Information Services seeks to communicate with the OSU community about the changes we make to the IT systems that we manage. Our goal is to manage, maintain, and upgrade systems in a thoughtful way so that we minimize negative impact to services and customers.

Achieving this goal requires that we plan changes carefully, consult with members of the community regarding planned changes, and respond to unplanned changes systematically to ensure minimal downtime.

Change Management is the formal term for defining our policies and processes.

Types of Changes

The IS Change Management Policy defines three types of changes based on the ITIL framework for service delivery. These changes are:

  • 1. Standard Change – A repeatable change that has been pre-authorized by the Change Authority by means of a documented procedure that controls risk and has predictable outcomes.
  • 2. Normal Change – A change that is not an Emergency change or a Standard change. Normal changes follow the defined steps of the change management process. Low, Medium, or High priority is determined by Unit Directors or delegates.
    • a. Normal Low Changes must be reviewed and approved by the Unit Director or delegate as Change Authority.
    • b. Normal Medium Changes must be reviewed and approved by the Change Advisory Board as Change Authority.
    • c. Normal High changes must be approved by the IT Executive Team as Change Authority.
  • 3. Emergency Change – A change that must be introduced as soon as possible due to likely negative service impacts. There may be fewer people involved in the change management process review, and the change assessment may involve fewer steps due to the urgent nature of the issue; however, any Emergency Change must still be authorized by a manager and reviewed by the Change Advisory Board retroactively.

Change Advisory Board

The IS Change Management Policy requires that all changes be reviewed. Normal / Medium changes should be submitted to the IS Change Advisory Board (CAB) for review.

CAB membership currently consists of:

Raul Burriel - Chair / primary representative, Academic Technology

Max Cohen - Vice-chair / primary representative, Client Services

Michael McDonald - primary representative, Web and Mobile Services

Emily Longman - primary representative, Office of Information Security

Reed Byers - primary representative, Enterprise Computing Services

Francisco Orozco, Jr. - primary representative, Networking and Telecommunications

Marc Cholewczynski - secondary representative, Academic Technology

Mike Akey -  primary representative, IT Infrastructure and Identity Services

Chris Evans - secondary representative, IT Infrastructure and Identity Services

vacant - secondary representative, Client Services

Matthew Brabham - secondary representative, Web and Mobile Services

vacant - secondary representative, Enterprise Computing Services

vacant - secondary representative, Networking and Telecommunications

Change Policies

These policies apply only to services and systems owned by OSU Information Services.

The Incident Response policy does not apply to Security Incidents, which are covered by the Information Security Manual section 502: Incident Response and Escalation.