On August 2, 2012, the Vice Provost of Information Services, Lois Brooks, formally launched a process to define Change Management and Incident Response practices for Information Services. The goal of change management is to increase awareness and understanding of proposed changes across an organization and ensure that all changes are made in a thoughtful way that minimize negative impact to services and customers, while the goal of incident management is to respond to incidents effectively.
The outcome of this process will be an operational framework that all parts of the organization will follow. A Change Advisory Board shall define roles and responsibilities; ensure documented processes for planning, execution, validation, documentation and communication; and develop response processes to unplanned outages.
Per VPIS direction, a task force chaired by Jon Dolan (Director, Network Services) and Kent Kuo (Director, Enterprise Computing Services) developed policy that:
Both the Change Management and Incident Response Policies were formally adopted on December 5, 2012.
Any change to an IT system shall be categorized as a Standard change, a Significant change, or an Emergency change, and units within Information Services shall follow both organization-wide defined processes and additional processes defined by the applicable unit within IS.
The Incident Response policy applies to all service-affecting incidents involving IT services provided by OSU Information Services. This policy does not apply to Security Incidents, which are covered by the Information Security Manual section 502: Incident Response and Escalation.
The Change Advisory Board convened in December, 2012 and began drafting appropriate processes for changes and incidents. As basic processes are defined, the CAB will begin performing its function as a change review body even as it continues to define and refine change processes.
For Academic Year 2014, board membership is as follows.