In the high-stakes world of IT infrastructure, "Change" is a double-edged sword. Managed well, it drives innovation and stability. Managed poorly, it causes outages, security breaches, and happy clients turning into former clients.
ITIL (Information Technology Infrastructure Library) provides the global standard for handling this balance through Change Enablement. However, many organizations struggle because they treat every change as a "Normal" change, drowning in paperwork, or treating every change as "Emergency," drowning in risk.
This guide provides an in-depth look at the three specific types of changes, Standard, Normal, and Emergency—and how to identify, execute, and automate them using modern platforms like ChangeBreeze.
1. Standard Changes: The Path of Least Resistance
What is a Standard Change?
A Standard Change is a low-risk, pre-authorized modification that is relatively common and follows a documented procedure.
Think of these as "business as usual." The key differentiator here is Pre-Authorization. Because the risk is proven to be low and the history of success is high, these changes do not require a fresh approval from a Change Advisory Board (CAB) every time they are executed. They streamline operations by cutting red tape.
When to Use a Standard Change
You should categorize a request as "Standard" only if it meets all the following criteria:
-
Repeatable: The task is performed frequently (e.g., weekly or monthly).
-
Documented: There is a proven, step-by-step procedure (SOP) that technicians follow.
-
Low Risk: History shows that this change rarely, if ever, causes service disruption.
-
Pre-Approved: Management has agreed that this specific action does not need case-by-case review.
Real-World Examples
-
The "New Hire" Setup: Provisioning a laptop, creating an Active Directory user, and assigning standard software licenses. This happens dozens of times a month; asking for CAB approval for every new hire would paralyze the IT department.
-
Routine Patching: Applying approved OS security patches to non-critical workstations.
-
DNS Entries: Adding a CNAME record for a new marketing landing page.
How ChangeBreeze Handles Standard Changes
While these are "low risk," they still need to be logged for audit trails. ChangeBreeze automates this via Templates.
-
The Workflow: An admin creates a "Standard Template" for a task (e.g., "New User Provisioning").
-
The Execution: A technician opens ChangeBreeze, selects the template, fills in the user’s name, and clicks submit.
-
The Result: The system automatically logs the change as "Approved" and "Implemented" without waking up a manager. This reduces administrative overhead by up to 80%.
2. Normal Changes: The Structured Backbone
What is a Normal Change?
A Normal Change is a modification that is not routine and requires a specific approval process. This is the default category for most IT projects.
Unlike Standard changes, Normal changes are not pre-approved. They must go through the full change lifecycle: Assessment → Authorization → Scheduling → Implementation → Review.
The Spectrum of Normal Changes
Not all Normal changes are created equal. They usually fall into sub-categories based on scope:
-
Minor: Low cost, low risk, but technically "new" (e.g., Opening a specific firewall port for a vendor).
-
Major: High cost, high risk, significant impact (e.g., Migrating the company ERP to the cloud).
When to Use a Normal Change
Use this category when:
-
The change has never been done before, or is done very rarely.
-
There is a risk of service interruption if the change fails.
-
The change impacts critical business services or multiple client environments.
-
Input is needed from other teams (e.g., Security, Network, Compliance).
Real-World Examples
-
Network Re-architecture: Replacing core switches in a data center. This requires a rollback plan, a specific maintenance window (usually weekends), and approval from the Network Director.
-
Software Upgrades: Moving a client’s Exchange Server from 2016 to 2019. This is complex, requires downtime planning, and carries a risk of data loss if not backed up correctly.
How ChangeBreeze Handles Normal Changes
This is where ChangeBreeze shines by replacing email chains with structured workflows.
-
Risk Assessment: The platform forces the requester to score the risk. High-risk changes are automatically routed to the Virtual Change Advisory Board (VCAB).
-
Collaboration: Stakeholders can ask questions ("Did you verify the backups?") directly in the ticket.
-
Scheduling: The ChangeBreeze calendar overlay prevents "Collision," ensuring you don't schedule a Network Upgrade at the same time another team is doing a Database Migration.
3. Emergency Changes: The "Break Glass" Response
What is an Emergency Change?
An Emergency Change is a modification required immediately to restore a service that has failed or to prevent a catastrophic security breach.
In this scenario, speed is the priority. The traditional approval process is expedited or bypassed to fix the issue now. However, "Emergency" does not mean "Uncontrolled." The documentation is simply done in parallel or immediately after the fix.
When to Use an Emergency Change
This category is strictly for "Do or Die" scenarios. It should never be used to bypass approval for a project that was simply planned poorly. Use it when:
-
Service is Down: A critical server is offline, and business operations have halted.
-
Security Threat: An active cyberattack is in progress (e.g., Ransomware or Zero-Day exploit).
-
Safety Issue: A data center HVAC failure threatens to overheat hardware.
Real-World Examples
-
The Cyberattack: A specific IP address is flooding the network (DDoS). The network team must apply a firewall drop rule immediately. They cannot wait for a Tuesday CAB meeting.
-
The Corrupted Database: A production database corrupts during business hours. The team must trigger an emergency restore from backup to get the application back online.
How ChangeBreeze Handles Emergency Changes
ChangeBreeze balances the need for speed with the need for accountability.
-
Bypass Mode: Technicians can flag a change as "Emergency," which bypasses standard approval queues to allow immediate implementation.
-
Mandatory PIR: Once the fire is put out, ChangeBreeze flags the ticket for a mandatory Post-Implementation Review (PIR). This forces the team to document what happened and why it was an emergency, ensuring compliance audits are satisfied.
Summary: Which Change Type Do I Choose?
Making the right choice is critical for compliance and efficiency. Use this decision framework:
| Feature | Standard Change | Normal Change | Emergency Change |
| Trigger | Routine / Service Request | Project / Improvement | Incident / Failure |
| Risk Profile | Low & Known | Variable (Low to High) | High / Critical |
| Approval | Pre-Authorized (None) | vCAB / Approvers | vCAB / Bypass |
| Timeline | Whenever Needed | Planned Schedule | Immediate |
| ChangeBreeze Feature | Templates | Virtual CAB (VCAB) | Emergency Bypass |
The Ultimate Goal: Standardization (The Maturity Model)
A mature IT organization shouldn't just manage these three types separately, they should use them to evolve. The goal is to take High-Effort items and convert them into Low-Effort items over time.
This process is called Change Standardization, and it follows a three-step lifecycle:
Phase 1: The Normal Change (Verification)
Every new procedure starts here. For example, upgrading a specific type of firewall. The first few times you do this, it requires full scrutiny, a risk assessment, and CAB approval because the outcome is not 100% guaranteed.
Phase 2: The Track Record (Validation)
After performing this "Normal" firewall upgrade 10 or 20 times successfully, you now have data. You have a proven track record showing that the risk is low and your procedure is solid.
Phase 3: The Standard Change (Automation)
Because you have proven the process works, you stop treating it as a "Normal" change. You take that procedure and build it into a ChangeBreeze Standard Template.
The Result:
Now, that firewall upgrade, which used to take 3 days of approval waiting time, is pre-approved and executed instantly. By aggressively standardizing your changes, you free up your engineering talent to focus on innovation rather than paperwork.
Ready to Master Your Change Types?
Understanding the definitions is step one. Implementing a tool that enforces them is step two.
ChangeBreeze is designed to recognize these three distinct workflows. Whether you are an MSP managing 50 tenants or an Enterprise securing your infrastructure, our platform adapts to your governance needs.
Sign up today to see how ChangeBreeze can help you automate your Standard changes and gain control over your Normal and Emergency workflows.