The Pitfalls of Change Management: Why it Often Fails

The Gap Between Adoption and Effectiveness

Almost every IT organisation of any size has some form of change management process. It is one of the practices that organisations tend to implement early in their ITSM journey, often driven by a major incident caused by an uncontrolled change.

But adoption and effectiveness are different things. In our assessment work, change management is consistently one of the practices where the gap between documented process and operational reality is widest. Teams know the process exists. They do not always follow it — and when they do, they often do not do so in a way that delivers the intended risk reduction.

Failure Mode One: The Change Advisory Board as Bureaucracy

The CAB is designed to bring appropriate expertise to bear on assessing change risk. In practice, it frequently becomes a bureaucratic gate that slows changes without adding meaningful risk assessment — a box-ticking exercise that sophisticated practitioners learn to route around.

A CAB that is seen as adding friction rather than value will be bypassed. And a bypassed change management process is worse than no change management process, because it creates a false sense of control while the real risk accumulates in unregistered changes.

Failure Mode Two: One-Size-Fits-All Process

Change management processes that apply the same level of rigour to every change — regardless of risk, complexity or reversibility — inevitably create pressure to bypass the process for routine, low-risk changes. A standard change that requires CAB approval is a process design problem, not a compliance problem.

Effective change management differentiates clearly between standard changes (pre-approved, low-risk, routine), normal changes (requiring assessment and approval) and emergency changes (requiring rapid but still structured response). Getting these categories right — and getting teams to use them consistently — is where most of the implementation work lies.

Failure Mode Three: Change Without Post-Implementation Review

The post-implementation review is the mechanism by which change management learns and improves. In most organisations, it happens inconsistently at best — usually only after a change causes an incident. This means the process cannot identify patterns in near-misses or successful changes, and improvement is reactive rather than proactive.

Building a Change Process That Works

The characteristics of effective change management are consistent across organisations: clear change models with appropriate rigour for each risk level, a CAB that adds genuine value rather than bureaucratic friction, consistent categorisation that makes metrics meaningful, and post-implementation review that feeds continuous improvement.

Getting there requires honest assessment of current practice — not just the documented process, but how changes are actually handled day to day. The gap between those two things is where the improvement work lives.