VIDEO
HIGHLIGHT
Log InSign up
Change Management - CompTIA Security+ SY0-701 - 1.3
SummaryTranscriptChat

Change Management - CompTIA Security+ SY0-701 - 1.3

Change Control Processes in Corporate Environments

Importance of Change Management

  • Changes in applications or operating systems at home typically affect only one computer, while corporate changes can impact hundreds or thousands of systems.
  • Regular updates from software providers like Microsoft highlight the necessity for a structured change management process to ensure security and functionality.
  • A lack of formal processes can lead to inconsistencies and operational issues, emphasizing the need for controlled change implementations.

Structure of Change Control Process

  • Organizations often have established change control processes that facilitate systematic implementation and oversight of changes.
  • The initial step involves completing a formal change control form, documenting reasons, scope, scheduling, and potential impacts of the proposed change.
  • The change control board assesses risks associated with changes to determine whether they should proceed based on timing and potential disruptions.

Roles in Change Control

  • Application or data owners initiate the change process but do not directly implement changes; they manage the overall process instead.
  • After a change is made, owners are responsible for testing systems to confirm successful implementation without issues.

Stakeholder Involvement

  • Stakeholders impacted by proposed changes must be identified as their input may influence decision-making regarding timing and execution.
  • Changes may have broader implications than initially perceived; for example, upgrading shipping label software could affect multiple departments beyond just shipping.

Broader Implications of Changes

  • Even seemingly minor software upgrades can significantly impact various organizational aspects such as accounting practices and revenue recognition.

Understanding Change Management Risks

Assessing the Impact of Changes

  • Every organizational change carries potential risks that must be evaluated, categorized as high, medium, or low.
  • Implementing a fix may not resolve issues and could inadvertently cause new problems, such as system failures or data corruption.

Evaluating Risks of Inaction

  • Failing to implement changes can expose systems to security vulnerabilities that attackers might exploit.
  • Not updating applications can lead to service outages or disruptions in secondary services.

Testing Changes Safely

  • Utilizing a sandbox testing environment allows for extensive testing without affecting production systems.
Playlists: CompTIA SY0-701 Security+ Training Course
Video description

Security+ Training Course Index: https://professormesser.link/701videos Professor Messer’s Course Notes: https://professormesser.link/701notes - - - - - As IT professionals, we are constantly updating, modifying, and changing the devices we manage. In this video, you'll learn how we manage this process with change management. - - - - - Subscribe to get the latest videos: https://professormesser.link/yt Calendar of live events: https://www.professormesser.com/calendar/ FOLLOW PROFESSOR MESSER: Professor Messer official website: https://www.professormesser.com/ Twitter: https://www.professormesser.com/twitter Facebook: https://www.professormesser.com/facebook Instagram: https://www.professormesser.com/instagram LinkedIn: https://www.professormesser.com/linkedin