Changes to higher priority assets are tested prior to being deployed
Context and Guidance: Changes to assets should be tested to ensure continuity of the assets and functions they affect prior to implementing the changes across the enterprise. When possible, testing of proposed changes should be conducted in a test environment or a low-risk production environment. Testing may include stress testing, confirmation that changes were implemented, operability, and load testing. Additionally, organisations may consider whether controls preventing unauthorised changes are necessary for specific types of assets. For example, digital or hardware programming switches should be placed in a mode that does not allow programming during routine operations.
Related Practices • Input From: Implementing ASSET-1c provides input that may be useful for implementing this practice. • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: ASSET-4a, ASSET-4d, ASSET-4e, ASSET-4f, ASSET-4h.