Proposed process for handling unauthorized changes detected on CIs in CMDB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
an hour ago
I'm working on a process for handling unauthorized changes detected on Configuration Items (CIs) in ServiceNow and would appreciate feedback from those who have implemented something similar.
The objective is to ensure every unauthorized change is either:
formally approved after the fact (if acceptable), or
rolled back and properly documented.
My proposed workflow is as follows:
An unauthorized change is detected on a CI.
A Change record is automatically created (or the detected change is associated with one) and assigned to the Change Approver Group (CAG).
A Change Task is created for the Change Approver Group to review the unauthorized change.
The affected CI Owner is notified with the change details.
The Change Approver Group reviews the change.
If approved: the change is retained, the Change is approved and closed.
If rejected: a task is assigned to the individual/team that performed the unauthorized change, instructing them to roll back the CI to its previous state.
After rollback is completed, the Change Approver (and CI Owner, if appropriate) is notified.
The Change record is then closed.
Would someone please advise if this is a good process?
What have you done in your org?
