A while ago I was having a conversation with a friend and former colleague in which we were discussing a certain problem related to Change Management (I apologize I’m not ITIL 2011 compliant; I meant change management). See, my friend works as the change manager and she was trying to figure out how to speed along the change review process, especially after her workplace recently started including RFC’s related to a major business system that previously had it’s own change process. One idea that immediately came to my mind was the use of risk calculation. Depending on the type of change, CI undergoing the change, potential impact, testing plans, etc., etc., she and the CAB could sort out the changes and scrutinize (and deny) them accordingly. While we were talking about how best to calculate the risk, something came into my head that I had yet to see: Why not calculate risk based on the person submitting or implementing the change? I hate to be redundant, but this also fits in perfectly with concepts in gamification in which people accrue “experience” points based on certain actions. It’s this experience that’s supposed to help along the calculation.

If you’re still reading, then you’re probably currently thinking one of three things. First, it’s already being done somewhere and I’m late to the party. Second, it’s crazy and will only cause backlash, upheaval, and the eventual apocalypse in which cats and dogs live together. The third option, and one I’m betting on the majority of ITSM’ers out there to be thinking, is “damn good idea, and we’ll start doing that tomorrow.” In case I’m wrong and most people fall into the second class (not to imply you’re a second class citizen), please allow me to defend my idea just a little.

To begin with, I’d like to go back to my history of working as an incident manager and being (somewhat) involved with change management. I remember, after reviewing the change calendar, that when certain people submitted changes, I knew we had to get ready for something crazy to happen. Either users weren’t notified in time, the service desk wasn’t trained, documentation wasn’t complete, or testing wasn’t thorough…either way, there were certain people that I simply did not trust to ensure a smooth change implementation. Conversely, there were a few fantastic colleagues that had their changes and tasks down to a science; they communicated with all parties involved, they had their documentation up-to-date, and on the rare case in which problems did occur, I knew about it before our users did and we could put in a work-around, or at the very least, send out communication to prevent the flood of calls that would eventually hit the service desk. In a way, I was already calculating risk from my own personal experience.

Now that I admitted the existence of my own personal risk calculations, I’m going to step out on a limb and bet other people in the trenches do the same thing. If that’s true, and there are others out there that calculate risk based on people, then let’s just cut to the chase and put that into the actual risk calculation. “How” will be different for every organization, but I highly recommend the gamification concept of using experience. Everyone starts out at a level of zero, and as they successfully submit and implement changes, which meet all criteria in the change management process, they earn points to eventually level up. If certain parts of the process aren’t followed, their score goes down. Once a certain level is achieved, the risk calculation can eventually reduce the level of risk. Of course, there will always be exceptions; certain CI’s may be of such importance that change requests will always need to be highly examined, but overall, I’ll bet (one more time) that any increase in efficiency for change management will be warmly welcomed. Plus, look at the added benefit that now people will want to learn about the change management process, and most importantly, will want to follow it.

As usual, any system in which people are rated is most definitely going to meet resistance. So, is there a way to sneak the practice into an organization without their ever knowing? Here’s my answer; simply start with the gamification and see how it takes. Some people will not care to play (according to David Smoley, it’s likely to occur with digital immigrants), some will think it’s fun, and still others may not even care. But once people are used it it, tying it into the risk calculation can make it seem like an added reward to following common practice and policy, instead of being seen in a negative context (by the way, I don’t intend to push gamification on anybody; it just seems to fit well with the concept I’m describing).

So, is this a crazy idea? Probably so. Do I care? Of course, I do; I suffer from POLLI and am ever paranoid of the repercussions of looking like an idiot in front of my peers. In truth though we, as people, already rate ourselves. Certifications, educational history and years of work experience are all used to try and demonstrate how much “experience” we’ve already accrued. By gamifying change management and risk calculation, it’s only putting that same behaviour into a granular, and functionally beneficial, form. Maybe it’s not so crazy after all…

 

avatar

Started working in IT in 1999 as a support desk analyst as a way to help pay for food during college. Studied Electrical Engineering for two years before realizing biochemistry was more fun than differential equations, and so ultimately graduated with a Biology degree in 2006. Having (reluctantly) failed at getting accepted into dental school, embraced working in IT and has gone broke becoming an ITIL Expert. Likes to jog, sing camp songs, quote Mel Brooks movie lines and make dumb jokes and loves working for an Israeli tech company where December 25th is a regular work day.