Directory of ITIL, ITSM & security services  
& software. A launch pad for the  
IT infrastructure library (ITIL) & ITSM  

 Directory of Software & Services for ITSM. ITIL Release Management. Contact Us Front Page

Release Management

This discipline of IT Service Management is the management of all software configuration items within the organisation. It is responsible for the management of software development, installation and support of an organisationís software products.

Software is often not regarded as a tangible asset because of its intangible nature, which results in it not being effectively controlled. There can be several versions of the same software within the organisation, and there can also be unlicensed and illegal copies of externally provided software.

The practice of effective Software Control & Distribution involves the creation of a Definitive Software Library (DSL), into which the master copies of all software is stored and from here its control and release is managed. The DSL consists of a physical store and a logical store. The physical store is where the master copies of all software media are stored. This tends to be software that has been provided from an external source. The logical store is the index of all software and releases, versions, etc. highlighting where the physical media can be located. The logical store may also be used for the storage of software developed within the organisation.

SC&D procedures include the management of the software Configuration Items and their distribution and implementation into a production environment. This will involve the definition of a release programme suitable for the organisation, the definition of how version control will be implemented, and the procedures surrounding how software will be built, released and audited.

See the ITIL Toolkit for more information on Incident Management.


Software Control & Distribution and IT Security

All three of the key areas of IT Security (Availability, Confidentiality, and Integrity) can be exposed as a direct result of inadequate software control and distribution. If software changes are badly managed and not fully tested, this can lead to problems if these changes reach the production environment by causing services to be unavailable. In addition, unauthorised software modifications can lead to fraud, viruses, and malicious damage to data files.

For these and other reasons, it is important that SC&D procedures are fully reviewed by a security assessment, to ensure that appropriate counter measures are in place to reduce the threats described above.



Copyright © 1993-2001 BC Associates