Policy Advisory Change and Configuration Management Policy

Date:	01/01/2025
Organization:	Cybersecurity and Enterprise Risk Management
Referenced Sources:	MGL Chapter 7D, Section 2

The Change and Configuration Management Policy reinforces the Commonwealth’s commitment to an effective change and configuration management program and outlines the controls necessary to safeguard the Commonwealth’s information assets and reduce risks posed by improper change and configuration management practices.

Cybersecurity and Enterprise Risk Management

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Skip table of contents

You skipped the table of contents section.

Purpose

The purpose of this policy is to establish the minimum security requirements and key information security considerations that Commonwealth Agencies and Offices must implement as part of the following programs:

• Operations Management

• Change and Configuration Management

• Release Management

• Data Backup and Restoration

• Cloud Computing

Downloads for Change and Configuration Management Policy

Open PDF file, 193.7 KB, IS.006 Change and Configuration Management Policy (English, PDF 193.7 KB)

Contact for Change and Configuration Management Policy

Online

For cybersecurity or risk management questions: Email Cybersecurity and Enterprise Risk Management at ERM@mass.gov

Help Us Improve Mass.gov with your feedback

Did you find what you were looking for on this webpage?

Yes

If you have any suggestions for the website, please let us know. How can we improve the page?

Please do not include personal or contact information.

The feedback will only be used for improving the website. If you need assistance, please contact the Executive Office of Technology Services and Security. Please limit your input to 500 characters.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the Executive Office of Technology Services and Security.

Please let us know how we can improve this page.

Please remove any contact information or personal data from your feedback. You will NOT get a response.

If you need assistance, please contact the Executive Office of Technology Services and Security.

Table of Contents for the handbook, Enterprise Information Security Policies and Standards

Policy Advisory Change and Configuration Management Policy

Contact for Change and Configuration Management Policy

Cybersecurity and Enterprise Risk Management

Online

Table of Contents

Purpose

Downloads for Change and Configuration Management Policy

Contact for Change and Configuration Management Policy

Cybersecurity and Enterprise Risk Management

Online

Help Us Improve Mass.gov with your feedback