Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment.
Change management Definition: A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment.
A formal, methodical, comprehensive process for requesting, reviewing, and approving changes to the baseline of the IT environment. Change management establishes controlled procedures for implementing modifications to systems, applications, or infrastructure to minimize disruption, unauthorized changes, and security incidents. It includes request, approval, testing, implementation, and documentation phases. Change management is required by frameworks like ITIL, ISO 27001, COBIT, and regulations like SOX and PCI DSS. Organizations implement change management through formal policies, change advisory boards, request systems, testing environments, and post-implementation reviews. For example, a healthcare organization might require all system changes to undergo security review, testing in a non-production environment, and formal approval before implementation in production. Related terms: Configuration management, Change control, Release management, ITIL, Change advisory board, Baseline configuration.
Turn knowledge into credentials. Browse our instructor-led cybersecurity courses.
View All Courses →