Types of Change
Below is a list of the 4 Types of Change that we identify and work with on a regular basis. Managing change is a critical part of ensuring the smooth day-to-day business operations, ensuring data security, as well as minimizing downtime for changes. Please take a moment to read the Types of Change and their descriptions listed below.
These types of requests usually have to do with changes to a Manager or Supervisor – where discretion is important, and high levels of access are being adjusted.
High Risk/Impact MACs
These are moves/adds/changes that have a high security risk or the potential to impact a larger percentage of users. Some of the more common requests in this category are: Remote access, password resets, change a user permission level, new users, vendor access, etc.
Low Risk/Impact MACs
These are moves/adds/changes that are less impactful/risky and more common day-to-day type of MAC. Some common examples are moving a computer, installing a fax line, etc.
This is your most common, everyday request – something is “broken” and it needs to be fixed. This is usually listed as “Everyone” but some organizations like to have all support requests filtered through a single employee or have multiple employees as approvers.
List of Approvers
- The below table should be filled out with the list of users and the types of Change they can request.
At least 1 user is required for each Change Type and a single user can be responsible for all types.
Rank – Hierarchy or precedence of approvers, with 1 being the person with the most authority (normally an owner), 2 for the person with the next greatest authority, and so on. Often used when two people submit the same request with different parameters – for example, if 2 users both have High Risk/Impact MAC Change Approval, which user has the final say?
Everyone – If “Everyone” will have authority over a change type, simply check the associated box(s). For instance, if “Everyone” can approve Break/Fix requests, enter a checkmark in the Break/Fix column. Allowing “Everyone” to approve all request types is not recommended and is a security risk.