December 2011
Beginner
552 pages
13h 30m
English
Security is no different from any other industry. Steps and techniques are expected as a baseline best practice. This section looks at some of them.
As mentioned earlier in this chapter, a good change control procedure has an identified owner, a path for customer input, an audit trail for any changes, a clear announcement and review period, testing procedures, and a well-understood back-out plan. Change control manages the process from start to finish. We should also mention that changes are typically applied only during nonwork hours. If your current procedure lacks any of these, reconsider carefully before using it for deployment of updates.
Before applying any ...