Introduction
This chapter covers the third objective in Domain 1.0 General Security Concepts of the CompTIA Security+ Exam. In this chapter, we will review the change management process and its impact on security. Change is a constant occurrence within the business sphere—encompassing organizational restructuring, technological advancements, and shifts in corporate culture—and these changes lead consequently to a continual introduction of new security risks.
The implementation of a structured change management process is imperative. Such a process ensures that changes remain under control, steering clear of any adverse repercussions and fostering coherence within the organization.
The Change Advisory Board (CAB) is responsible for evaluating, prioritizing, and sanctioning these changes. The CAB’s unwavering focus extends beyond organizational objectives; it is also keenly attuned to the necessary alignment of these changes with the company’s overarching...