Explore UCD

UCD Home >

IT Services Change Control Process

IT Services Change Control Process

It is important that all changes (additions, modifications, and removals) related to the IT System Portfolio are assessed as meeting all technical, security, architecture, support, and communication requirements. 

All such changes must be assessed through the appropriate Technical Design Authority, to ensure that beneficial changes are made in a planned and controlled manner with minimum disruption. 

Such changes may arise through:

  • Formal projects within the IT Work Programme
  • Operational service delivery and continuous improvement initiatives
  • Regular support tasks and activities

The Change Control Board (CCB) is the Technical Design Authority for all IT solutions managed by IT Services, supported by local Quality Change Advisory Boards (QCABs) operating in each vertical.

Change Control Board (CCB)

All important and/or non-trivial changes must be submitted to the Change Control Board (CCB) for formal assessment.

Examples include;

  • Changes likely to impact users or increase calls to the IT Helpdesk
  • Modifications with unknown or unquantified user impact
  • Major changes to functionality, system dependencies, or service/security architecture
  • Changes to authentication methods or Single Sign-On (SSO) integration within the IT system portfolio
  • Integration of external systems requiring release of specific user attributes
  • Addition or removal of systems from the IT System Portfolio

The CCB meets the first Wednesday of each month to review proposed changes.  Items for assessment must be submitted at least a week in advance.

Two-Stage Control Process

The CCB governs changes via two mandatory approval gates:

  1. Design & Enabling Works Approval Gate > Approval required during the Planning Phase for proposed solution design and preparatory works
  2. Go-Live Approval Gate > Final approval required before transitioning any solution into a production environment

Top Tips

  • The "Request for Change" is used to outline the proposed change.  While not all questions are mandatory, each should be considered
  • The “System Descriptor” is used to capture key information related to the Service Catalogue and Technical Architecture
  • It is advised that both the “Request for Change” and “System Descriptor” are reviewed and updated by the PM as solutions are developed, as they act as a useful checklist
  • A "System Descriptor" should be maintained for each production system
  • Identifying the appropriate Technical Design Authority is an “Initiating” requirement for all IT Projects
    • For Headline IT Projects the Project Manager must contact EA manager to agree the route
    • For non-headline IT projects, the Project Manager should talk to their local QCAB to determine the appropriate route)
    • Even changes perceived as low-risk may carry wider implications and should be considered by local QCAB (and can directed to the CCB if needed)

Quick Links / Templates

UCD IT Services

Computer Centre, University College Dublin, Belfield, Dublin 4, Ireland.

Contact us via the UCD IT Support Hub: www.ucd.ie/ithelp