Publishing Hub

Review approved changes and publish the next version of the control library.

Staged Changes (3)

These changes have been approved and are ready for the next release cycle.

Change	Key	Title	Change Details
New	AM-03	Separation of Duties	To: To prevent fraud and error (Why), system roles are designed by department managers (Who) to segregate incompatible duties (What/How), such as transaction approval and payment processing. This is reviewed during access reviews (When).
Update	AM-01	User Access Reviews	From: On a quarterly basis (When), designated system administrators or department managers (Who) shall review all user access rights to critical systems (What) to ensure the principle of least privilege is maintained (Why). This review is conducted by comparing current access lists against documented and approved roles and responsibilities (How). To: User access to sensitive systems is reviewed quarterly by management.
Retired	DS-02	Data Classification	To: Data Owners (Who) are responsible for classifying all new data sets (What) according to the company's data sensitivity policy (How) on an annual basis (When), in order to apply appropriate security controls (Why).

Change

Key

Title

Change Details

New

AM-03

Separation of Duties

To: To prevent fraud and error (Why), system roles are designed by department managers (Who) to segregate incompatible duties (What/How), such as transaction approval and payment processing. This is reviewed during access reviews (When).

Update

AM-01

User Access Reviews

From: On a quarterly basis (When), designated system administrators or department managers (Who) shall review all user access rights to critical systems (What) to ensure the principle of least privilege is maintained (Why). This review is conducted by comparing current access lists against documented and approved roles and responsibilities (How).

To: User access to sensitive systems is reviewed quarterly by management.

Retired

DS-02

Data Classification

To: Data Owners (Who) are responsible for classifying all new data sets (What) according to the company's data sensitivity policy (How) on an annual basis (When), in order to apply appropriate security controls (Why).

1. Generate Release Assets

Use AI to generate release notes and a full communications package for stakeholders.

Release Notes

Generate a summary of all staged changes for the official release notes.

Communications & Training Pack

Generate audience-specific summaries, FAQs, and a training quiz.

2. Publish

Once all assets are reviewed, publish the new version. This will make it the new "Live" library and notify stakeholders.