Case Study: Strengthening IT Continuity and Change Governance at Firm A

A real-world example of improving IT governance and service management maturity

83%

Reduction in Critical System Downtime

100%

Change Approval Documentation

3x

Increase in Continuity Testing

45%

Improvement in IT Satisfaction

Firm Profile
  • Mid-sized U.S. law firm
  • ~250 attorneys, 3 offices
  • Practice focus: Healthcare, Real Estate, and Commercial Litigation
  • IT team of 12 supporting legal tech, compliance, and client-facing platforms
Focus Areas
  • Service Continuity & Resilience
  • Incident & Problem Management
  • Change & Deployment Governance

Background and Challenge

In early 2023, Firm A experienced a four-hour outage of its document management system (DMS) during a time-sensitive client filing. The issue stemmed from an unreviewed patch that was applied without formal testing or rollback planning. Internal post-mortem analysis revealed:

  • No formal business continuity or disaster recovery playbooks
  • Inconsistent incident escalation pathways
  • Low ticket classification accuracy
  • Uncoordinated system changes across teams

The outage caused delays in a healthcare litigation matter and raised concerns from a key client. Senior leadership initiated a broader review of the firm's IT governance and service management maturity.

Engagement Approach

I was brought in to support the firm's IT leadership in assessing and remediating foundational risks. Using a structured maturity framework tailored to legal-sector operations, the approach focused on three domains:

  • Service Continuity & Resilience
  • Incident & Problem Management
  • Change & Deployment Governance

What We Did

1
Baseline Assessment & Prioritization
  • Used a self-assessment tool to establish baseline maturity scores
  • Identified gaps in continuity planning, unstructured change control, and low visibility into incident trends
2
Targeted Interventions
  • Created a simplified Business Continuity Plan (BCP) and DMS recovery procedure
  • Established a Change Review Board and a risk classification system for production changes
  • Developed root cause templates and implemented post-incident reviews
  • Introduced change freeze windows aligned to matter milestones and fiscal periods
3
Operational Foundations
  • Defined service ownership and documented SLAs
  • Improved ticket classification logic in the helpdesk system
  • Conducted the firm's first tabletop continuity simulation

Outcomes

AreaBeforeAfter
Documented Change Approvals<20%100%
Ticket Categorization Accuracy42%90%
Continuity Tests Conducted0/year3/year
Downtime (Critical Systems)6 hrs/month<1 hr/month
IT Satisfaction Score (CSAT)3.1 / 54.5 / 5

Reflections

  • Quick operational wins helped build internal trust and momentum
  • Having a neutral framework (not vendor-aligned) improved buy-in across IT and legal ops
  • Improvements reduced reputational risk with institutional clients subject to regulatory scrutiny

Key Takeaways

Measure First

Establish baseline metrics before making changes to demonstrate value and track progress

Governance Matters

Simple governance structures create accountability and improve outcomes

Practice Makes Perfect

Regular testing and simulation exercises build resilience and confidence