Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Information security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
=== Change management === {{Main|Change management (ITSM)}} Change management is a formal process for directing and controlling alterations to the information processing environment.<ref>{{Cite journal|last=Kampfner|first=Roberto R.|date=1985|title=Formal specification of information systems requirements |url=http://dx.doi.org/10.1016/0306-4573(85)90086-x|journal=Information Processing & Management|volume=21|issue=5|pages=401β414 |doi=10.1016/0306-4573(85)90086-x|issn=0306-4573|url-access=subscription}}</ref><ref>{{Cite book|last=Jenner|first=H.A.|title=Assessment of ecotoxicological risks of element leaching from pulverized coal ashes|date=1995|publisher=s.n.]|oclc=905474381}}</ref> This includes alterations to desktop computers, the network, servers, and software.<ref>{{Cite book|chapter=Desktop Computers: Software |chapter-url=http://dx.doi.org/10.1007/0-387-28058-8_3|title=Practical Pathology Informatics|year=2006|pages=51β82|place=New York |publisher=Springer-Verlag|doi=10.1007/0-387-28058-8_3|isbn=0-387-28057-X|access-date=2021-06-05}}</ref> The objectives of change management are to reduce the risks posed by changes to the information processing environment and improve the stability and reliability of the processing environment as changes are made.<ref>{{Cite journal|last1=Wilby|first1=R.L.|last2=Orr|first2=H.G. |last3=Hedger|first3=M.|last4=Forrow|first4=D.|last5=Blackmore|first5=M.|date=December 2006|title=Risks posed by climate change to the delivery of Water Framework Directive objectives in the UK|url=http://dx.doi.org/10.1016/j.envint.2006.06.017 |journal=Environment International|volume=32|issue=8|pages=1043β1055|doi=10.1016/j.envint.2006.06.017|pmid=16857260|bibcode=2006EnInt..32.1043W |issn=0160-4120|url-access=subscription}}</ref> It is not the objective of change management to prevent or hinder necessary changes from being implemented.<ref name="CampbellPractical16">{{cite book |chapter-url=https://books.google.com/books?id=sbWiDQAAQBAJ&pg=PA218 |chapter=Chapter 14: Secure Systems Development |title=Practical Information Security Management: A Complete Guide to Planning and Implementation |author=Campbell, T. |publisher=Apress |year=2016 |page=218 |isbn=9781484216859}}</ref><ref>{{Cite book|last=Koppelman|first=Kent L.|title=Understanding human differences : multicultural education for a diverse America|date=2011|publisher=Pearson/Allyn & Bacon |oclc=1245910610}}</ref> Any change to the information processing environment introduces an element of risk.<ref>{{Cite book|chapter=Post-processing|date=2013-04-12|chapter-url=http://dx.doi.org/10.4324/9780240821351-9|title=Simple Scene, Sensational Shot|pages=128β147|publisher=Routledge |doi=10.4324/9780240821351-9|isbn=978-0-240-82135-1|access-date=2021-06-05}}</ref> Even apparently simple changes can have unexpected effects.<ref>{{Cite journal|last1=Kumar|first1=Binay|last2=Mahto|first2=Tulsi|last3=Kumari|first3=Vinita|last4=Ravi |first4=Binod Kumar|last5=Deepmala|date=2016|title=Quackery: How It Can Prove Fatal Even in Apparently Simple Cases-A Case Report |url=http://dx.doi.org/10.5958/0974-1283.2016.00063.3|journal=Medico-Legal Update|volume=16|issue=2|pages=75|doi=10.5958/0974-1283.2016.00063.3|issn=0971-720X|url-access=subscription}}</ref> One of management's many responsibilities is the management of risk.<ref>{{Cite journal |last=Priest|first=Sally|date=2019-02-22|title=Shared roles and responsibilities in flood risk management |url=http://dx.doi.org/10.1111/jfr3.12528|journal=Journal of Flood Risk Management|volume=12|issue=1|pages=e12528 |doi=10.1111/jfr3.12528|bibcode=2019JFRM...12E2528P |s2cid=133789858|issn=1753-318X}}</ref><ref>{{Cite book|author=United States. Department of Energy. Office of Inspector General. Office of Scientific and Technical Information|title=Audit Report, "Fire Protection Deficiencies at Los Alamos National Laboratory."|date=2009|publisher=United States. Dept. of Energy|oclc=727225166}}</ref> Change management is a tool for managing the risks introduced by changes to the information processing environment.<ref>{{Cite journal|last=Toms|first=Elaine G.|date=January 1992|title=Managing change in libraries and information services; A systems approach |url=http://dx.doi.org/10.1016/0306-4573(92)90052-2|journal=Information Processing & Management|volume=28|issue=2|pages=281β282 |doi=10.1016/0306-4573(92)90052-2|issn=0306-4573|url-access=subscription}}</ref> Part of the change management process ensures that changes are not implemented at inopportune times when they may disrupt critical business processes or interfere with other changes being implemented.<ref>{{Cite book|last=Abolhassan|first=Ferri|chapter=The Change Management Process Implemented at IDS Scheer|date=2003 |chapter-url=http://dx.doi.org/10.1007/978-3-540-24703-6_2|title=Business Process Change Management|pages=15β22|place=Berlin, Heidelberg |publisher=Springer Berlin Heidelberg|doi=10.1007/978-3-540-24703-6_2|isbn=978-3-642-05532-4|access-date=2021-06-05}}</ref> Not every change needs to be managed.<ref>{{Cite book|last=Dawson|first=Chris|date=2020-07-01|title=Leading Culture Change |url=http://dx.doi.org/10.1515/9780804774673|doi=10.1515/9780804774673|isbn=9780804774673|s2cid=242348822}}</ref><ref>{{Cite book |author=McCormick, Douglas P.|title=Family Inc. : using business principles to maximize your family's wealth|date=22 March 2016 |publisher=John Wiley & Sons |isbn=978-1-119-21976-7|oclc=945632737}}</ref> Some kinds of changes are a part of the everyday routine of information processing and adhere to a predefined procedure, which reduces the overall level of risk to the processing environment.<ref>{{Cite journal |last=Schuler|first=Rainer|date=August 1995|title=Some properties of sets tractable under every polynomial-time computable distribution|url=http://dx.doi.org/10.1016/0020-0190(95)00108-o|journal=Information Processing Letters|volume=55|issue=4|pages=179β184|doi=10.1016/0020-0190(95)00108-o|issn=0020-0190|url-access=subscription}}</ref> Creating a new user account or deploying a new desktop computer are examples of changes that do not generally require change management.<ref>{{Cite web|title=Figure 12.2. Share of own-account workers who generally do not have more than one client|url=http://dx.doi.org/10.1787/888933881610|access-date=2021-06-05 |doi=10.1787/888933881610|format=Excel}}</ref> However, relocating user file shares, or upgrading the Email server pose a much higher level of risk to the processing environment and are not a normal everyday activity.<ref>{{Cite journal |date=June 1987|title=Multi-user file server for DOS LANs|url=http://dx.doi.org/10.1016/0140-3664(87)90353-7|journal=Computer Communications|volume=10|issue=3|pages=153|doi=10.1016/0140-3664(87)90353-7|issn=0140-3664|url-access=subscription}}</ref> The critical first steps in change management are (a) defining change (and communicating that definition) and (b) defining the scope of the change system.<ref>{{Citation|title=Defining Organizational Change|date=2011-04-19|url=http://dx.doi.org/10.1002/9781444340372.ch1|work=Organizational Change|pages=21β51|place=Oxford, UK|publisher=Wiley-Blackwell|doi=10.1002/9781444340372.ch1|isbn=978-1-4443-4037-2|access-date=2021-06-05}}</ref> Change management is usually overseen by a change review board composed of representatives from key business areas,<ref>{{Citation|last1=Kirchmer|first1=Mathias|title=Change Management β Key for Business Process Excellence|date=2003|url=http://dx.doi.org/10.1007/978-3-540-24703-6_1|work=Business Process Change Management|pages=1β14|place=Berlin, Heidelberg|publisher=Springer Berlin Heidelberg|isbn=978-3-642-05532-4|access-date=2021-06-05|last2=Scheer|first2=August-Wilhelm|doi=10.1007/978-3-540-24703-6_1|url-access=subscription}}</ref> security, networking, systems administrators, database administration, application developers, desktop support, and the help desk.<ref>{{Citation|last1=More|first1=Josh|title=Tier 2βAdvanced Help DeskβHelp Desk Supervisor|date=2016|url=http://dx.doi.org/10.1016/b978-0-12-800783-9.00029-x|work=Breaking Into Information Security|pages=111β113|publisher=Elsevier|isbn=978-0-12-800783-9|access-date=2021-06-05|last2=Stieber|first2=Anthony J.|last3=Liu|first3=Chris|doi=10.1016/b978-0-12-800783-9.00029-x|url-access=subscription}}</ref> The tasks of the change review board can be facilitated with the use of automated work flow application.<ref>{{Citation|title=An Application of Bayesian Networks in Automated Scoring of Computerized Simulation Tasks|date=2006-04-04|url=http://dx.doi.org/10.4324/9780415963572-10|work=Automated Scoring of Complex Tasks in Computer-Based Testing|pages=212β264|publisher=Routledge|doi=10.4324/9780415963572-10|isbn=978-0-415-96357-2|access-date=2021-06-05|url-access=subscription}}</ref> The responsibility of the change review board is to ensure the organization's documented change management procedures are followed.<ref>{{Cite journal|last=Kavanagh|first=Michael J.|date=June 1994|title=Change, Change, Change|url=http://dx.doi.org/10.1177/1059601194192001|journal=Group & Organization Management|volume=19|issue=2|pages=139β140|doi=10.1177/1059601194192001|s2cid=144169263|issn=1059-6011|url-access=subscription}}</ref> The change management process is as follows<ref name="TaylorProject08">{{cite book |chapter=Chapter 10: Understanding the Project Change Process |title=Project Scheduling and Cost Control: Planning, Monitoring and Controlling the Baseline |author=Taylor, J. |publisher=J. Ross Publishing |year=2008 |pages=187β214 |isbn=9781932159110}}</ref> * '''Request''': Anyone can request a change.<ref>{{Citation|title=17. Innovation and Change: Can Anyone Do This?|date=2017-12-31 |url=http://dx.doi.org/10.1515/9780824860936-019|work=Backstage in a Bureaucracy|pages=87β96|publisher=University of Hawaii Press |doi=10.1515/9780824860936-019|isbn=978-0-8248-6093-6|access-date=2021-06-05|url-access=subscription}}</ref><ref>{{Cite book|last=Braun|first=Adam |title=Promise of a pencil : how an ordinary person can create extraordinary change|date=3 February 2015|publisher=Simon and Schuster |isbn=978-1-4767-3063-9|oclc=902912775}}</ref> The person making the change request may or may not be the same person that performs the analysis or implements the change.<ref>{{Citation|title=Describing Within-Person Change Over Time|date=2015-01-30 |url=http://dx.doi.org/10.4324/9781315744094-14|work=Longitudinal Analysis|pages=235β306 |publisher=Routledge |doi=10.4324/9781315744094-14|isbn=978-1-315-74409-4|access-date=2021-06-05|url-access=subscription}}</ref><ref>{{Cite book |first1=Carolyn|last1=Ingraham |first2=Patricia W.|last2=Ban|title=Legislating bureaucratic change : the Civil Service Reform Act of 1978|date=1984 |publisher=State University of New York Press|isbn=0-87395-886-1|oclc=10300171}}</ref> When a request for change is received, it may undergo a preliminary review to determine if the requested change is compatible with the organizations [[business model]] and practices, and to determine the amount of resources needed to implement the change.<ref>{{Cite journal|last=Wei|first=J. |date=2000-05-04|title=Preliminary Change Request for the SNS 1.3 GeV-Compatible Ring|doi=10.2172/1157253|osti=1157253 |url=https://www.osti.gov/biblio/1157253/|access-date=18 January 2022 |website=OSTI.GOV|url-access=subscription}}</ref> * '''Approve''': Management runs the business and controls the allocation of resources therefore, management must approve requests for changes and assign a priority for every change.<ref>{{Cite book|last=Chen Liang|title=2011 International Conference on Business Management and Electronic Information |chapter=Allocation priority management of agricultural water resources based on the theory of virtual water |date=May 2011|chapter-url=http://dx.doi.org/10.1109/icbmei.2011.5917018|volume=1|pages=644β647|publisher=IEEE|doi=10.1109/icbmei.2011.5917018|isbn=978-1-61284-108-3|s2cid=29137725}}</ref> Management might choose to reject a change request if the change is not compatible with the business model, industry standards or best practices.<ref>{{Citation|title=Change risks and best practices in Business Change Management Unmanaged change risk leads to problems for change management|date=2013-07-18 |work=Leading and Implementing Business Change Management|pages=32β74|publisher=Routledge|doi=10.4324/9780203073957 |url=https://www.taylorfrancis.com/chapters/mono/10.4324/9780203073957-2/change-risks-best-practices-business-change-management-david-jones-ronald-recardo |isbn=978-0-203-07395-7 |last1=Jones |first1=David J. |last2=Recardo |first2=Ronald J. |url-access=subscription }}</ref><ref>{{Cite book|last=Bragg|first=Steven M.|title=Accounting Best Practices|date=2016|publisher=Wiley|isbn=978-1-118-41780-5|oclc=946625204}}</ref> Management might also choose to reject a change request if the change requires more resources than can be allocated for the change.<ref>{{Cite journal|date=2008-10-17|title=Successful change requires more than change management |url=http://dx.doi.org/10.1108/hrmid.2008.04416gad.005|journal=Human Resource Management International Digest|volume=16|issue=7 |doi=10.1108/hrmid.2008.04416gad.005|issn=0967-0734|url-access=subscription}}</ref> * '''Plan''': Planning a change involves discovering the scope and impact of the proposed change; analyzing the complexity of the change; allocation of resources and, developing, testing, and documenting both implementation and back-out plans.<ref>{{Citation|title=Planning for water resources under climate change|date=2010-09-13|url=http://dx.doi.org/10.4324/9780203846537-20|work=Spatial Planning and Climate Change|pages=287β313|publisher=Routledge|doi=10.4324/9780203846537-20|isbn=978-0-203-84653-7|access-date=2021-06-05|url-access=subscription}}</ref> Need to define the criteria on which a decision to back out will be made.<ref>{{Cite journal|last=Rowan|first=John|date=January 1967|title=Answering the computer back|url=http://dx.doi.org/10.1108/eb000776|journal=Management Decision|volume=1|issue=1|pages=51β54|doi=10.1108/eb000776|issn=0025-1747|url-access=subscription}}</ref> * '''Test''': Every change must be tested in a safe test environment, which closely reflects the actual production environment, before the change is applied to the production environment.<ref>{{Cite journal|last1=Biswas|first1=Margaret R.|last2=Biswas|first2=Asit K.|date=February 1981|title=Climatic change and food production|url=http://dx.doi.org/10.1016/0304-1131(81)90050-3|journal=Agriculture and Environment|volume=5|issue=4|pages=332|doi=10.1016/0304-1131(81)90050-3|issn=0304-1131|url-access=subscription}}</ref> The backout plan must also be tested.<ref>{{Citation|chapter=backout|doi=10.1007/1-4020-0613-6_1259 |title=Computer Science and Communications Dictionary |date=2000 |last1=Weik |first1=Martin H. |page=96 |isbn=978-0-7923-8425-0 }}</ref> * '''Schedule''': Part of the change review board's responsibility is to assist in the scheduling of changes by reviewing the proposed implementation date for potential conflicts with other scheduled changes or critical business activities.<ref>{{Citation|title=Editorial Advisory and Review Board|date=2011-12-06|url=http://dx.doi.org/10.1108/s2043-9059(2011)0000003005|work=Business and Sustainability: Concepts, Strategies and Changes|series=Critical Studies on Corporate Responsibility, Governance and Sustainability|volume=3|pages=xvβxvii|publisher=Emerald Group Publishing Limited|doi=10.1108/s2043-9059(2011)0000003005|isbn=978-1-78052-438-2|access-date=2021-06-05|url-access=subscription}}</ref> * '''Communicate''': Once a change has been scheduled it must be communicated.<ref>{{Citation|title=Where a Mirage Has Once Been, Life Must Be|url=http://dx.doi.org/10.2307/j.ctv6sj8d1.65|work=New and Selected Poems|year=2014|pages=103|publisher=University of South Carolina Press|doi=10.2307/j.ctv6sj8d1.65|isbn=978-1-61117-323-9|access-date=2021-06-05|url-access=subscription}}</ref> The communication is to give others the opportunity to remind the change review board about other changes or critical business activities that might have been overlooked when scheduling the change.<ref>{{cite journal |last1=Bell |first1=Marvin |title=Two, When There Might Have Been Three |journal=The Antioch Review |date=1983 |volume=41 |issue=2 |pages=209 |doi=10.2307/4611230 |jstor=4611230 }}</ref> The communication also serves to make the help desk and users aware that a change is about to occur.<ref>{{Cite journal|title=We can also make change|url=http://dx.doi.org/10.1163/2210-7975_hrd-0148-2015175|access-date=2021-06-05|website=Human Rights Documents Online|doi=10.1163/2210-7975_hrd-0148-2015175|url-access=subscription}}</ref> Another responsibility of the change review board is to ensure that scheduled changes have been properly communicated to those who will be affected by the change or otherwise have an interest in the change.<ref>{{cite SSRN|last1=Mazikana |first1=Anthony Tapiwa |title='Change Is the Law of Life. and Those Who Look only to the past or Present Are Certain to Miss the Future- John F. Kennedy' Assessing This Statement with References to Organizations in Zimbabwe Who Have Been Affected by Change. |date=5 November 2020<!--|doi=10.2139/ssrn.3725707|s2cid=238964905 -->|ssrn=3725707 }}</ref><ref>{{Cite book|editor-last=Ramanadham|editor-first=V. V.|title=Privatisation in the UK|isbn=978-0-429-19973-8|oclc=1085890184}}</ref> * '''Implement''': At the appointed date and time, the changes must be implemented.<ref>{{Cite journal|date=2020-09-22|title=More complex/realistic rheology must be implemented; Numerical convergence tests must be performed|doi=10.5194/gmd-2020-107-rc2|s2cid=241597573 |doi-access=free |journal= Geoloscientific Model Development Discussions}}</ref><ref>{{Cite book |author=Stone, Edward|title=Edward C. Stone Collection|oclc=733102101}}</ref> Part of the planning process was to develop an implementation plan, testing plan and, a back out plan.<ref>{{Cite book|last=Lientz|first=B|chapter=Develop Your Improvement Implementation Plan|date=2002|chapter-url=http://dx.doi.org/10.1016/b978-0-12-449984-3.50011-8|title=Achieve Lasting Process Improvement |pages=151β171|publisher=Elsevier|doi=10.1016/b978-0-12-449984-3.50011-8|isbn=978-0-12-449984-3|access-date=2021-06-05}}</ref><ref>{{Cite book|last=Smeets|first=Peter|title=Expeditie agroparken : ontwerpend onderzoek naar metropolitane landbouw en duurzame ontwikkeling|date=2009|publisher=s.n.]|isbn=978-90-8585-515-6 |oclc=441821141}}</ref> If the implementation of the change should fail or, the post implementation testing fails or, other "drop dead" criteria have been met, the back out plan should be implemented.<ref>{{Cite web|title=Figure 1.3. About 50 percent of the Going for Growth recommendations have been implemented or are in process of implementation |url=http://dx.doi.org/10.1787/888933323735|access-date=2021-06-05|doi=10.1787/888933323735}}</ref> * '''Document''': All changes must be documented.<ref>{{Citation|last=Kekes|first=John|title=Must Justice Be Done at All Costs?|date=2019-02-21|url=http://dx.doi.org/10.1093/oso/9780190919986.003.0005|work=Hard Questions|pages=98β126|publisher=Oxford University Press|doi=10.1093/oso/9780190919986.003.0005|isbn=978-0-19-091998-6|access-date=2021-06-05|url-access=subscription}}</ref><ref>{{Cite book |last=Forrester|first=Kellie|title=Macroeconomic implications of changes in the composition of the labor force|year=2014|publisher=University of California, Santa Barbara |isbn=978-1-321-34938-2|oclc=974418780}}</ref> The documentation includes the initial request for change, its approval, the priority assigned to it, the implementation,<ref>{{Cite journal|last1=Choudhury|first1=Gagan L.|last2=Rappaport|first2=Stephen S.|date=October 1981 |title=Demand assigned multiple access systems using collision type request channels|url=http://dx.doi.org/10.1145/1013879.802667 |journal=ACM SIGCOMM Computer Communication Review|volume=11|issue=4|pages=136β148|doi=10.1145/1013879.802667|issn=0146-4833}}</ref> testing and back out plans, the results of the change review board critique, the date/time the change was implemented,<ref>{{Cite journal|last=Crinson|first=Mark|date=2013|title="Certain Old and Lovely Things, Whose Signified Is Abstract, Out of Date": James Stirling and Nostalgia|url=http://dx.doi.org/10.1353/cot.2013.0000|journal=Change over Time|volume=3|issue=1|pages=116β135|doi=10.1353/cot.2013.0000|s2cid=144451363 |issn=2153-0548|url-access=subscription}}</ref> who implemented it, and whether the change was implemented successfully, failed or postponed.<ref>{{Cite book|last1=Ahwidy|first1=Mansour|last2=Pemberton|first2=Lyn|title=Proceedings of the International Conference on Information and Communication Technologies for Ageing Well and e-Health |chapter=What Changes Need to be Made within the LNHS for Ehealth Systems to be Successfully Implemented? |date=2016|chapter-url=http://dx.doi.org/10.5220/0005620400710079|pages=71β79|publisher=Scitepress|doi=10.5220/0005620400710079|isbn=978-989-758-180-9}}</ref><ref>{{Cite book|last=Mortimer|first=John|title=Paradise postponed|date=April 2010|publisher=Penguin Adult |isbn=978-0-14-104952-6 |oclc=495596392}}</ref> * '''Post-change review''': The change review board should hold a post-implementation review of changes.<ref name="Soriani">{{cite journal | doi=10.1038/s41577-021-00544-9 | title=Concerns about SARS-CoV-2 evolution should not hold back efforts to expand vaccination | year=2021 | last1=Cobey | first1=Sarah | last2=Larremore | first2=Daniel B. | last3=Grad | first3=Yonatan H. | last4=Lipsitch | first4=Marc | journal=Nature Reviews Immunology | volume=21 | issue=5 | pages=330β335 | pmid=33795856 | pmc=8014893 }}</ref> It is particularly important to review failed and backed out changes. The review board should try to understand the problems that were encountered, and look for areas for improvement.<ref name="Soriani"/> Change management procedures that are simple to follow and easy to use can greatly reduce the overall risks created when changes are made to the information processing environment.<ref>{{Citation|last=Frampton|first=Michael|title=Processing Data with Map Reduce|date=2014-12-26|url=http://dx.doi.org/10.1007/978-1-4842-0094-0_4|work=Big Data Made Easy|pages=85β120|place=Berkeley, CA|publisher=Apress|doi=10.1007/978-1-4842-0094-0_4|isbn=978-1-4842-0095-7|access-date=2021-06-05|url-access=subscription}}</ref> Good change management procedures improve the overall quality and success of changes as they are implemented.<ref>{{Cite journal|date=2016-02-23|title=Good study overall, but several procedures need fixing|url=https://hess.copernicus.org/preprints/hess-2015-520/hess-2015-520-RC2.pdf|doi=10.5194/hess-2015-520-rc2|access-date=18 January 2022 |doi-access=free|journal= Hydrology and Earth System Sciences Discussions}}</ref> This is accomplished through planning, peer review, documentation, and communication.<ref>{{cite web|url=https://apps.dtic.mil/sti/citations/ADA313949 |id={{DTIC|ADA313949}} |last1=Harrison |first1=Kent |last2=Craft |first2=Walter M. |last3=Hiller |first3=Jack |last4=McCluskey |first4=Michael R.|author5=BDM Federal Inc Seaside CA |date=July 1996 |title=Peer Review Coordinating Draft. Task Analysis for Conduct Intelligence Planning (Critical Combat Function 1): As Accomplished by a Battalion Task Force }}</ref> [[ISO/IEC 20000]], The Visible OPS Handbook: Implementing ITIL in 4 Practical and Auditable Steps<ref>[http://www.itpi.org/home/visibleops2.php itpi.org] {{webarchive |url=https://web.archive.org/web/20131210081531/http://www.itpi.org/home/visibleops2.php |date=December 10, 2013 }}</ref> (Full book summary),<ref>{{cite web|url=http://www.wikisummaries.org/wiki/Visible_Ops |title=book summary of The Visible Ops Handbook: Implementing ITIL in 4 Practical and Auditable Steps |publisher=wikisummaries.org |access-date=2016-06-22}}</ref> and [[ITIL]] all provide valuable guidance on implementing an efficient and effective change management program information security.<ref>{{Citation|last=Bigelow|first=Michelle|title=Change Control and Change Management|date=2020-09-23|url=http://dx.doi.org/10.4324/9781003126294-17|work=Implementing Information Security in Healthcare|pages=203β214|publisher=HIMSS Publishing|doi=10.4324/9781003126294-17|isbn=978-1-003-12629-4|s2cid=224866307|access-date=2021-06-05|url-access=subscription}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)