Change Management
2 Min
Read Time

The 3 Questions for Change Management

Marco Saenz

Change Assessment

Considerations in Risk Management

When Evaluating change, you may want to ask the following:

What is the system levelof the aspect being changed?

·       Top Level (or Critical)

·       Mid Level (or Moderate)

·       Low Level (or Minor)

But how do we definethe level of the aspect being changed?

The consideration of the aspect level determines therisk associated with the change and in turn, drives the work requiredto affect the change.  Therefore, werecommend that this should be determined by asking the following LevelDetermination questions while assuming you have a validated status:

1. Is the change to an aspect ofthe system that impacts the system’s ability to meet its validatedfunction?  (This would be a top level orcritical system change).
2. Is thechange to a secondary aspect of the system that feeds a top-level aspect wherethe control of the system’s ability to meet its validated function resides atthe top level?  (This would be amid-level or moderate system change).
  • Mid-levelor moderate system changes require documented testing to demonstrate that thechange does not impact the top-level system’s ability to meet its validatedfunction following the change and before the system is returned to operation.
  • Testingcan be from basic function to verification to full revalidation depending onthe risk.
  • Testinglevel employed needs to be supported by a risk rationale.
3. Is the change to a tertiary aspect of the system that neither feeds atop-level aspect nor controls the system’s ability to meet its validated function?  (This would be a low level or minor systemchange).

Change Management Recommendation:

Define system levels and change requirements inthe original validation.  Here we alsotie back again to the value of a robust and comprehensive Validation Plan (VP).The scope of the overall system and the boundaries of its individual elementsshould be well-defined within the VP and complimented by the individualvalidation documentation based on overall risk (Riskapproach.) You may not be able to capture all cases but all reasonableones to expect should be listed with requirements for verification testing orrevalidation following changes to the system or its components.

1.     This allows for risk review of the system at thetime of its validation and provides guidance for system users in the future.

2.     It also provides for original validation reviewwhenever system changes are proposed and for validation plan review to evaluateif system changes are within the predefined system scope and componentboundaries.

Subscribe to our blog

Join our mailing list to receive latest updates & news.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.


BEPC Inc. provides Technical Engineering and Information Technology Project Management services to Fortune 500 companies in the Life Science and Technology industries.

contact us

social media

our offices

3240 Executive Drive
San Angelo, TX 76904
Office: 325-944-0169
BEPC Mexico
Plaza "ABH"Ave. Manuel Gomez Morin #871
Suite # 204 Juarez, Chihuahua Mexico, 32563