Change control CHMG

(new)

Assessing risks associated with proposed changes and ensuring changes to products, services or systems are controlled and coordinated.

Guidance notes

Change control is applied to anything that impacts on live products, services or systems. This typically includes - applications, infrastructure, documentation, processes, configuration items, suppliers.

Activities include - but not limited to...

  • managing the lifecycle of change requests - registering, assessing, authorising, planning, deploying
  • assessing risks and reducing risks to the availability, performance, security and compliance of the products and services impacted by the change
  • developing processes for standard, normal or emergency changes
  • developing methods and tools to automate change control processes to enable continuous integration

Change control: Level 6

(modified)

Sets the organisation's policy for the management of change in live services and test environments. Ensures effective control and treatment of risk. Leads the development of new methods and tools for change control. Measures and monitors adherence to standards and ensures consistent execution of the process across the organisation.

Change control: Level 5

(modified)

Leads the assessment, analysis, development, documentation and implementation of changes. Develops implementation plans for complex requests for change. Reviews proposed implementations and evaluates the risks to the integrity of the product and service environment. Ensures appropriate change approval is applied to changes. Reviews the effectiveness of change implementation. Identifies, evaluates and manages the adoption of appropriate tools, techniques and processes for change control.

Change control: Level 4

(modified)

Assesses, analyses, develops, documents and implements changes based on requests for change. Ensures that operational processes are in place for effective change control. Develops, configures and maintains tools to manage and report on the lifecycle of change requests. Identifies problems and issues and recommend corrective actions.

Change control: Level 3

(modified)

Develops, documents and implements changes based on requests for change. Applies change control procedures. Applies tools, techniques and processes to manage and report on change requests.

Change control: Level 2

(modified)

Applies tools, techniques and processes to administer, track, log, report on change requests. Applies change control procedures for standard, low-risk changes.