Visible Ops Security: Four-Phase Approach to FIM File Integrity and Change Management Security



While annual business plans focus on strategic initiatives designed to keep the enterprise competitive or to mitigate risk, it’s the day-to-day operations that consume the most time and resources. For many IT organizations, it seems that just keeping the computers running and the lights on occupies the majority of their time.

What can you do to gain control? Control change. When you can consistently and effectively control change in an IT production environment, you have taken a significant step forward in operational effectiveness, resource efficiency, and risk mitigation. Effective change management processes appropriately blend process, people and technology—and helping IT organizations institute them is the goal of the IT Process Institute’s Visible Ops methodology. The Visible Ops methodology delivers clear, concise guidance on how to improve processes by controlling change.

Download the full paper to begin implementing your own four-phase Visible Ops approach.

What Is Visible Ops?


The IT Process Institute’s Visible Ops methodology is grounded in Information Technology Infrastructure Library (ITIL) best practices and lessons learned from working with high-performing IT organizations since the year 2000. Visible Ops is based on three distinct project phases, followed by ongoing process improvement efforts. The phases are:

This phase focuses on reducing the volume of unplanned work enough to free resources for working on strategic projects.

During this phase, we create a configuration item (CI)1 inventory and identify systems that are so fragile that they should be rebuilt or replaced.

In this phase, engineers focus on creating repeatable system configurations—or builds. Repeatable, or standard, builds reduce or eliminate variation between systems so that it becomes more resource-effective to rebuild them than to debug them.

Once standard configurations and builds are in place, supported by effective change management controls, the IT organization can shift its focus from improvement projects to identifying opportunities for ongoing improvement based on metrics.


Visible Ops was designed to be implemented quickly and to immediately return value. Only by rapidly demonstrating its value can it “catalyze” the cultural change and become sustainable.

Organizations embarking on Visible Ops must recognize that they are doing far more than defining and implementing processes. Rather, they are shepherding organizational change, which necessitates a change in culture. This is why change control begins at the top of the organization and why there must be steadfast support from senior management. The tone at the top can help the project succeed or ensure its failure.

Creating awareness and setting proper expectations is critical. You must be able to communicate that:

  • Policies and procedures are vital and must be followed
  • All changes will be detected through the use of a change auditing solution, such as Tripwire® Enterprise software
  • Unauthorized changes will be investigated
  • Individuals responsible for unauthorized changes will be held accountable to management and their peers. This includes publicly identifying the culprits after a major incident and may also include formal disciplinary action.
  • The message must be clear that the only acceptable number of unauthorized changes is zero. And this message must be reflected and reinforced by policies, procedures, and the actions of IT management.

Phase four is an ongoing process that provides a framework for using change management process metrics to identify areas for improvement and document the presence of effective IT controls.

File Monitoring Software and Visible Ops 


Tripwire® Enterprise plays an integral role in world-class IT organizations. Tripwire Enterprise delivers visibility into the entire IT infrastructure, immediately detecting changes to system baseline configurations and file systems—for servers, desktops, network devices, databases, directory servers, and more.

With Tripwire Enterprise software, you can establish three critical change control capabilities:

Tripwire solutions detect infrastructure change independent of who made the change or how it was made. By separating change detection from the people and technologies that initiate change, Tripwire provides an independent detective control for all automated and manual changes across the entire service stack.

By accessing information in leading change management tools, Tripwire solutions enable rapid reconciliation to quickly determine which changes were authorized and which weren’t.

Through independent, verifiable audit logs of all actual change activity, Tripwire reports document compliance and enables change management policy enforcement and accountability.


In addition to detecting service-affecting change, Tripwire’s FIM security software enables you to enforce change management processes and assign accountability for change. When a change is detected that cannot be reconciled with authorized work orders, management can identify who made the change and initiate appropriate consequences. Detection and enforcement capabilities can help deter ad hoc changes and are critical components in a successful culture of change.

With credible data, an IT audit trail, and histories of change over time, the IT organization becomes a credible force in measuring improvements and aligning IT improvements and metrics to overall enterprise objectives. Tripwire Enterprise becomes a vital element of effective ongoing change and configuration management:

  • Tripwire Enterprise Change Process Compliance and Change Window reports can track racking compliance with change management processes
  • Frequently Changed Nodes reports can highlight volatile systems that may warrant further investigation
  • Tripwire reports are used to compare production builds to stored baselines and identify variances for more accurate building and testing
  • Tripwire reports enable Release Management to match pre-production machines with production systems for accelerated development and testing
  • Tripwire Enterprise enables Operations staff to quickly know what changed, how it changed, and who changed it