ISSN 2348-1196 (print) International Journal of Computer Science and Information Technology Research ISSN 2348-120X (online) Vol. 10, Issue 3, pp: (81-85), Month: July - September 2022, Available at: www.researchpublish.com
An Approach to Control Information Technology Changes 1
Lamia T. AlSulaiman, 2Jumana F. Alturairi, 3Khalid A. Al-Khathlan Dhahran, The Kingdom of Saudi Arabia DOI: https://doi.org/10.5281/zenodo.7092060 Published Date: 19-September-2022
Abstract: Information Technology (IT) services plays a significant role to preform day-to-day operations in all organizations. Any unexpected outages in IT services may cause major financial loss due to business disruption. However, there are mandatory alterations executed frequently in IT infrastructure due to introducing, enhancing, modifying, replacing, or removing assets/services. Controlling the lifecycle of all alterations in the IT infrastructure is the responsibility of IT Change Management (ITCM). This is essential to ensure the security, availability, and reliability of the IT Infrastructure by eliminating the disruption of business and maximize IT services readiness towards customer satisfaction. This paper describes the process of storing, tracking, preventing and detecting configuration changes implemented in the IT infrastructure as part of IT change management process and in alignment with security standards and policies. Keywords: Information Technology, IT Change Management, Infrastructure, Controls, Configuration, Tracking.
I. INTRODUCTION As information technology (IT) services are essential for all business operations, the ability to control the changes implemented in the IT infrastructure is significant in order to maintain the IT availability, reliability and security. The most important key to have a secure and well-defined structure is to have a mechanism to maintain a record and trace all changes implemented in the IT infrastructure despite the change type wither its authorized or unauthorized. Several issues encountered without having a tool to detect/ trace IT changes, which might exploit a vulnerability to breach security and thus cause huge impact such as system failure, higher cost, business impact, security threats, undocumented changes and loss of revenue. This paper intends to provide the process of IT change management configuration controls for storing, tracking, and detecting changes implementing in the IT infrastructure along with preventing unauthorized changes. The paper is organized into multiple sections as follows: IT change management controls process, configuration controls tools evaluation and lastly, the performance and validation process which covers testing procedure, Key Performance Indicator (KPI) and compliance.
II. CHANGE MANAGEMENT CONTROLS PROCESS IT change management (ITCM) controls process demonstrates an end to end solution of storing, tracking, detecting and preventing changes in the IT infrastructure. There are multiple solutions and tools to control changes on IT systems such as Privileged Account Management (PAM) and configuration changes tracking tools as follow; A. Privileged Account Management (PAM) Privileged access management (PAM) is a technology used to control, protect and monitor access to an organization's information. PAM subclasses consist of shared access password management, privileged session management, vendor privileged access management (VPAM) and application access management.
Page | 81 Research Publish Journals