Document control

Overview

The EGI Change Management is a centralized process for the EGI Federation. If organisations are providing EGI branded services and are already running their own internal Change Management process, they may continue to do so if their process meets the essential requirements of ISO20k with respect to change management:

• is there a systematic way of evaluating the risk for changes?
• is there a procedure within the organisation for approving high-risk changes
• are high-risk changes recorded (who implemented the change, when was it implemented and what was its outcome)?
• are post-implementation reviews conducted?

In addition to the above, if any changes are planned that have the potential to impact other EGI branded services, then the EGI Change Management process should be informed in advance by submission of a ticket following CHM1.

EGI Foundation should keep track of organizations running their own internal Change Management process and should periodically run a lightweight audit described in this procedure to ensure that the above requirements are being met.

Definitions

Please refer to the EGI Glossary for the definitions of the terms used in this procedure.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

Entities involved in the procedure

Triggers

The CHM Process Manager becomes aware that an organisation running an EGI branded service is running its own internal Change Management process

Steps