GRC Engineering

Josef Kamara, CPA, CISSP, CISA · Updated May 2, 2026 · 1 minute read

Change Management

Structured process for evaluating, approving, and deploying modifications to IT systems while maintaining compliance controls. SOC 2 maps change management to CC8.1, requiring documented approval workflows and post-deployment validation.

The Authority Brief

One compliance analysis per week from Josef Kamara, CPA, CISSP, CISA. Federal and private compliance, written for practitioners.