Template Owner: Vulnerability Management / Change Management
Last Updated: 2026-02-28
Use Case: Production remediation requiring CAB review/approval
- Change Title: [Example: Disable legacy TLS protocols on Windows servers]
- Change Type: [Standard / Normal / Emergency]
- Requested By: [Name / Team]
- Systems / Scope: [Asset group / environment]
- Planned Window: [Date + start/end time]
- Customer Impact: [None / Low / Medium / High] (explain)
- Security Driver: [Critical/High vulnerability, compliance, known exploitation, etc.]
- Risk if Not Implemented: [short statement]
- Confirm backups / snapshots (if applicable)
- Confirm maintenance window + comms sent
- Confirm access and tooling (scripts, credentials, admin approvals)
- [Step 1…]
- [Step 2…]
- [Step 3…]
- Service health checks (apps, ports, auth flows)
- Confirm system configuration changed as intended
- Run follow-up vulnerability scan / targeted validation
- Rollback Trigger: [What condition triggers rollback?]
- Rollback Steps:
- [Rollback step…]
- [Rollback step…]
- Post-rollback Validation: [How do we confirm restoration?]
- Likelihood of Impact: [Low/Medium/High]
- Blast Radius: [Single host / host group / service]
- Mitigations: [staging, canary rollout, monitoring, etc.]
- Change Manager
- Service Owner
- Security / Vulnerability Management
- CAB Decision: Approved / Rejected / Deferred
- Outcome: [Success / Partial / Failed]
- Issues Observed: [details]
- Evidence Attached: [links to sanitized logs/screenshots/scan proof]
- Rescan Result: [resolved / remaining findings / next steps]