# Change Management and CAB One-sentence definition: Structured approval and documentation process to reduce risk from changes. ## Key Facts - Elements: RFC ticket, risk/impact, backout plan, testing evidence. - CAB approves high-risk changes; emergency CAB for urgent fixes. - Freeze periods and maintenance windows reduce disruption. - Post-change validation and monitoring mandatory. - **Verify:** check official (ISC)² CBK and current exam outline. ## Exam Relevance - Choose CAB to prevent outages from unvetted changes. **Mnemonic:** “**Plan it, approve it, prove it**.” ## Mini Scenario Q: Firewall rule added without ticket—issue? A: Change control violation; rollback and follow RFC. ## Revision Checklist - Four RFC parts. - Emergency path. - Post-change check. ## Related [[Configuration Management and Drift Control]] · [[Patch and Vulnerability Remediation Operations]] · [[Secure Administration and Out-of-Band (OOB) Access]] · [[Incident Classification Severity and SLAs]] · [[Operational Metrics and KPIs (MTTD MTTR Coverage)]] · [[Domain 7 - Index]]