manage Flashcards
1
Q
purpose of change enablement process
A
- maximise the number of successful service and product changes by ensuring that risks have been properly assessed, authorising changes to proceed and managing the change schedule
2
Q
change readiness (pre)
- what will be changed (3)
- stages of a change (versioning)
A
- technical: components and configurations that will change
- business: requirements expected
- ticketing: log a change ticket
versioning x.y.z
- X = major
- Y = minor
- Z = revision
3
Q
change readiness (pre)
- who is involved
- communication (stakeholder management)
A
- depends on specific implementation
- technical: developer, security, database administrator
- business: process owner, requestor - communication plan
- who in each group
- what to tell them
- when to communicate
- how to communicate
4
Q
change readiness (pre)
- when to make the changes
A
schedule
- when things will happen (rollout, checks)
- how the implementation steps will proceed
- approvals: depend on size of change
- communication: when to communicate
- risks managed
- hour-by-hour plan
5
Q
change readiness (pre)
- success criteria
- rollback
A
- define conditions for rollback to be initiated
- clear timeline for initiating a rollback
- how it will be performed
- what tests to perform after rollback
- who signs-off for post-rollback testing
6
Q
types of change (3)
A
- emergency: required to restore a service disruption due to an incident
- standard: low risk and often repeated, following a well-defined process, pre approved
- normal: not emergency, not common, possibly risky, needs approval
7
Q
checklist before implementing change (7)
A
- testing complete (Unit test, UAT, Rollback)
- approvals (UAT, CAB)
- training complete
- implementation team ready
- implementation plan ready (including rollback plan and communication plan)
- implementation packages ready
- communications done
8
Q
implementation process (4)
A
- implementation execution
- post-check (test, user sign off)
- rollback (what, how, testing)
- clean up (ensure all test data/install scripts removed)
9
Q
during actual implementation, check: (4)
A
- backups completed successfully
- changes implemented in components (hour-by-hour plan)
- test implementation, if not okay rollback and test rollback
- sign off on successful implementation, from requestor (all is as expected) & support manager (ready to support)
10
Q
change operate (post)
- ready for live?
A
- ensure all teams are ready and early-in
- users are ready
- management is aware the change is completed
11
Q
post-implementation: clean up
A
- check if any unnecessary files/testing data leftover (may cause future confusion/issues)
paperwork:
- tracking sheets
- approvals
- configuration information updated
12
Q
change operate (post)
- early live issues
- who, what
A
be aware and ready:
- support team
- key contacts in infrastructure, database admin, security need to be available for any issues
- customer facing stadd
- people related to business process
13
Q
IT support’s role in change (5)
A
- Protecting the live environment from bad changes
- Ensure current systems are not degraded
- Ensure everyone is aware of the change
- Ensure the change can be supported
- Ensure no impact on other systems
14
Q
what is capability
A
the power or ability to do something
15
Q
what is capacity
A
the resources available to do something (eg. time, effort, people)
16
Q
what is maturity
A
- to be well-organised, reproducible and so, of high quality
- consistent high quality of the results
- a well-run organisation will be capable to perform its services and its processes will be reproducible (i.e. mature)
17
Q
why improve performance
A
- increased customer satisfaction
- increased profitability of capturing new and repeat benefits
- increased profit through quality and less rework
- increased productivity
- decreased risk
18
Q
what is a maturity model
A
- a tool that helps people assess the current effectiveness of a person or group
- structured as a series of levels of effectiveness
19
Q
working with a maturity model
A
- begins with assessment (determine which level is currently being performed)
- use the next level to prioritise what capabilities are required next
- decide of the organisation would benefit from moving to the next level
20
Q
what is CMMI
A
capability maturity model integration
- process improvement program to guide improvement across a project, division or an entire organisation
- individuals can be certified for training CMMI and appraising
- administered by the CMMI institute
- required for many government contracts, especially in software development.
21
Q
what is an appraisal
A
- an organisation is appraised in CMMI
- can be awarded a maturity level rating (1-5) or a capability level achievement profile
- to meet the contractual requirements of one or more customers
22
Q
why is an appraisal conducted
A
typically conducted for one or more of the following reasons:
- to determine how well the organisation’s processes compared to CMMI models, eg CAB
- to identify areas where improvement can be made
- to inform external customers and suppliers of how well the organisation’s processes compare to CMMI best practices
23
Q
security guides (2)
A
- considering the case for security content in CMMI for services ( security management)
- security by design with CMMI for development
- OPSD
- SMO
- SRTS
- SVV
- do not affect maturity or capability levels ; process areas can be reported in appraisal result
24
Q
framework comparisons (itil vs six sigma vs cmmi)
- usage
A
IT management vs quality vs process improvement
25
framework comparisons (itil vs six sigma vs cmmi)
- individual certification
practitioner 4 levels vs practitioner 4 levels vs practitioner appraiser instructor
26
framework comparisons (itil vs six sigma vs cmmi)
- level
n/a vs process vs organisation/project
27
framework comparisons (itil vs six sigma vs cmmi)
- type
best practices vs framework vs maturity model
28
what is a change advisory board
a group of experts who review and approve changes to infrastructure, systems and processes
29
what are approvals
- the level of authority needed to for a change depends on the risk and impact of the change
- CAB will check the level of authority approval for each change
30
what is devops
- a mature process integrating development and operations practices into a continuous process.
- increases efficiency, speed, and quality of software delivery
- emphasizes collaboration and communication between development teams, operations teams, and other stakeholders involved in the software delivery process
- automation tools to build, test, and deploy software changes quickly and reliably --> enable faster time-to-market, higher-quality software, and increased collaboration and feedback between development and operations teams.
- associated with the use of Agile methodologies
- emphasizes the use of cloud computing, containerization, and infrastructure as code (IaC) to increase flexibility and scalability in software delivery.
31
what is a continuous delivery (CD) pipeline
- software development, testing, and deployment are integrated into a continuous process
32
what is Agile
- prioritize iterative development, frequent releases, and collaboration.
33
6 essential principles for DevOps adoption
1. Customer-centric action: constantly investing in products and services
2. end-to-end responsibility: support whole life of product, enhance overall quality of product engineered
3. continuous improvement: minimise waste and speed up improvements to the product or service
4. automate everything
5. work as a team
6. monitor and test everything
34
before devops
- processes?
- problems?
- development and operation teams worked in isolation
- manual code deployment leads to human errors in production
- developers & operation teams can have separate timelines and are not in sync
35
why choose devops?
- 9 advantages/reasons
1. predictability: offer significantly lower failure rate of new developments
2. reproducibility: versioning everything so easy restoration
3. maintainability: effortless recovery in the event of a deployment disabling the current system
4. time to market: reduce up to 50%
5. quality: improve quality of application development and IT operations
6. risk: incorporates security in softwares, reduces defects across lifecycle and uses containers such as docker
7. resiliency: system is more stable, secure and changes are auditable
8. cost efficiency
9. smaller code pieces: based on agile programming methods that break larger code bases into smaller manageable chunks
36
what is a waterfall change process (6)
1. requirements
2. system design
3. implementation
4. integration & testing
5. deployment of system
6. maintenance
37
devops lifecycle (8)
1. plan: change requests are managed and assigned by a development manager
2. code: coding takes place constantly in a small development cycle
3. build: code checked in is automatically scanned for quality and security and built into libraries and executable files
4. testing: automated unit testing performed on new code
5. integration: new functionality is constantly integrated with the prevailing code and is re-tested
6. deployment: takes place continuously; containers used to prevent code changes from affecting the functioning of the application
7. operate: all versions in all system environments are kept identical
8. monitor: monitoring automatically includes new changes
38
what are some variations of devops
- future
- DevSecOps
- SRE (site reliability engineering by google)
- Self-healing (AI Ops)
39
what are future trends
- more demand for technology means more demand for ESM
- automation increases and becomes more complex
- data analytics
- faster responses
- lower costs
- need and complexity of security is increasing
40
what is DevSecOps
- automates core security by embedding security controls and processes early in the software development life cycle
- minimises vulnerabilities
- everyone in development life cycle is responsible for security
- brings ops and dev tgt with security functions
** traditionally, security is often only considered at the end of development
41
advantages of DevSecOps
- more automation reduces misadministration and mistakes
- reduces the need to manually configure security consoles
42
what is SRE
site reliability engineering by Google
- applies software engineering principles to operations tasks
- ensures high availability, performance, reliability and efficiency of systems and services
- treats operations as if it's a software problem
- used to protect, provide for and progress software and systems
- behind all of google's public services
- watches availability, latency, performance and capacity
43
what is self-healing
- uses AI to detect and repair systems
before doing self healing:
- get to know your systems
- set up automated alerts to see which error scenarios are most common
- take a holistic look at problems to identify and fix the root causes where possible
44
benefits of self-healing
- happier dev and ops teams
- benefits to users and operations
- reduced support burden
- less rote and menial work
45
IT Ops role in DevOps
- Working with dev teams on products
- Continuous monitoring of the quality of the production environment
- Feedback issue to dev
