Most organizations figured out a long time ago that instilling some level of governance and control over application source code (your business applications running on the mainframe) was a very good idea. This governance: 

• Saves costs, drives revenue and mitigates risk.
• Provides traceability for changes.
• Moves artifacts through a lifecycle of structure and rigor.
• And most importantly – it protects production. 

Yet as sound as this is, I’m amazed at how the other half of the mainframe is open and unprotected.   By and large, most firms don’t have any change governance in place against the system software (the software that’s