Slayer CPA
SectionsBlogLog In
Information Systems and Controls/Blueprint/1.E

Change management

Area 1: Information Systems and Data Management (35-45%)

Your Progress

0 of 85 questions attempted

Topics

  • Change management processes
  • Configuration and release management
  • Emergency change procedures and metrics
  • Change management data analytics and CMDB

Lessons

  • System Availability and Change Management

Study Frameworks

Is This Change Properly Authorized?

Was a formal change request submitted?
Yes
Was the change reviewed and approved by the CAB (or delegated authority)?
Yes
Was the change tested in a non-production environment before deployment?
Yes
Was the migration to production performed by someone other than the developer?
Yes
Properly authorized change — document and close the change ticket
No
SoD violation — developer should not migrate their own code to production
No
Control gap — all changes must be tested before deployment, even if approved
No
Unauthorized change — route back through CAB approval process
No
Was this an emergency change to address a critical outage?
Yes
Acceptable if retroactively documented, tested, and approved by CAB within the defined timeframe
No
Unauthorized change — must follow the standard change control process
RICERequest, Incident, Change, Event

The four core change management process types in IT service management. All changes must go through a formal change advisory board (CAB) review before implementation.

Practice These Topics(85 questions)