The change management procedure should also be defined and documented with proper level of approvals. The actors in the change management would be:
a. Incident response team :- would be responsible in identifying and responding to the incident occurred. The process to be followed would be stipulated in the Incident Response plan.
b. Change advisory Board (CAB) :- This team would be responsible in making decisions when a need for change arises and provides necessary approvals. When a change comes to the CAB team for approval, it is called a normal change, which follows the entire change management process.
c. Emergency Change Advisory Board (ECAB) :- There is another category of change called emergency change or retrospective change which can’t wait for approvals and need immediate action. For minor changes, bypassing the approvals will not have much impact. But when it comes to major ones, a single level of approval needs to be done and the ECAB team is responsibility for the same.
d. IT security testing team :- responsible for testing and ensuring that the environment is safe and secure.
The following uses case diagram will help understand the actual change management procedure.
As shown in the above use case diagram, the change management process would be as below:
· Incident response team identifies the occurrence of an event.
· The incident response team analyze the event and if it is an incident takes necessary steps as in the incident response plan.
· For any changes required, involve CAB or ECAB team as per the requirement.
· The IT Security testing team ensures that the fixes are good enough and the environment is secure enough.
Comments