Curious how others are handling operational activities in the cybersecurity space — specifically when a review triggers a change.
Our team has started logging preventative activities in Operational Activities, including monthly advisory reviews. When one of those reviews warrants a system change, we need a path into change management so our change control board can review it.
The only route I've found so far is creating an incident off the operational activity and then converting it to a request for change. It works, but not optimal.
Is that the path others are taking? Or has anyone found a better way to bridge operational activities into the change management workflow?