Under certain conditions, like a zero-day vulnerability or out-of-band software patch, a change needs to escalated and applied outside of normal change management workflow and can potentially obtain approval after a change has been made. This is done in the event a disruption or introduction of risk to business will occur.