Change management is a process that manages changes to systems or network configurations. Unmanaged and unauthorized changes can affect security operations or controls, open security holes, and result in outages. Even if a system is secured, it is possible for system administrators to make modifications; however, a change management process provides the format and necessary consideration to how a change may affect other systems.

You should implement a formal process to change network configuration settings. This includes adhering to a written policy that defines all roles, responsibilities, and procedures related to change management. The objective is to maximize the benefits for all people involved in the change and minimize the risk of failure.

A change control board should approve each change. The primary objectives of the change control board are to ensure that all changes are properly tested, authorized, scheduled, communicated, and documented. Membership of the board should include system administrators, asset owners (such as a database owner), and management so that the purpose of any change is known throughout the organization, and stakeholders have the opportunity to discuss how that change may affect their assets and how the network functions.

Documentation includes what was done, by whom (person/team, third-party vendor), why it was done, and any testing that occurred. The list should be listed in reverse chronological order (most recent changes listed first; then older changes listed in order of completion) and easily accessible to administrators on the network. This is because the latest change or modification prior to an incident may have caused the incident, and administrators need to know what should be done (or undone) if the change affected normal operations. This document also aids in sharing the ramifications of undoing a change or of testing.