Page 3 - Courses
P. 3
IT Change Management — IT Certificate
TOPIC 1: UNDERSTANDING IT CHANGE MANAGEMENT
Overview
IT change management refers to the process in which an organization’s technology changes; the
affects those changes have on systems, programs, or applications; and how the changes are
managed. Change management in the IT environment is critical for organizational success.
Organizations are bombarded with change requests — not only to improve or update existing
application functionality, but also to implement necessary patches to help secure those
applications, and in some cases to comply with relevant regulatory requirements. Managing the flow
of requests should be handled efficiently and effectively to avoid mishaps, rework, unintended
consequences, or even system failure.
This course will help internal auditors understand governance, risks, and controls associated with IT
change management; how to assess the operational efficiency of processes involving change
management; and how to provide assurance over IT change management. It will also introduce tools
that can be used to obtain and evaluate evidence that management’s assertions are accurate.
Learning Objectives
Define IT change management.
Identify types and sources of change.
Summarize roles and responsibilities related to IT change management.
Describe the change management process.
Define the role of patches in the IT change management process.
Describe preventative, detective, and corrective controls necessary for effective IT change
management.
Describe best practices for providing assurance over effective change management.
Common Terminology
Board
The highest level governing body (e.g., a board of directors, a supervisory board, or a board of
governors or trustees) charged with the responsibility to direct and/or oversee the organization’s
activities and hold senior management accountable.
Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.
