Yet the technology that we have been putting in place over the last 30 years has grown to a level of complexity where just managing it is taking nearly four fifths of an IT department's budget, and any change is seen as a major risk to the capabilities of the company. Changes that could have been risked 20 years ago as having little impact on a business are now too dangerous to contemplate without weeks or months of regression testing and planning. We have a dichotomy - the speed of business change is increasing - just when the capability to implement changes in technology has slowed.

Headlines break every day with stories of Company A giving out a profits warning due to problems with a new ERP system, or Company B having to spend more money than it expected to get the expected returns from its CRM system. It seems that technology is now more of a brake to many companies than the accelerator that was expected.

In many cases, the issue comes down to a lack of knowledge of the IT environment, and a lack of capability to manage change across this environment. Poor knowledge of assets and their interdependencies combined with poor policies leads to a lack of visibility of the impact a change at the technology level can have on the business. This, in turn, leads to inappropriate changes being carried out, which can then lead to the need for remedial actions having to be taken to return the system to a working state. Due to the lack of knowledge of the interdependencies of the systems and how the business is dependent on them, finding the root cause of a problem is long-winded and costly. This is why IT departments are spending so much of their budget on maintenance - and why companies still see IT departments as being of little overall value to the business as a whole.

This document looks at the needs of the company when it comes to change control and management, and the steps that an IT department needs to take to ensure that they are seen as responsive and supportive to the business. By following these steps, Quocirca believes that IT departments will also have a greater degree of financial control over their environment - so freeing up more funds for new projects to support the business - rather than just tinkering and maintaining existing functionality.

The overall findings of this document are that knowledge of technical assets of all kinds, combined with a knowledge of the interdependencies between them is key. By having this knowledge, an IT department can then help companies to ascertain their risk profile to a change, and to carry out basic risk analysis as to whether any specific change should be carried out. Also, through the knowledge of the overall infrastructural state, IT departments can not only rapidly roll back to a last known working environment - but can also more easily identify the root cause of any problem.

Systems management is no longer just dealing with break/fix issues, or alerting administrators to technology problems. A well thought out systems management policy should be highly proactive, should be able to see issues before they become problems, should be able to identify possible problem areas and deal with them on a controlled and pragmatic basis. Part of this need is covered by Change and Configuration Management - the subject of this document.