Information Technology Infrastructure Library 4 (ITIL4) distinguishes 3 basic types of changes in IT services:
Standard Change
Low-risk changes that are well documented and easy to understand or adapt. They most often do not require an additional authorization process. These changes are mostly submitted as Service Request or Operational Change. Risk Assessment occurs when we create a new procedure for their implementation or modify an existing one.
Normal Change
Require planning, evaluation, and authorization. Depending on the risk level, authorization takes place at a different level of change authority. For example, for a low-risk change, one person authorized to make quick decisions may be selected whereas for high-risk changes, more than one person is responsible for the authorization (high management board).
Emergency Change
Such changes must be implemented as soon as possible, most often with the partial omission of some process elements. In this case, it is acceptable to postpone the documentation preparation until implementation and reduce some testing tasks. To this type of change, a change authority group, consisting of high management representatives, is usually delegated, meaning people who know the business needs and all the risks in the process
