Updated on 2025-09-23 GMT+08:00

Overview

Change management is the core module for ensuring secure and orderly O&M operations. Its core function is to build safe production capabilities covering the entire lifecycle of O&M operations. This module uses systematic process design and multi-level risk control mechanisms to accurately identify potential risks and develop countermeasures in advance, effectively reducing risks during change operations, provides solid assurance for the stable running of the O&M system. This module manages the core services of the change process. It integrates key capabilities such as change calendar, change center, change configuration, and change control. These capabilities work together to form a closed-loop change management system including planning, execution, configuration, and monitoring.

Change calendar: displays change ticket data based on the calendar view and change distribution based on different states (such as coloring and time windows).

Change center: manages change processes using change tickets, covering change ticket creation, review, and execution. It provides a unified management platform for change operation personnel and change management personnel.

Change configurations: enable configurations for changes in the change center and basic configuration change capabilities such as configuration review. You can customize a review process for change requests and specify reviewers based on service requirements.

Change control: When changing resources, you can only execute scripts, jobs, or query accounts and passwords if you use a service ticket to request privilege escalation. This ensures that the operator and operation object of a change ticket match the actual resources you want to change, limiting the permissions of the operator for enhanced security.

Figure 1 Change management process

Core Advantages

The change management module has multiple advantages due to its systematic design and flexible adaptability.

  • High risk controllability: This module includes risk identification, hierarchical review, and permission control through the entire process. It minimizes the potential risks of change operations, especially for frequent changes of core service systems, preventing service interruption caused by misoperations or permission abuse.
  • High process standardization: The unified change ticket mode and standard operation nodes ensure that the change operations of different teams and personnel comply with the same standards, reduce process deviation caused by human factors, and improve O&M efficiency.
  • Flexible adaptation: The review process and permission rules can be customized based on the enterprise business scale, organizational structure, and management requirements. This meets the lightweight management requirements of small teams and adapts to complex multi-level review scenarios of large enterprises.
  • Complete traceability: All data records (such as change requests and execution results) generated during the process provide a clear basis for post-event audit and problem tracing, helping enterprises meet compliance requirements.

Benefits

COC change risk control management helps customers ensure secure service production and enhance their capabilities in change management compliance, security O&M practice, and risk prevention.

  • With SOPs and flexible, well-designed review processes, change solutions will be executed 100% by following the standard process.
  • The security operations are reliable during the change process, ensuring zero critical O&M incidents.
  • OREO's high-risk command detection algorithm intelligently intercepts 99% of high-risk commands, effectively preventing potential risks.

Typical Scenarios

The change management module plays a key role in various O&M scenarios. The following lists typical scenarios:

  • Routine system iteration: When the service system needs to be updated or parameters need to be optimized, you can submit a change ticket through the change center. After the technical owner reviews the ticket, you can execute the ticket in the regular time window planned in the change calendar. This ensures that the iteration process does not affect service continuity.
  • Emergency fault rectification: If a sudden fault occurs in the production environment, you can enable the emergency review process through change configuration and skip unnecessary nodes. In addition, change management is used to ensure that the permissions of emergency operations are compliant and services can be quickly restored.
  • Large-scale resource adjustment: For changes that involve multiple resources, such as server cluster capacity expansion and database migration, the change calendar clearly displays the time nodes and owners of each phase to avoid resource conflicts. The change center traces the execution status of each step to ensure that the overall process is carried out in an orderly manner.
  • Cross-team collaboration change: When changes involve multiple teams, such as development, test, and O&M teams, you can customize multiple team review nodes through change configuration. The change center can synchronize information, reducing cross-department communication costs and improving collaboration efficiency.