Change Management Policy
Policy Owner: Manager, Performance Achievement
Policy Sponsor: ITSM Steering Committee
The policy owner has the responsibility and authority to execute and monitor the defined and established Change Management process.
Note: An owner must be a PCES-level manager or higher.
This policy provides the formally documented expectations and intentions used to direct decision making and ensure consistent and appropriate development and implementation of processes, standards, roles, activities, etc., with regard to this policy.
The purpose of this policy is to ensure that any changes to the Postal Service Technology Environments are managed through an established process. USPS will utilize the best practice framework (i.e., ITIL) for the implementation of Change Management within the Postal Service Technology Environments.
Change Management is the process that controls the lifecycle of all changes, enabling beneficial changes to be made with minimum disruption to IT services.
The goals of the Postal Service Change Management policy include the following:
Establish and enforce a standard process for planning, approving, implementing, and reporting changes to Postal Service Technology Environments.
Establish clearly defined best practice processes to ensure compliance with PCI, SOX, and other legal or regulatory requirements.
Prevent or minimize risks to the Postal Service Technology Environments from the change request being implemented.
This policy applies to all Postal Service personnel and contracted vendors involved in activities that cause or require changes to technology solutions within the Postal Service Technology Environments.
This policy also applies to those IT environments designated by the ITSM Steering Committee, including, but not limited to, applications, data, network, platforms, middleware services, computing facilities, and systems management. The Change Management policy also applies to the design, configurations, and parameters.
The following policy is established for Change Management:
A change request is required for any change to the environment(s) that are subject to the policy as designated by ITSM Steering Committee.
Modifications that alter the original scope of a submitted change request are not permissible. In the event a task or change related item needs modification within the original scope, management approval is required.
A change request must be submitted in a complete format with a defined scope, implementation date and time, and instructions. “Umbrella” and “placeholder” change requests are not accepted.
A back out plan is required for all production changes.
The implementation plan must provide step-by-step procedures which state the necessary details on how to implement a change. An implementation plan must refer to the back-out plan and must include a communications plan which may include IT and business contacts.
Changes that have a direct impact to business operations need to have business notification and/or approval through normal communications.
All Cfg-Item changes require updating the CMDB and conforming to the configuration management policy and process.
Prior to gaining initial access to the Change Management tool, individuals must complete appropriate training that is designated to their Change Management role.
This policy will complement and not supersede compliance policies such as CIRT, SOX, PCI, and TSLC.
Any requests for exceptions to this policy must be submitted in writing and will be reviewed on a case by case basis. Exceptions shall be permitted only after documented approval from the ITSM Steering Committee.
Change Requests (CRs) will be audited on a periodic basis by the Change Management team for policy compliance.
The appropriate IT executive manager will be notified of any individual who violates the policy and may be subject to review and further actions.
The Change Management Policy will be reviewed on the following basis:
For access to the following documents, contact the US Postal Service. See Publication 5, Let's Do Business for further information about local US Postal Service contacts.
|Revision Description:||Updated the look and feel to be consistent with the other policies, processes, and standards|
|Revision Description:||Updated policy owner, added policy sponsor|
|Revision Description:||Added best practice and compliance statements.|
|Revision Description:||Redefined environments.|
• Removed references to production and CAT environments
|Section(s) Revised:||Policy Compliance and Monitoring; Exceptions; Policy Review; Definitions|
|Revision Description:||New sections|