Change Management Skill

Purpose

Defines change management processes ensuring controlled, documented changes with proper impact assessment and rollback capabilities.

Change Categories

Category Description Approval

Standard Pre-approved, low risk Automated

Normal Requires assessment PR review

Emergency Critical fix needed Post-approval

Change Process

• Request — Document change and rationale

• Assess — Impact analysis, risk assessment

• Approve — Required reviewers sign off

• Implement — Execute change with monitoring

• Review — Verify change is effective

• Close — Document results and lessons learned

For Static Sites

• All changes via Pull Requests

• CI/CD validates before merge

• Automated rollback via git revert

• Feature flags for gradual rollout

• Monitoring after deployment

Impact Assessment

• Which pages/languages affected?

• Performance impact (Lighthouse check)

• Accessibility impact (WCAG validation)

• SEO impact (structured data, meta tags)

• Security impact (headers, CSP)

Rollback Procedures

• Git revert for code changes

• Previous deployment artifacts cached

• DNS rollback for infrastructure changes

• Communication plan for user-facing changes

ISO 27001 Mapping

• A.8.32 — Change management

• A.8.9 — Configuration management

Related Policies

• Secure Development Policy