This objective of this Policy is to define the overall requirements for the management of changes to Company’s IT systems and applications. This Policy requires that all changes within the Company Production Computing Environments are clearly stated, controlled, measured and enforced. All change submissions must be reviewed by a Change Control Body and must be rejected if they are deemed to be out of compliance.

This Policy applies to all software and hardware changes and releases to the Company’s IT Production and Production Disaster Recovery (DR) Computing environments (referred to hereafter as the Production Computing Environment).

This Policy applies globally to all offices and production sites across each business area, (Production sites include rooms containing electronic hardware such as servers, switches, cables, etc).

It is mandatory that any external parties or vendors interacting with Company through the change process adhere to all aspects of this Policy.