Change control is a governance feature in Tines that transforms how teams manage updates to production workflows. By default, when you edit a story, your changes take effect immediately. This works well when you're building something new or working on low-risk automations. But for workflows that are up and running and critical to your operations, you need a more controlled approach.
Change control creates a structured review and approval process for story updates. Once enabled on a story, that workflow becomes read-only and is considered "live." No changes can be made directly to the live version. Instead, team members work in drafts; isolated copies of the workflow where they can experiment, build, and test freely without any risk to the production environment.
❗️Important
Why change control matters
As organizations scale their use of intelligent workflows, the stakes get higher. Workflows that once handled simple tasks now orchestrate complex processes across multiple systems, teams, and data sources. Consider a workflow that:
Automates incident response across your security tools.
Manages employee onboarding and offboarding across HR, IT, and access management systems.
Processes sensitive customer data or financial information.
Coordinates communications during critical events.
If any of these workflows break or behave unexpectedly, the impact can be significant. Systems could be blocked, alerts might go unprocessed, or sensitive information could be exposed to unauthorized individuals. Change control helps you avoid these scenarios by ensuring that every change is intentional, tested, and reviewed before it reaches production.
When to use change control
As you build and scale your intelligent workflows, consider enabling change control for stories that:
Impact how people work: Workflows that employees depend on daily, like alert triage or ticket routing.
Interact with multiple systems: Complex integrations where a change in one area could have cascading effects.
Process sensitive data: Workflows handling Personally Identifiable Information (PII), financial data, or security-critical information.
Support compliance requirements: Processes that must meet regulatory or audit standards.
Affect a diverse range of users: Workflows used across multiple teams or departments.