manage

Question 1

purpose of change enablement process

Answer 1

• maximise the number of successful service and product changes by ensuring that risks have been properly assessed, authorising changes to proceed and managing the change schedule

Question 2

change readiness (pre)
- what will be changed (3)
- stages of a change (versioning)

Answer 2

• technical: components and configurations that will change
• business: requirements expected
• ticketing: log a change ticket

versioning x.y.z
- X = major
- Y = minor
- Z = revision

Question 3

change readiness (pre)
- who is involved
- communication (stakeholder management)

Answer 3

1. depends on specific implementation
   - technical: developer, security, database administrator
   - business: process owner, requestor
2. communication plan
   - who in each group
   - what to tell them
   - when to communicate
   - how to communicate

Question 4

change readiness (pre)
- when to make the changes

Answer 4

schedule
- when things will happen (rollout, checks)
- how the implementation steps will proceed
- approvals: depend on size of change
- communication: when to communicate
- risks managed

• hour-by-hour plan

Question 5

change readiness (pre)
- success criteria
- rollback

Answer 5

• define conditions for rollback to be initiated
• clear timeline for initiating a rollback
• how it will be performed
• what tests to perform after rollback
• who signs-off for post-rollback testing

Question 6

types of change (3)

Answer 6

1. emergency: required to restore a service disruption due to an incident
2. standard: low risk and often repeated, following a well-defined process, pre approved
3. normal: not emergency, not common, possibly risky, needs approval

Question 7

checklist before implementing change (7)

Answer 7

1. testing complete (Unit test, UAT, Rollback)
2. approvals (UAT, CAB)
3. training complete
4. implementation team ready
5. implementation plan ready (including rollback plan and communication plan)
6. implementation packages ready
7. communications done

Question 8

implementation process (4)

Answer 8

1. implementation execution
2. post-check (test, user sign off)
3. rollback (what, how, testing)
4. clean up (ensure all test data/install scripts removed)

Question 9

during actual implementation, check: (4)

Answer 9

• backups completed successfully
• changes implemented in components (hour-by-hour plan)
• test implementation, if not okay rollback and test rollback
• sign off on successful implementation, from requestor (all is as expected) & support manager (ready to support)

Question 10

change operate (post)
- ready for live?

Answer 10

• ensure all teams are ready and early-in
• users are ready
• management is aware the change is completed

Question 11

post-implementation: clean up

Answer 11

• check if any unnecessary files/testing data leftover (may cause future confusion/issues)

paperwork:
- tracking sheets
- approvals
- configuration information updated

Question 12

change operate (post)
- early live issues
- who, what

Answer 12

be aware and ready:
- support team
- key contacts in infrastructure, database admin, security need to be available for any issues
- customer facing stadd
- people related to business process

Question 13

IT support’s role in change (5)

Answer 13

• Protecting the live environment from bad changes
• Ensure current systems are not degraded
• Ensure everyone is aware of the change
• Ensure the change can be supported
• Ensure no impact on other systems

Question 14

what is capability

Answer 14

the power or ability to do something

Question 15

what is capacity

Answer 15

the resources available to do something (eg. time, effort, people)

Question 16

what is maturity

Answer 16

• to be well-organised, reproducible and so, of high quality
• consistent high quality of the results
• a well-run organisation will be capable to perform its services and its processes will be reproducible (i.e. mature)

Question 17

why improve performance

Answer 17

• increased customer satisfaction
• increased profitability of capturing new and repeat benefits
• increased profit through quality and less rework
• increased productivity
• decreased risk

Question 18

what is a maturity model

Answer 18

• a tool that helps people assess the current effectiveness of a person or group
• structured as a series of levels of effectiveness

Question 19

working with a maturity model

Answer 19

• begins with assessment (determine which level is currently being performed)
• use the next level to prioritise what capabilities are required next
• decide of the organisation would benefit from moving to the next level

Question 20

what is CMMI

Answer 20

capability maturity model integration
- process improvement program to guide improvement across a project, division or an entire organisation
- individuals can be certified for training CMMI and appraising
- administered by the CMMI institute
- required for many government contracts, especially in software development.

Question 21

what is an appraisal

Answer 21

• an organisation is appraised in CMMI
• can be awarded a maturity level rating (1-5) or a capability level achievement profile
• to meet the contractual requirements of one or more customers

Question 22

why is an appraisal conducted

Answer 22

typically conducted for one or more of the following reasons:
- to determine how well the organisation’s processes compared to CMMI models, eg CAB
- to identify areas where improvement can be made
- to inform external customers and suppliers of how well the organisation’s processes compare to CMMI best practices

Question 23

security guides (2)

Answer 23

1. considering the case for security content in CMMI for services ( security management)
2. security by design with CMMI for development
   - OPSD
   - SMO
   - SRTS
   - SVV

• do not affect maturity or capability levels ; process areas can be reported in appraisal result

Question 24

framework comparisons (itil vs six sigma vs cmmi)
- usage

Answer 24

IT management vs quality vs process improvement

Question 25

framework comparisons (itil vs six sigma vs cmmi)
- individual certification

Answer 25

practitioner 4 levels vs practitioner 4 levels vs practitioner appraiser instructor

Question 26

framework comparisons (itil vs six sigma vs cmmi)
- level

Answer 26

n/a vs process vs organisation/project

Question 27

framework comparisons (itil vs six sigma vs cmmi)
- type

Answer 27

best practices vs framework vs maturity model

Question 28

what is a change advisory board

Answer 28

a group of experts who review and approve changes to infrastructure, systems and processes

Question 29

what are approvals

Answer 29

• the level of authority needed to for a change depends on the risk and impact of the change
• CAB will check the level of authority approval for each change

Question 30

what is devops

Answer 30

• a mature process integrating development and operations practices into a continuous process.
• increases efficiency, speed, and quality of software delivery
• emphasizes collaboration and communication between development teams, operations teams, and other stakeholders involved in the software delivery process
• automation tools to build, test, and deploy software changes quickly and reliably –> enable faster time-to-market, higher-quality software, and increased collaboration and feedback between development and operations teams.
• associated with the use of Agile methodologies
• emphasizes the use of cloud computing, containerization, and infrastructure as code (IaC) to increase flexibility and scalability in software delivery.

Question 31

what is a continuous delivery (CD) pipeline

Answer 31

• software development, testing, and deployment are integrated into a continuous process

Question 32

what is Agile

Answer 32

• prioritize iterative development, frequent releases, and collaboration.

Question 33

6 essential principles for DevOps adoption

Answer 33

1. Customer-centric action: constantly investing in products and services
2. end-to-end responsibility: support whole life of product, enhance overall quality of product engineered
3. continuous improvement: minimise waste and speed up improvements to the product or service
4. automate everything
5. work as a team
6. monitor and test everything

Question 34

before devops
- processes?
- problems?

Answer 34

• development and operation teams worked in isolation
• manual code deployment leads to human errors in production
• developers & operation teams can have separate timelines and are not in sync

Question 35

why choose devops?
- 9 advantages/reasons

Answer 35

1. predictability: offer significantly lower failure rate of new developments
2. reproducibility: versioning everything so easy restoration
3. maintainability: effortless recovery in the event of a deployment disabling the current system
4. time to market: reduce up to 50%
5. quality: improve quality of application development and IT operations
6. risk: incorporates security in softwares, reduces defects across lifecycle and uses containers such as docker
7. resiliency: system is more stable, secure and changes are auditable
8. cost efficiency
9. smaller code pieces: based on agile programming methods that break larger code bases into smaller manageable chunks

Question 36

what is a waterfall change process (6)

Answer 36

1. requirements
2. system design
3. implementation
4. integration & testing
5. deployment of system
6. maintenance

Question 37

devops lifecycle (8)

Answer 37

1. plan: change requests are managed and assigned by a development manager
2. code: coding takes place constantly in a small development cycle
3. build: code checked in is automatically scanned for quality and security and built into libraries and executable files
4. testing: automated unit testing performed on new code
5. integration: new functionality is constantly integrated with the prevailing code and is re-tested
6. deployment: takes place continuously; containers used to prevent code changes from affecting the functioning of the application
7. operate: all versions in all system environments are kept identical
8. monitor: monitoring automatically includes new changes

Question 38

what are some variations of devops

Answer 38

• future
• DevSecOps
• SRE (site reliability engineering by google)
• Self-healing (AI Ops)

Question 39

what are future trends

Answer 39

• more demand for technology means more demand for ESM
• automation increases and becomes more complex
• data analytics
• faster responses
• lower costs
• need and complexity of security is increasing

Question 40

what is DevSecOps

Answer 40

• automates core security by embedding security controls and processes early in the software development life cycle
• minimises vulnerabilities
• everyone in development life cycle is responsible for security
• brings ops and dev tgt with security functions

** traditionally, security is often only considered at the end of development

Question 41

advantages of DevSecOps

Answer 41

• more automation reduces misadministration and mistakes
• reduces the need to manually configure security consoles

Question 42

what is SRE

Answer 42

site reliability engineering by Google
- applies software engineering principles to operations tasks
- ensures high availability, performance, reliability and efficiency of systems and services
- treats operations as if it’s a software problem
- used to protect, provide for and progress software and systems
- behind all of google’s public services
- watches availability, latency, performance and capacity

Question 43

what is self-healing

Answer 43

• uses AI to detect and repair systems

before doing self healing:
- get to know your systems
- set up automated alerts to see which error scenarios are most common
- take a holistic look at problems to identify and fix the root causes where possible

Question 44

benefits of self-healing

Answer 44

• happier dev and ops teams
• benefits to users and operations
• reduced support burden
• less rote and menial work

Question 45

IT Ops role in DevOps

Answer 45

• Working with dev teams on products
• Continuous monitoring of the quality of the production environment
• Feedback issue to dev