The Change Request undergoes one more round of review and filtering before it is processed further for detailed assessment, approval and scheduling. The changes which either incomplete or not in scope, must be filtered again at this level by the Change Manager.

Detailed assessment of the change, also called an impact analysis, should be done to understand the implications of the change, the resources required, the associated risks and the proposed implementation time-scales etc. The potential impact of failed changes on business and the risk to the business if the change is not implemented, must be considered. Impact of the change on Service architecture/design, or on aspects like availability, capacity, continuity and security need to be validated. The assessment results must include all relevant information on business consequences, in order to assess effectively the risk of implementing or rejecting the change. The Change Manager must ensure all internal and business stakeholders are involved to ensure all impacts to business operations and services are assessed.

Once this is complete, change must be presented to change approvers. The Change Approvers are responsible to grant approval or reject a change.