to review configuration items and connected services, and better understand the impacts of every change and release plan.

With built-in functionality—including guides, scheduling, documentation, timelines, and analytics—ServiceNow Change Management ensures that more changes can be implemented more effectively, and more frequently.

Discover IT Change Management

Put the power of ServiceNow into your organization’s IT change management and give your businesses the resources it needs to grow.