Definition · Plain-language
Change control
Change control is the formal system used to propose, evaluate, approve, implement and document changes to processes, equipment, systems, materials or documents within a regulated environment.
The step most authors miss
Doing CRediT right? Don’t stop at the statement.
A CRediT statement credits you inside one paper. The recognition CRediT was built for happens when those roles are tied to you, persistently. Sign in with your ORCID — free — and claim your CRediT contributions on casrai.org, the home of the standard. They become a verified, portable part of your identity, not a line that disappears into one PDF.
Free: claim your contributions, then export a journal-ready CRediT statement, schema.org structured data, JATS XML, CSV or BibTeX — and preview your public profile. A membership publishes that profile publicly and verifies the journals you serve.
Why change must be controlled
In a regulated environment, processes and systems are validated to prove they reliably deliver quality. Any change — to a procedure, a piece of equipment, a supplier or a computerised system — can disturb that validated state, sometimes in non-obvious ways. Change control exists to ensure no such change happens by accident or in isolation. Every proposed change is captured, assessed and authorised before implementation, so the organisation understands and manages its impact rather than discovering consequences after the fact.
The change-control process
A typical change-control process begins with a documented change request describing the proposed change and its rationale. A cross-functional impact and risk assessment then considers effects on product quality, validation status, data integrity, regulatory filings and other systems, and defines the actions needed — for example, revalidation, document updates or training. Appropriate functions, including quality assurance, approve the change. It is then implemented in a controlled way, and the change is closed only once all required actions are verified complete.
Planned change versus deviation
Change control and deviation management are complementary but distinct. Change control governs planned, intentional changes evaluated before they happen. A deviation, by contrast, is an unplanned departure from an approved procedure or specification that has already occurred and must be investigated after the fact. Confusing the two is a common error: implementing a change without raising it through change control may itself be recorded as a deviation. Effective quality systems route planned changes through change control and unplanned events through deviation management.
Key facts
At a glance
- Definition: formal system to evaluate, approve and document changes to maintain the validated state
- Applies to: processes, equipment, systems, materials and documents
- Core step: cross-functional impact and risk assessment
- Authorised by: appropriate functions including quality assurance
- Framework basis: ICH Q10 change management system
- Distinct from: deviation (an unplanned departure after the fact)
Common misconceptions
What people often get wrong
Often heard: Change control and deviations are basically the same process.
Actually: They are distinct. Change control governs planned, intentional changes assessed before implementation; a deviation is an unplanned departure that has already occurred and is investigated afterwards. Making a change without change control can itself be a deviation.
Often heard: Only big changes to the process need change control.
Actually: Change control applies to changes across processes, equipment, systems, materials and documents. Seemingly minor changes can affect the validated state in non-obvious ways, so impact is assessed rather than assumed to be negligible.
Often heard: A change is closed as soon as it is implemented.
Actually: A change is closed only once all required actions — such as revalidation, document updates and training — are verified complete. Implementation alone does not close the change-control record.
Going deeper
