ROTIX.io
Free Resource
ROTIX.IO free resource
Change Control Register Template
A structured register for recording, assessing, and closing planned changes to processes, products, software, and the QMS under ISO 9001:2015 and the approaching ISO 9001:2026 standard, which strengthens change management and digital record requirements.
When to raise a change
- Any planned change to a process, product, service, or QMS document must be assessed before implementation
- Changes driven by customers, regulators, or external providers are included — not just internal decisions
- Corrective actions that involve process changes should be linked to a change record
Impact assessment
- Assess risk and opportunity before committing to implementation — this is a core clause 6.3 requirement
- Consider effects on customers, subcontractors, and any software or digital system that supports the QMS
- ISO 9001:2026 places greater emphasis on software controls and digital record integrity
Approval and implementation
- Define who must authorise the change before it proceeds — approval records are objective evidence of leadership oversight
- Communicate changes to affected staff before the implementation date, not after
- Record the planned implementation date separately from the date the change was raised
Verification and closure
- Every change needs a defined method to confirm it was implemented as intended and had the expected effect
- Schedule a post-change review to check for unintended consequences on related processes
- Closure evidence is the audit trail — it links the original reason for change to the confirmed outcome
Register fields
| Field | What to record |
|---|---|
| Record identification | |
| Change ID | Unique sequential reference, e.g. CC-001. Used to cross-reference corrective actions, audits, and management review outputs. |
| Date raised | Date the change was identified or formally requested — not the implementation date. |
| Requested by | Name or role of the person raising the change. Useful when a change originates from a customer, auditor, or supplier. |
| Owner | The person responsible for progressing, implementing, and closing this change record. |
| Change definition | |
| Change category | Process · Software / digital · Supplier or contract · Organisational structure · Document or controlled record. |
| Area or process affected | Which part of the QMS, operation, or product/service scope is changing. Be specific — "production" is less useful than "goods-in inspection procedure". |
| Reason for change | Why the change is needed: customer requirement, nonconformity, process improvement, regulatory update, risk reduction, or opportunity. |
| Impact assessment | |
| Risk impact | What new or increased risks does this change introduce? Record the risk, its likelihood, and any planned controls. |
| Opportunity impact | Does this change create an opportunity to improve quality, efficiency, or customer satisfaction? Note if none identified. |
| Customer impact | Effect on customer requirements, existing commitments, delivery, or satisfaction. Record if the customer needs to be notified. |
| Supplier impact | Does this change affect subcontractors, purchased materials, or external providers? Note any contract or specification changes required. |
| Software or digital record impact | Changes to software, digital systems, or electronic records that support the QMS. Particularly relevant under ISO 9001:2026 requirements. |
| Approval and implementation | |
| Required approvals | Who must authorise this change before implementation proceeds. Record names, roles, and date of approval. |
| Implementation date | Planned date on which the change takes effect. Update if the date changes and record the reason for any delay. |
| Communication required | Who needs to be informed of this change, through what channel, and by when. Include staff, customers, and suppliers as applicable. |
| Verification and closure | |
| Validation or verification method | How the change will be confirmed as implemented and effective — inspection, testing, audit, review of records, or customer confirmation. |
| Post-change review date | When the change will be reviewed to check for unintended effects on related processes, products, or services. |
| Status | Open · In progress · Implemented · Closed. Update at each stage — "implemented" means the change happened; "closed" means it was verified effective. |
| Closure evidence | Reference to the record confirming the change was completed and had the intended effect — inspection result, updated document reference, audit finding, or management review minute. |
Good change control creates a visible link between the original reason for change and the confirmed outcome. Auditors look for that chain — raise, assess, approve, implement, verify, close. Organisations that manage change well also tend to have stronger management reviews, because risks and opportunities from changes feed directly into review inputs. ROTIX.IO provides project and programme support alongside ISO 9001 preparation for teams that need structured delivery alongside the QMS work.
ROTIX.io
ISO Management Platform
Change control resource