A security practice that forces changes to the system to be reviewed before taking effect to make sure that they are appropriate. The changes are then recorded to “roll back” if they introduce a fault into the system. For example, change-control is frequently used to validate that a firewall’s rule set does not degrade. Furthermore, change-control is used for maintaining system patches (that is, fixes).
Graham, R. Hacking Lexicon. Robert Graham Website. http://www .linuxsecurity.com/resource_files/documentation/hacking-dict.html.