Global Financial Services Leader eliminates audit and compliance risks by implementing Micro Focus Release Control.
“With Serena (now part of Micro Focus) Release Control we have a reliable and repeatable release process, greater visibility into the release activities for all of our stakeholders and significantly improved confidence in our compliance with international laws and internal audit requirements.”
Director Change and Release
This customer is one of the world’s largest banking institutions, with a presence in all major financial centers worldwide and a global workforce of more than 50,000 employees. Services include retail and commercial banking, investment banking, investment management, and wealth management.
The Micro Focus Release Control product manages business critical releases as they move through the lifecycle in the company’s flagship wealth-management division. This division has a large, heterogeneous enterprise IT environment consisting of both mainframe and distributed systems. They are a longtime Micro Focus ChangeMan ZMF (Mainframe Software Change and Configuration Management) and Micro Focus SBM (IT Process Management, Process Automation and Workflow) customer that manages complex releases, spanning both the mainframe and distributed platforms, for more than 200 business applications.
As a leading provider of financial services to high net-worth individuals, individual citizens, and multi-national institutions, this customer is highly regulated and subject to rigorous internal and external compliance requirements and audits. Any audit finding that exposes an unauthorized change to production could result in a substantial financial penalty that would seriously affect the company’s financial performance and business reputation.
Upon review of its current change and release process, they lacked visibility and traceability of changes going from development to production. There was no high-level accountability or signoff for these changes and considerable manual effort was expended in the release and deployment of these changes.
Mainframe and distributed release teams were manually promoting changes into production without any formal coordination across platforms, projects and across the dev-to-deploy lifecycle.
Line-of-business owners were approving RFCs (Requests for Change) without understanding what applications and assets were being changed and what the impact of those changes would be. Ad hoc processes were supported by spreadsheets, email, SharePoint and the dedication, vigilance, and heroism of a few senior team members. There was no single system of record to manage the planning, tracking, and approvals as they transited from development to production. All of these issues added up to a serious risk to the business.
Executive management mandated that an integrated, reliable, and repeatable change and release management solution be implemented urgently that would ensure visibility, accountability, and traceability for all stakeholders and auditors.
The Serena (now part of Micro Focus) team was called in to work with the customer to design and implement an integrated change and release management process that provided visibility and control over release risk and cost. The customer selected Micro Focus Release Control (RLC) for its ability to provide a repeatable release process, providing end-to-end traceability by seamlessly integrating its enterprise change management (ServiceNow) with its software development systems SBM and Micro Focus ChangeMan ZMF (ZMF).
Release Managers now have a reliable and repeatable release process with established authority over release control gates. With Release Control, they have removed the need for SharePoint and spreadsheets. There is a single system of record to plan, track, and coordinate releases across both distributed and mainframe systems. With an integrated change and release process, they have eliminated manual promotions, ended duplicated tracking systems, and have achieved greater environment stability.
Development teams can now push software changes into releases without modifying or changing its existing Software Development Lifecycle (SDLC). Release Control is directly integrated with the customer’s software development tools and this means development teams are focused on developing software rather than worrying about what they have to do to release it.
Line-of-business owners and QA teams are notified when a change approval is pending. With Release Control, they see all the deployment tasks associated with the RFC as well as which applications, systems, and platforms are impacted. Based on the change approval, Release Control automates the promotion of mainframe and distributed changes, alleviating the need for manually changed promotion.
With Release Control in production, this forward-leaning organization has eliminated significant audit and compliance risk with its release management process. Release Control enforces separation of duties and is always “Audit Ready” by providing granular role- and user-based security, ensuring that stakeholders have immediate access to the information they need. Release Control keeps track of all users and system interactions so that the customer can always trace the history of a change request or see who approved a release item.