Change
Change
IT systems, applications, and infrastructure are effectively managed. These policies help reduce
risks, minimize service disruptions, and ensure that all stakeholders are informed and prepared
for transitions.
2. Change Classification
o Types of Changes:
Standard Changes: Pre-approved, low-risk changes (e.g., routine updates).
Emergency Changes: High-priority, unplanned changes required to resolve
critical issues.
Major Changes: High-impact changes needing full review and testing (e.g.,
system migrations).
o Risk Assessment: Each change request is assessed for potential risks, impact level, and
urgency to determine the required approvals and planning.
3. Approval Process
o Change Advisory Board (CAB): A committee, often consisting of IT, security, and
business stakeholders, reviews and approves major changes.
o Managerial Approvals: Department heads and managers approve standard and low-risk
changes.
o Emergency Approvals: Fast-tracked approvals for emergency changes to prevent
business disruptions.
o Approval Documentation: Document all approvals, ensuring a record of accountability
and compliance.
5. Change Implementation
o Testing: Execute change in a test environment to verify results and identify potential
issues before deployment.
o Execution: Deploy the change according to the approved plan, with real-time
monitoring for unexpected issues.
o Documentation: Update all relevant systems, applications, and documentation with the
new changes.