How does Eye-Able® ensure that changes to systems, applications, infrastructure, and configurations are controlled and risk-based?
Ensuring traceability and compliance with Change Control, exception handling, and SLA-conform behavior
Eye-Able® follows a formalized change management approach, which controls all changes to IT systems, software, configurations, and infrastructure on a risk-based basis – regardless of whether these are implemented internally or by service providers.
Documented Change Processes
Change processes are documented, regulated by policies, and subject to annual review as well as continuous updates.
Approved Baselines and Logging
Each change is based on approved baselines, standardized testing and release processes, and is linked to a central logging system.
Prevention of Unauthorized Changes
Unauthorized changes or uncontrolled interventions in systems and assets are technically and organizationally excluded.
Automatic Detection of Deviations
Deviations from defined states are automatically detected and proactively reported.
Exception Handling and Approval Processes
For exceptions, emergencies, or configuration deviations, there are regulated approval and documentation processes based on industry-standard GRC guidelines (e.g., GRC-04).
Rollback Procedures and Service Provider Contracts
Rollback procedures are prepared and allow for controlled restoration to a secure operational state. Contracts with service providers include SLA regulations to ensure that critical customer changes do not occur without explicit approval.
Ensuring Auditability of Changes
These measures ensure that Eye-Able® implements changes in an auditable, traceable manner without unintended impacts on operational stability or customer systems.