When to use this
Use this checklist when reviewing whether code, scripts, macros, reports, and database logic changes are controlled before release.
Related controls
Checklist
- Change request or issue exists.
- Business or technical owner approved the change.
- Code review completed.
- Security impact considered.
- Tests completed.
- Branch protection or merge approval applied.
- Build artifact is traceable to source change.
- Release approval recorded.
- Rollback or recovery path exists.
- Production deployment was performed by authorized personnel.
Change record
| Change ID | Repository/component | Reviewer | Test evidence | Approval | Release date | Notes |
|---|---|---|---|---|---|---|
| TBD | TBD | TBD | TBD | TBD | TBD | TBD |
- Template
- Iso27001
- Technological controls
- Source code
- Change control
Note Metadata
Aliases: Code Change Checklist
Source: 90 Templates/Source Code Change Control Checklist.md
Related Notes
- ISO 27001 A.5.37 - Documented Operating Procedures
- A.8.4 Audit Evidence Pack
- ISO 27001 A.8.4 - Access to Source Code
- A.8 Technological Controls MOC
- A.8 Technological Controls Implementation Guide
- A.8 Technological Controls Audit Guide
- A.8 Technological Controls Implementation Audit Risk Mapping
- A.8.4 Audit Checklist
- Templates MOC