History

2008

Agencies should ensure that for routine and urgent changes: a. the change management process as defined in the relevant ICT security documentation is followed b. the proposed change is approved by the relevant authority c. any proposed change that could impact the security of a system is submitted to the accreditation authority for approval d. all associated ICT security documentation is updated to reflect the change.