When to use this
Use this record for proposed changes before approval and implementation.
Related controls
Change record
| Field | Value |
|---|---|
| Change ID | TBD |
| Change title | TBD |
| Requestor | TBD |
| System/service | TBD |
| Business reason | TBD |
| Change type | Standard / normal / emergency |
| Planned window | TBD |
| Security impact | TBD |
| Privacy/legal impact | TBD |
| Availability impact | TBD |
| Testing performed | TBD |
| Rollback/failback plan | TBD |
| Communication needed | TBD |
| Approver | TBD |
| Decision | Approved / rejected / deferred |
Security checks
- Access control impact reviewed.
- Logging/monitoring impact reviewed.
- Backup/recovery impact reviewed.
- Vulnerability or configuration impact reviewed.
- Supplier or integration impact reviewed.
- Documentation update needed.
- Template
- Iso27001
- Change management
Note Metadata
Aliases: Change Request Form
Source: 90 Templates/Change Request and Security Impact Assessment.md
Related Notes
- A.8.32 Audit Evidence Pack
- ISO 27001 A.8.29 - Security Testing in Development and Acceptance
- ISO 27001 A.8.32 - Change Management
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- Templates MOC