Creating an Effective Change Management Strategy

With any SaaS deployment, communication and training are key components of a successful rollout. The main objective is to ensure your end users understand that there is a new way of taking an action or activity. Your end users have been executing the same activities for a very long time. When you introduce a new tool to them, it must be done in an effective and cohesive manner. Your Customer Experience (CX) is here to guide you from the beginning phase of a rollout to an adoption phase where your end users are actively getting work done and driving down risk through the Cisco Vulnerability Management platform. Much of this may seem like it is “behind the scenes” but it all comes together through a well planned and thought out change management strategy. 



One of the first items our CX team focuses on is understanding your use cases and goals for the Cisco Vulnerability Management deployment. By understanding what your pain points are and how you plan to leverage Cisco Vulnerability Management, we can better guide you during the deployment. Also, it’s very important for us to ensure that customers understand how to use the platform both from an administrative and end user perspective, thus training and configuration are large drivers of a successful change management strategy. With training also comes an internal communication plan. Users need to be updated on what change is coming, when and why. If you are replacing an old process or tool, you’ll need to help them understand why you are moving to this new tool and what value it will bring. 

With a solution like Cisco Vulnerability Management, users may be transitioning from an ad-hoc, manual driven process of remediating vulnerabilities (e.g. manual reports, spreadsheet driven), to a more streamlined, intuitive, risk based approach of driving down risk. Your change management strategy is going to call for some important, and worthy tactics to ensure that your users understand the upcoming change and rationale. Below are a few simple steps to ensure a successful change management strategy:

  • End User Training
    • Plan for a training that you can replicate across departmental units / business units.
    • Keep your Cisco Vulnerability Management training content high level, focus on why this change is going to be valuable for your users and how much of an improvement it will be over the previous process.
    • Hold regular, virtual Cisco Vulnerability Management open office hours where users can join to ask questions and get best practices.
    • Setup internal “roadshows” to get your users up to speed on the Cisco Vulnerability Management platform through targeted training.
  • Plan out your Risk Meter Strategy
    • Risk Meters typically take on one of these three roles: Strategic, Tactical, Administrative: 
      • Strategic - High-level risk meter generally used for reporting, and tracking overall metrics for a large number of assets.
      • Tactical - Low-to-Mid-level risk meter that can be used to break down to the smallest teams, or specific efforts. Can be used to show all of the work being done by your teams that might get lost in the larger, strategic risk meters. Also, these risk meters generally have shorter more focused lifespans.
      • Administrative - These risk meters can help you as a Cisco Vulnerability Management user to help with your workflow and process.  They can act as a sort of inbox, by showing you when you have outliers that need to be addressed, or risk-accepted vulnerabilities that are due to be reviewed.
    • Pro Tips:
      • Determine the best breakdown of the above risk meter types for your organization. What are your reporting needs and operational needs?
      • Create some core risk meters to start capturing daily metrics, and continue to build them out as you build your vulnerability management process.
  • Role Based Access Control
    • Determine who are your users/customers?
    • Determine what each User Group needs to have visibility into and what actions they need to take within the Cisco Vulnerability Management platform.
    • Review Custom Role capabilities to determine what matches your needs for each functional team involved in your Vulnerability Management Program
      • Who needs to see what?
      • What actions do they need the ability to take?
  • Communication Plan
    • Develop a detailed plan to communicate the various milestones and dates for your launch of Cisco Vulnerability Management.
    • Keep users informed of certain milestones in the deployment process to ensure a successful rollout.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.