CM-11 Change Management
Emergency Changes
Urgent changes remain controlled.
- Domain
- Change Management
- Control type
- Preventive/Detective
- Automated / manual
- Manual
- Frequency
- Per event
- Framework reference
- COBIT BAI06
What good looks like
Emergency changes follow an expedited but documented process with retrospective approval/review.
Risk if it fails
'Emergency' used to bypass controls.
How Tess tests it
3 tests — each concludes only on cited evidence.
Emergency-change procedure defined
Design- Procedure
- Inspect the procedure.
- Expected
- Expedited but documented.
- Sample
- 1 (design inspection)
- Evidence
- Emergency-change tickets and reviews.
Emergency changes documented
Operating- Procedure
- Sample emergency changes.
- Expected
- Recorded.
- Sample
- Judgmental, by population (e.g. 10–25)
- Evidence
- Emergency-change tickets and reviews.
Retrospective approval & review obtained
Operating- Procedure
- Inspect post-event approvals.
- Expected
- Post-approval and review done.
- Sample
- Judgmental, by population (e.g. 10–25)
- Evidence
- Emergency-change tickets and reviews.
Evidence Tess looks for
Emergency-change tickets and reviews.
More in Change Management
Want Tess to test CM-11 against your evidence?
Book a demo