change control

Change control is a systematic approach to managing all changes made to a product or system. The purpose is to ensure that no unnecessary changes are made, that all changes are documented, that services are not unnecessarily disrupted and that resources are used efficiently. Within information technology (IT), change control is a component of change management.

The change control process is usually conducted as a sequence of steps proceeding from the submission of a change request. Typical IT change requests include the addition of features to software applications, the installation of patches, and upgrades to network equipment.

Here's an example of a six-step process for a software change request:

  1. Documenting the change request:
    When the client requests the change, that request is categorized and recorded, along with informal assessments of the importance of that change and the difficulty of implementing it.
  2. Formal assessment:
    The justification for the change and risks and benefits of making/not making the change are evaluated. If the change request is accepted, a development team will be assigned. If the change request is rejected, that fact is documented and communicated to the client.
  3. Planning:
    The team responsible for the change creates a detailed plan for its design and implementation, as well as a plan for rolling back the change should it be deemed unsuccessful.
  4. Designing and testing:
    The team designs the program for the software change and tests it. If the change is deemed successful, the team requests approval and a date for implementation.
  5. Implementation and review:
    The team implements the program and stakeholders review the change.
  6. Final assessment:
    If the client is satisfied that the change was implemented satisfactorily, the change request is closed. If the client is not satisfied, the project is reassessed and steps may be repeated.

See also: change log, organizational change management (OCM), change data capture (CDC), feature creep, IT controls


This was last updated in January 2011

Continue Reading About change control

Dig Deeper on Disaster recovery planning - management