1.7 KiB
1.7 KiB
Secure Change And Deployment Guidance
Purpose
This guidance note helps engineering and operational teams apply the change and deployment controls consistently in a cloud-native environment.
Key Principle
The goal is not to slow change down. The goal is to make production change deliberate, traceable, and recoverable.
What Deserves More Scrutiny
Higher-risk changes usually include:
- authentication or authorisation changes
- changes affecting production access or secrets
- Kubernetes or infrastructure changes
- CI/CD pipeline changes
- logging or monitoring changes
- customer-impacting configuration changes
Minimum Practical Checks Before Deployment
Before a production deployment, confirm:
- the change is reviewed and approved at the right level
- the deployment path is the approved one
- rollback or recovery is understood
- monitoring exists to detect failure quickly
- any customer or operational communication need is understood
Emergency Change Discipline
Emergency change does not mean uncontrolled change. If a shortcut is needed during an incident or outage, the record still needs to show:
- why the shortcut was necessary
- who made the decision
- what was changed
- what retrospective review is required
Evidence To Keep
Useful deployment evidence often includes:
- change approval
- code review or pipeline traceability
- deployment timestamp
- deployment owner
- validation results
- rollback or follow-up actions where relevant
Related Documents
../../01-policies/change-management-policy.md../../02-standards/ci-cd-security-standard.md../../03-procedures/change-approval-procedure.md../../03-procedures/production-deployment-procedure.md