Improving IT Change Management Processes with Automated Risk Assessment

Authors:
Juliano Araujo Wickboldt;Luís Armando Bianchin;Roben Castagna Lunardi;Fabrício Girardi Andreis;Weverton Luis Costa Cordeiro;Cristiano Bonato Both;Lisandro Zambenedetti Granville;Luciano Paschoal Gaspary;David Trastour;Claudio Bartolini
Affiliations:
Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Federal University of Rio Grande do Sul, Porto Alegre, Brazil;Hewlett Packard Laboratories, Bristol, UK;Hewlett Packard Laboratories, Palo Alto, USA
Venue:
DSOM '09 Proceedings of the 20th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management: Integrated Management of Systems, Services, Processes and People in IT
Year:
2009

Citing 7
Cited 5

A Critique of Software Defect Prediction Models

IEEE Transactions on Software Engineering
Measurement, Prediction and Risk Analysis for Web Applications

METRICS '01 Proceedings of the 7th International Symposium on Software Metrics
Why do internet services fail, and what can be done about it?

USITS'03 Proceedings of the 4th conference on USENIX Symposium on Internet Technologies and Systems - Volume 4
Predicting Project Velocity in XP Using a Learning Dynamic Bayesian Network Model

IEEE Transactions on Software Engineering
ChangeLedge: Change design and planning in networked systems based on reuse of knowledge and automation

Computer Networks: The International Journal of Computer and Telecommunications Networking
A solution to support risk analysis on IT change management

IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
On the risk exposure and priority determination of changes in IT service management

DSOM'07 Proceedings of the Distributed systems: operations and management 18th IFIP/IEEE international conference on Managing virtualization of networks and services

A framework for risk assessment based on analysis of historical information of workflow execution in IT systems

Computer Networks: The International Journal of Computer and Telecommunications Networking
Towards vulnerability prevention in autonomic networks and systems

AIMS'11 Proceedings of the 5th international conference on Autonomous infrastructure, management, and security: managing the dynamics of networks and services
Supporting vulnerability awareness in autonomic networks and systems with OVAL

Proceedings of the 7th International Conference on Network and Services Management
A performance and usability comparison of automated planners for IT change planning

Proceedings of the 7th International Conference on Network and Services Management
Collaborative remediation of configuration vulnerabilities in autonomic networks and systems

Proceedings of the 8th International Conference on Network and Service Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The rational management of IT infrastructures is a goal of modern organizations that aim to deliver high quality services to their customers in an affordable way. Since changes are imminent in such a dynamic environment, failures during this process may directly affect business continuity. Hence, risk assessment is a key process in IT change management. Despite its importance, risks are usually assessed by humans based on empirical knowledge, leading to inaccurate basis for decision making. In this paper, we present a solution for automating the risk assessment process, which combines historical data from previous changes and analyzes impact of changes over affected elements. A prototypical system was developed to evaluate the solution on an emulated IT infrastructure. The results achieved show how the automated solution is capable of raising the quality of changes, therefore reducing service disruption caused by changes.