Highline College

Connect with Highline College

Winter quarter starts January 6. View the class schedule and enroll today for the best selection of classes.

2.8 Change Management Standard

Home/IT Security/IT Security Policy/2.8 Change Management Standard
2.8 Change Management Standard 2024-03-25T12:18:09+00:00

2.8 Change Management Standard

 

2.8.1. Overview

Information Technology (IT) infrastructure is critical to the effective operation of Highline College. ITS strives to continually maintain and improve this vital resource. However, as our infrastructure has grown, it has become more complex.  As our interdependencies on and between systems continues to grow it is essential that we carefully manage changes to the infrastructure. Even the most well-intentioned change can cause unexpected hardship to technology users if the implications of the change are not planned in advance.

 

2.8.2. Purpose

The purpose of this standard is to manage changes in a rational and predictable manner so that staff can plan accordingly. Changes require serious forethought, careful monitoring, and follow-up evaluation to reduce negative impact to the user community and to increase the value of our IT infrastructure.

 

2.8.3. Scope

This policy covers all changes (additions, deletions and modifications) to all IT assets managed by Highline College ITS.

 

2.8.4. Standard

Changes are defined as major system changes such as modifying configurations, adding or removing hardware, or major version upgrades. Changes that are defined as patches are not covered by this standard. See Patch Management Standard.

2.8.4.1 General

  • Any change to an information technology resource must be performed in compliance with the Highline College Change Management Standard.
  • Changes that have no impact on the campus community require notification to the ITS Team responsible for management of those systems.
  • Changes that will have an impact require notification at least ? hours prior to be sent out via the helpdesk and posted ?

2.8.4.2 Exemptions

  • Exemptions to the notification standard are allowed in the event of an emergency system change as determined by ITS.
  • Post-change notices will still be required in such an event.

 

2.8.5. Compliance

2.8.5.1 Compliance Measurement

ITS will verify compliance to this standard through various methods, including but not limited to, periodic walk-thrus, video monitoring, business tool reports, internal and external audits, and feedback to the standard owner.

2.8.5.2 Exceptions

Any exception to the standard must be approved by ITS in advance.

2.8.5.3 Non-Compliance

An employee found to have violated this standard may be subject to disciplinary action, up to and including termination of employment.

 

2.8.6. Related Standards, Policies, and Processes

2.7 Patch Management Standard

 

2.8.7. Revision History

Date By Summary