Configuration Change Control


The main purpose of configuration change control is to ensure that any changes made to the system are needed, assessed, approved, and performed and verified properly.

The procedures instituted in an organisation generally focus on which personnel have the right to access and/or modify the components of the system, performing a risk assessment regarding the impact of each change before that change is made, and checking that each change is carried out in a satisfactory fashion (including rerunning test cases and reverification).

It is particularly important that the stakeholders have a clear understanding of who has the responsibility to assess a change.

Why?

Because the Flixborough cyclohexane explosion may have been prevented with better change control.

Why?

Because the Westralia fire may have been prevented if the responsibilities for the analysis of the change were more clearly defined.