diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 3648e5175..0b7e6dc86 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -4,7 +4,7 @@ repos:
     rev: v1.4.0
     hooks:
       - id: detect-secrets
-        exclude: ".pre-commit-config.yaml|infrastructure/localstack/provider.tf|src/api/searchDevice/src/data/response.py"
+        exclude: ".pre-commit-config.yaml|infrastructure/localstack/provider.tf|src/api/searchDevice/src/data/response.py|src/etl/sds/tests/changelog"
 
   - repo: https://github.com/prettier/pre-commit
     rev: 57f39166b5a5a504d6808b87ab98d41ebf095b46
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 13cce9854..54c7841f2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,11 @@
 # Changelog
 
+## 2024-06-04
+- [PI-322] State machine lambda error messages truncated
+- [PI-346] Update now includes modify changes, plus testing suite
+- [PI-347] Updates implemented sequentially
+- [PI-358] Disable SDS ETL update timer on persistent environments
+
 ## 2024-05-31
 - [PI-342] Add redacted-fields to context loggers
 - [PI-376] Check releases fully rebased on main
diff --git a/VERSION b/VERSION
index 5b76f3d67..a9bd38319 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2024.05.31
+2024.06.04
diff --git a/changelog/2024-06-04.md b/changelog/2024-06-04.md
new file mode 100644
index 000000000..82091d1a5
--- /dev/null
+++ b/changelog/2024-06-04.md
@@ -0,0 +1,4 @@
+- [PI-322] State machine lambda error messages truncated
+- [PI-346] Update now includes modify changes, plus testing suite
+- [PI-347] Updates implemented sequentially
+- [PI-358] Disable SDS ETL update timer on persistent environments
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram--update-transform-and-load.asl.json b/infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram--update-transform-and-load.asl.json
new file mode 100644
index 000000000..8e4c19297
--- /dev/null
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram--update-transform-and-load.asl.json
@@ -0,0 +1,91 @@
+{
+  "Comment": "SDS ETL - Sequential Transform and Load for updates",
+  "TimeoutSeconds": 60,
+  "StartAt": "load",
+  "States": {
+    "load": {
+      "Type": "Task",
+      "Resource": "arn:aws:states:::lambda:invoke",
+      "OutputPath": "$.Payload",
+      "Parameters": {
+        "FunctionName": "${load_worker_arn}:$LATEST",
+        "Payload": {
+          "max_records": "1"
+        }
+      },
+      "Retry": [
+        {
+          "ErrorEquals": [
+            "Lambda.ServiceException",
+            "Lambda.AWSLambdaException",
+            "Lambda.SdkClientException",
+            "Lambda.TooManyRequestsException"
+          ],
+          "IntervalSeconds": 1,
+          "MaxAttempts": 3,
+          "BackoffRate": 2
+        }
+      ],
+      "Next": "load-result"
+    },
+    "load-result": {
+      "Type": "Choice",
+      "Choices": [
+        {
+          "Not": {
+            "Variable": "$.error_message",
+            "IsNull": true
+          },
+          "Next": "etl-stopped"
+        },
+        {
+          "And": [
+            {
+              "Variable": "$.error_message",
+              "IsNull": true
+            },
+            {
+              "Not": {
+                "Variable": "$.unprocessed_records",
+                "NumericEquals": 0
+              }
+            }
+          ],
+          "Next": "load"
+        }
+      ],
+      "Default": "transform"
+    },
+    "transform": {
+      "Type": "Task",
+      "Resource": "arn:aws:states:::lambda:invoke",
+      "OutputPath": "$.Payload",
+      "Parameters": {
+        "FunctionName": "${transform_worker_arn}:$LATEST",
+        "Payload": {
+          "max_records": "1",
+          "trust": false
+        }
+      },
+      "Retry": [
+        {
+          "ErrorEquals": [
+            "Lambda.ServiceException",
+            "Lambda.AWSLambdaException",
+            "Lambda.SdkClientException",
+            "Lambda.TooManyRequestsException"
+          ],
+          "IntervalSeconds": 1,
+          "MaxAttempts": 3,
+          "BackoffRate": 2
+        }
+      ],
+      "Next": "etl-stopped"
+    },
+
+    "etl-stopped": {
+      "Type": "Pass",
+      "End": true
+    }
+  }
+}
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/step-function.asl.json b/infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram.asl.json
similarity index 58%
rename from infrastructure/terraform/per_workspace/modules/etl/sds/step-function.asl.json
rename to infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram.asl.json
index e4c22267e..884ca4332 100644
--- a/infrastructure/terraform/per_workspace/modules/etl/sds/step-function.asl.json
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/etl-diagram.asl.json
@@ -13,7 +13,7 @@
               "Type": "Choice",
               "Choices": [
                 {
-                  "Variable": "$.changelog-number",
+                  "Variable": "$.changelog_number_end",
                   "IsPresent": true,
                   "Next": "write-changelog-number"
                 }
@@ -24,7 +24,7 @@
               "Type": "Task",
               "End": true,
               "Parameters": {
-                "Body.$": "$.changelog-number",
+                "Body.$": "$.changelog_number_end",
                 "Bucket": "${etl_bucket}",
                 "Key": "${changelog_key}"
               },
@@ -37,25 +37,29 @@
           }
         },
         {
-          "StartAt": "parse-init",
+          "StartAt": "parse-etl-type",
           "States": {
-            "parse-init": {
+            "parse-etl-type": {
               "Type": "Choice",
               "Choices": [
                 {
-                  "Variable": "$.init",
-                  "StringEquals": "extract",
-                  "Next": "extract"
+                  "Variable": "$.etl_type",
+                  "StringEquals": "bulk",
+                  "Next": "extract-bulk"
+                },
+                {
+                  "Variable": "$.etl_type",
+                  "StringEquals": "update",
+                  "Next": "extract-update"
                 }
-              ],
-              "Default": "invalid-init-value"
+              ]
             },
-            "extract": {
+            "extract-bulk": {
               "Type": "Task",
               "Resource": "arn:aws:states:::lambda:invoke",
               "OutputPath": "$.Payload",
               "Parameters": {
-                "Payload.$": "$",
+                "Payload": {},
                 "FunctionName": "${extract_worker_arn}:$LATEST"
               },
               "Retry": [
@@ -71,25 +75,27 @@
                   "BackoffRate": 2
                 }
               ],
-              "Next": "extract-result"
+              "Next": "extract-bulk-result"
             },
-            "extract-result": {
+            "extract-bulk-result": {
               "Type": "Choice",
               "Choices": [
                 {
                   "Variable": "$.error_message",
                   "IsNull": true,
-                  "Next": "transform"
+                  "Next": "transform-bulk"
                 }
               ],
-              "Default": "worker-failed"
+              "Default": "etl-stopped"
             },
-            "transform": {
+            "transform-bulk": {
               "Type": "Task",
               "Resource": "arn:aws:states:::lambda:invoke",
               "OutputPath": "$.Payload",
               "Parameters": {
-                "Payload.$": "$",
+                "Payload": {
+                  "trust": true
+                },
                 "FunctionName": "${transform_worker_arn}:$LATEST"
               },
               "Retry": [
@@ -105,25 +111,27 @@
                   "BackoffRate": 2
                 }
               ],
-              "Next": "transform-result"
+              "Next": "transform-bulk-result"
             },
-            "transform-result": {
+            "transform-bulk-result": {
               "Type": "Choice",
               "Choices": [
                 {
                   "Variable": "$.error_message",
                   "IsNull": true,
-                  "Next": "load"
+                  "Next": "load-bulk"
                 }
               ],
-              "Default": "worker-failed"
+              "Default": "etl-stopped"
             },
-            "load": {
+            "load-bulk": {
               "Type": "Task",
               "Resource": "arn:aws:states:::lambda:invoke",
               "OutputPath": "$.Payload",
               "Parameters": {
-                "Payload.$": "$",
+                "Payload": {
+                  "max_records": "${bulk_load_chunksize}"
+                },
                 "FunctionName": "${load_worker_arn}:$LATEST"
               },
               "Retry": [
@@ -139,18 +147,11 @@
                   "BackoffRate": 2
                 }
               ],
-              "Next": "load-result"
+              "Next": "load-bulk-result"
             },
-            "load-result": {
+            "load-bulk-result": {
               "Type": "Choice",
               "Choices": [
-                {
-                  "Not": {
-                    "Variable": "$.error_message",
-                    "IsNull": true
-                  },
-                  "Next": "worker-failed"
-                },
                 {
                   "And": [
                     {
@@ -164,23 +165,90 @@
                       }
                     }
                   ],
-                  "Next": "load"
+                  "Next": "load-bulk"
                 }
               ],
-              "Default": "load-successful"
+              "Default": "etl-stopped"
             },
-            "load-successful": {
-              "Type": "Pass",
-              "End": true
+            "extract-update": {
+              "Type": "Task",
+              "Resource": "arn:aws:states:::lambda:invoke",
+              "OutputPath": "$.Payload",
+              "Parameters": {
+                "Payload": {},
+                "FunctionName": "${extract_worker_arn}:$LATEST"
+              },
+              "Retry": [
+                {
+                  "ErrorEquals": [
+                    "Lambda.ServiceException",
+                    "Lambda.AWSLambdaException",
+                    "Lambda.SdkClientException",
+                    "Lambda.TooManyRequestsException"
+                  ],
+                  "IntervalSeconds": 1,
+                  "MaxAttempts": 3,
+                  "BackoffRate": 2
+                }
+              ],
+              "Next": "extract-update-result"
             },
-            "worker-failed": {
+            "extract-update-result": {
+              "Type": "Choice",
+              "Choices": [
+                {
+                  "Variable": "$.error_message",
+                  "IsNull": true,
+                  "Next": "etl-update"
+                }
+              ],
+              "Default": "etl-stopped"
+            },
+            "etl-update": {
+              "Type": "Task",
+              "Resource": "arn:aws:states:::states:startExecution.sync:2",
+              "Parameters": {
+                "StateMachineArn": "${etl_update_state_machine_arn}",
+                "Input": {
+                  "StatePayload": {},
+                  "AWS_STEP_FUNCTIONS_STARTED_BY_EXECUTION_ID.$": "$$.Execution.Id"
+                }
+              },
+              "OutputPath": "$.Output",
+              "Next": "etl-update-result"
+            },
+            "etl-update-result": {
+              "Type": "Choice",
+              "Choices": [
+                {
+                  "Or": [
+                    {
+                      "Not": {
+                        "Variable": "$.error_message",
+                        "IsNull": true
+                      }
+                    },
+                    {
+                      "And": [
+                        {
+                          "Variable": "$.processed_records",
+                          "NumericEquals": 0
+                        },
+                        {
+                          "Variable": "$.unprocessed_records",
+                          "NumericEquals": 0
+                        }
+                      ]
+                    }
+                  ],
+                  "Next": "etl-stopped"
+                }
+              ],
+              "Default": "etl-update"
+            },
+            "etl-stopped": {
               "Type": "Pass",
               "End": true
-            },
-            "invalid-init-value": {
-              "Type": "Fail",
-              "Error": "InvalidInitValue",
-              "Cause": "Invalid Value of Init"
             }
           }
         }
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/main.tf b/infrastructure/terraform/per_workspace/modules/etl/sds/main.tf
index 29473e73e..59fdc15ee 100644
--- a/infrastructure/terraform/per_workspace/modules/etl/sds/main.tf
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/main.tf
@@ -195,53 +195,42 @@ resource "aws_cloudwatch_log_group" "step_function" {
   name = "/aws/vendedlogs/states/${var.workspace_prefix}--${local.etl_name}"
 }
 
-module "step_function" {
+module "update_transform_and_load_step_function" {
   source  = "terraform-aws-modules/step-functions/aws"
-  version = "4.1.0"
+  version = "4.2.0"
 
   type                              = "STANDARD"
-  name                              = "${var.workspace_prefix}--${local.etl_name}"
+  name                              = "${var.workspace_prefix}--${local.etl_name}--update-transform-and-load"
   use_existing_cloudwatch_log_group = true
   cloudwatch_log_group_name         = aws_cloudwatch_log_group.step_function.name
 
   definition = templatefile(
-    "${path.module}/step-function.asl.json",
+    "${path.module}/etl-diagram--update-transform-and-load.asl.json",
     {
-      extract_worker_arn   = module.worker_extract.arn
       transform_worker_arn = module.worker_transform.arn
       load_worker_arn      = module.worker_load.arn
-      notify_arn           = module.notify.arn
       etl_bucket           = module.bucket.s3_bucket_id
-      changelog_key        = var.changelog_key
     }
   )
 
   service_integrations = {
     lambda = {
       lambda = [
-        module.worker_extract.arn,
         module.worker_transform.arn,
         module.worker_load.arn,
-        module.notify.arn
+        "${module.worker_transform.arn}:*",
+        "${module.worker_load.arn}:*"
       ]
     }
   }
 
+
+
   attach_policy_json = true
   policy_json        = <<-EOT
     {
       "Version": "2012-10-17",
       "Statement": [
-          {
-            "Action": "lambda:InvokeFunction",
-            "Effect": "Allow",
-            "Resource": [
-              "${module.worker_extract.arn}:*",
-              "${module.worker_transform.arn}:*",
-              "${module.worker_load.arn}:*",
-              "${module.notify.arn}:*"
-            ]
-          },
           {
             "Action": [
                 "s3:PutObject",
@@ -262,6 +251,8 @@ module "step_function" {
     }
   EOT
 
+
+
   logging_configuration = {
     log_destination        = "${aws_cloudwatch_log_group.step_function.arn}:*"
     include_execution_data = true
@@ -269,12 +260,42 @@ module "step_function" {
   }
 
   tags = {
-    Name = "${var.workspace_prefix}--${local.etl_name}"
+    Name = "${var.workspace_prefix}--${local.etl_name}--update-transform-and-load"
   }
 
   depends_on = [aws_cloudwatch_log_group.step_function]
 }
 
+resource "aws_sfn_state_machine" "state_machine" {
+  name     = "${var.workspace_prefix}--${local.etl_name}"
+  type     = "STANDARD"
+  role_arn = aws_iam_role.step_function.arn
+  definition = templatefile(
+    "${path.module}/etl-diagram.asl.json",
+    {
+      extract_worker_arn           = module.worker_extract.arn
+      transform_worker_arn         = module.worker_transform.arn
+      load_worker_arn              = module.worker_load.arn
+      notify_arn                   = module.notify.arn
+      etl_bucket                   = module.bucket.s3_bucket_id
+      changelog_key                = var.changelog_key
+      bulk_load_chunksize          = var.bulk_load_chunksize
+      etl_update_state_machine_arn = module.update_transform_and_load_step_function.state_machine_arn
+    }
+  )
+  logging_configuration {
+    log_destination        = "${aws_cloudwatch_log_group.step_function.arn}:*"
+    include_execution_data = true
+    level                  = "ALL"
+  }
+
+
+  tags = {
+    Name = "${var.workspace_prefix}--${local.etl_name}"
+  }
+  depends_on = [aws_cloudwatch_log_group.step_function, module.update_transform_and_load_step_function, aws_iam_role.step_function]
+}
+
 
 module "trigger_bulk" {
   source = "./trigger/"
@@ -289,7 +310,7 @@ module "trigger_bulk" {
   etl_bucket_arn        = module.bucket.s3_bucket_arn
   etl_layer_arn         = module.etl_layer.lambda_layer_arn
   notify_lambda_arn     = module.notify.arn
-  state_machine_arn     = module.step_function.state_machine_arn
+  state_machine_arn     = aws_sfn_state_machine.state_machine.arn
   table_arn             = var.table_arn
   environment_variables = {
     TABLE_NAME = var.table_name
@@ -339,7 +360,7 @@ module "trigger_update" {
   etl_bucket_arn        = module.bucket.s3_bucket_arn
   etl_layer_arn         = module.etl_layer.lambda_layer_arn
   notify_lambda_arn     = module.notify.arn
-  state_machine_arn     = module.step_function.state_machine_arn
+  state_machine_arn     = aws_sfn_state_machine.state_machine.arn
   table_arn             = var.table_arn
   allowed_triggers      = {}
   environment_variables = {
@@ -397,10 +418,11 @@ module "trigger_update" {
 }
 
 module "schedule_trigger_update" {
-  source              = "./schedule/"
-  lambda_arn          = module.trigger_update.lambda_function.lambda_function_arn
-  lambda_name         = module.trigger_update.lambda_function.lambda_function_name
-  schedule_expression = var.is_persistent ? "rate(15 minutes)" : "rate(1 day)"
+  source      = "./schedule/"
+  lambda_arn  = module.trigger_update.lambda_function.lambda_function_arn
+  lambda_name = module.trigger_update.lambda_function.lambda_function_name
+  # schedule_expression = var.is_persistent ? "rate(15 minutes)" : "rate(1 day)"
+  schedule_expression = var.is_persistent ? "cron(0 0 1 1 ? 2000)" : "rate(1 day)" # cron(0 0 1 1 ? 2000) means "never"
 }
 
 module "bulk_trigger_notification" {
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/output.tf b/infrastructure/terraform/per_workspace/modules/etl/sds/output.tf
index 5a8e10dc6..43b18854c 100644
--- a/infrastructure/terraform/per_workspace/modules/etl/sds/output.tf
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/output.tf
@@ -1,5 +1,5 @@
 output "state_machine_arn" {
-  value = module.step_function.state_machine_arn
+  value = aws_sfn_state_machine.state_machine.arn
 }
 
 output "bucket" {
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/step_function_role.tf b/infrastructure/terraform/per_workspace/modules/etl/sds/step_function_role.tf
new file mode 100644
index 000000000..6300c360f
--- /dev/null
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/step_function_role.tf
@@ -0,0 +1,117 @@
+locals {
+  name = "${var.workspace_prefix}--${local.etl_name}"
+  tags = {
+    Name = "${var.workspace_prefix}--${local.etl_name}"
+  }
+}
+
+locals {
+  service_integrations = {
+    lambda = {
+      actions = ["lambda:InvokeFunction"]
+      resources = [
+        module.worker_extract.arn,
+        module.worker_transform.arn,
+        module.worker_load.arn,
+        module.notify.arn,
+        "${module.worker_extract.arn}:*",
+        "${module.worker_transform.arn}:*",
+        "${module.worker_load.arn}:*",
+        "${module.notify.arn}:*"
+      ]
+    }
+
+    step_function_start = {
+      actions   = ["states:StartExecution", "states:StartSyncExecution"]
+      resources = [module.update_transform_and_load_step_function.state_machine_arn]
+    }
+
+    step_function_stop = {
+      actions   = ["states:DescribeExecution", "states:StopExecution"]
+      resources = ["${replace(module.update_transform_and_load_step_function.state_machine_arn, "stateMachine", "execution")}:*"]
+    }
+
+    step_function_event_polling = {
+      actions   = ["events:PutTargets", "events:PutRule", "events:DescribeRule"]
+      resources = ["arn:aws:events:eu-west-2:${var.assume_account}:rule/StepFunctionsGetEventsForStepFunctionsExecutionRule"]
+    }
+
+    s3 = {
+      actions = [
+        "s3:PutObject",
+        "s3:AbortMultipartUpload",
+        "s3:GetBucketLocation",
+        "s3:GetObject",
+        "s3:ListBucket",
+        "s3:ListBucketMultipartUploads",
+        "s3:PutObjectVersionTagging"
+      ]
+      resources = [
+        "${module.bucket.s3_bucket_arn}",
+        "${module.bucket.s3_bucket_arn}/*"
+      ]
+    }
+
+    logging = {
+      actions = [
+        "logs:CreateLogDelivery",
+        "logs:GetLogDelivery",
+        "logs:UpdateLogDelivery",
+        "logs:DeleteLogDelivery",
+        "logs:ListLogDeliveries",
+        "logs:PutResourcePolicy",
+        "logs:DescribeResourcePolicies",
+        "logs:DescribeLogGroups",
+      ]
+      resources = ["*"]
+    }
+  }
+
+  depends_on = [module.bucket, module.update_transform_and_load_step_function]
+}
+
+data "aws_iam_policy_document" "assume_role" {
+  statement {
+    effect  = "Allow"
+    actions = ["sts:AssumeRole"]
+
+    principals {
+      type        = "Service"
+      identifiers = ["states.eu-west-2.amazonaws.com"]
+    }
+  }
+}
+
+resource "aws_iam_role" "step_function" {
+  name               = "${local.name}--role"
+  assume_role_policy = data.aws_iam_policy_document.assume_role.json
+  tags               = local.tags
+}
+
+data "aws_iam_policy_document" "service" {
+  for_each = { for k, v in local.service_integrations : k => v }
+
+  dynamic "statement" {
+    for_each = [each.value]
+    content {
+      effect    = "Allow"
+      sid       = replace("${local.name}${each.key}", "/[^0-9A-Za-z]*/", "")
+      actions   = each.value.actions
+      resources = each.value.resources
+    }
+  }
+}
+
+resource "aws_iam_policy" "service" {
+  for_each = { for k, v in local.service_integrations : k => v }
+  name     = "${local.name}--${each.key}"
+  policy   = data.aws_iam_policy_document.service[each.key].json
+  tags     = local.tags
+}
+
+resource "aws_iam_policy_attachment" "service" {
+  for_each   = { for k, v in local.service_integrations : k => v }
+  name       = "${local.name}--${each.key}"
+  roles      = [aws_iam_role.step_function.name]
+  policy_arn = aws_iam_policy.service[each.key].arn
+}
diff --git a/infrastructure/terraform/per_workspace/modules/etl/sds/vars.tf b/infrastructure/terraform/per_workspace/modules/etl/sds/vars.tf
index e736d2b43..ee486f7bd 100644
--- a/infrastructure/terraform/per_workspace/modules/etl/sds/vars.tf
+++ b/infrastructure/terraform/per_workspace/modules/etl/sds/vars.tf
@@ -9,6 +9,9 @@ variable "domain_layer" {}
 variable "changelog_key" {
   default = "changelog-number"
 }
+variable "bulk_load_chunksize" {
+  default = 10000
+}
 variable "table_name" {}
 variable "table_arn" {}
 variable "is_persistent" {}
diff --git a/pyproject.toml b/pyproject.toml
index 4a4326a94..81677fd4e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "connecting-party-manager"
-version = "2024.05.31"
+version = "2024.06.04"
 description = "Repository for the Connecting Party Manager API and related services"
 authors = ["NHS England"]
 license = "LICENSE.md"
diff --git a/scripts/etl/etl.mk b/scripts/etl/etl.mk
index 6636c7941..921ffea90 100644
--- a/scripts/etl/etl.mk
+++ b/scripts/etl/etl.mk
@@ -3,3 +3,7 @@ WORKSPACE :=
 
 etl--clear-state: aws--login ## Clear the ETL state
 	AWS_DEFAULT_REGION=$(AWS_DEFAULT_REGION) AWS_ACCESS_KEY_ID=$(AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY=$(AWS_SECRET_ACCESS_KEY) AWS_SESSION_TOKEN=$(AWS_SESSION_TOKEN) poetry run python scripts/etl/clear_state_inputs.py "$(SET_CHANGELOG_NUMBER)" "$(WORKSPACE)"
+
+
+etl--head-state: aws--login ## Download the head of the ETL state
+	AWS_DEFAULT_REGION=$(AWS_DEFAULT_REGION) AWS_ACCESS_KEY_ID=$(AWS_ACCESS_KEY_ID) AWS_SECRET_ACCESS_KEY=$(AWS_SECRET_ACCESS_KEY) AWS_SESSION_TOKEN=$(AWS_SESSION_TOKEN) poetry run python scripts/etl/head_etl.py "$(WORKSPACE)"
diff --git a/scripts/etl/head_etl.py b/scripts/etl/head_etl.py
new file mode 100644
index 000000000..bfba17e5c
--- /dev/null
+++ b/scripts/etl/head_etl.py
@@ -0,0 +1,85 @@
+"""
+Run with
+
+    poetry run python scripts/etl/head_etl.py
+"""
+
+import json
+import sys
+from functools import partial
+
+import boto3
+from changelog.changelog_precommit import PATH_TO_ROOT
+from etl_utils.constants import CHANGELOG_NUMBER, WorkerKey
+from etl_utils.io import EtlEncoder, pkl_load_lz4
+from mypy_boto3_s3 import S3Client
+
+from test_helpers.aws_session import aws_session
+from test_helpers.terraform import read_terraform_output
+
+
+def _get_object(s3_client: S3Client, bucket, key):
+    try:
+        response = s3_client.get_object(Bucket=bucket, Key=key)
+        return response["Body"]
+    except:
+        return None
+
+
+def _ldif_head(s3_client: S3Client, bucket, key):
+    head = None
+    body = _get_object(s3_client=s3_client, bucket=bucket, key=key)
+    if body:
+        head, *_ = body.read().split(b"\n\n")
+    return head
+
+
+def _pkl_loads_head(s3_client: S3Client, bucket, key):
+    head = None
+    body = _get_object(s3_client=s3_client, bucket=bucket, key=key)
+    if body:
+        items = pkl_load_lz4(body)
+        if items:
+            head = items[0].decode()
+    return head
+
+
+def main(workspace):
+    etl_bucket = (
+        f"nhse-cpm--{workspace}--sds--etl"
+        if workspace
+        else read_terraform_output("sds_etl.value.bucket")
+    )
+
+    with aws_session():
+        s3_client = boto3.client("s3")
+        get_object = partial(_get_object, s3_client=s3_client)
+        ldif_head = partial(_ldif_head, s3_client=s3_client)
+        pkl_loads_head = partial(_pkl_loads_head, s3_client=s3_client)
+
+        body = get_object(bucket=etl_bucket, key=CHANGELOG_NUMBER)
+        changelog_number = body.read().decode() if body else body
+
+        extract_head = ldif_head(bucket=etl_bucket, key=WorkerKey.EXTRACT)
+        transform_head = pkl_loads_head(bucket=etl_bucket, key=WorkerKey.TRANSFORM)
+        load_head = pkl_loads_head(bucket=etl_bucket, key=WorkerKey.LOAD)
+
+    path = PATH_TO_ROOT / ".downloads" / "etl-head.json"
+    with open(path, "w") as f:
+        json.dump(
+            fp=f,
+            obj={
+                "changelog_number": changelog_number,
+                "extract": extract_head.decode(),
+                "transform": transform_head,
+                "load": load_head,
+            },
+            cls=EtlEncoder,
+            indent=2,
+        )
+    print("Written to", path)  # noqa
+
+
+if __name__ == "__main__":
+    _, workspace = sys.argv
+    main(workspace)
diff --git a/scripts/etl/ldif_cleanup.py b/scripts/etl/ldif_cleanup.py
new file mode 100644
index 000000000..51386568d
--- /dev/null
+++ b/scripts/etl/ldif_cleanup.py
@@ -0,0 +1,110 @@
+"""
+A script that filters and removes objects from an LDIF that won't pass the ETL.
+Useful for cleaning up the INT bulk data.
+
+This script isn't particularly intended to have a long life. General instructions are to either do:
+
+    ldif_cleanup("local/path/to/file.ldif")
+
+or (slower)
+
+    ldif_cleanup("s3://path/to/file.ldif", boto3.client("s3"))
+
+and it will save a file in your root dir called 'good.ldif' that has only good
+nhsMhs and nhsAccreditedSystem objects in them, i.e. those which are guaranteed
+to be successfully processed by the ETL.
+
+It's not particularly optimised, either timewise or memorywise, so:
+* you better have some ok memory on your laptop,
+* it'll take a few minutes
+
+Oh, and you'll need to install 'tqdm', thanks!
+"""
+
+import json
+from collections import deque
+from io import BytesIO
+from pathlib import Path
+
+from domain.core.load_questionnaire import render_questionnaire
+from domain.core.questionnaires import QuestionnaireInstance
+from etl_utils.io import EtlEncoder
+from etl_utils.ldif.ldif import filter_ldif_from_s3_by_property, parse_ldif
+from etl_utils.worker.action import apply_action
+from event.json import json_loads
+from mypy_boto3_s3 import S3Client
+from sds.cpm_translation import translate
+from sds.domain.constants import FILTER_TERMS
+from sds.domain.parse import parse_sds_record
+from tqdm import tqdm
+
+
+def ldif_cleanup(s3_input_path: str, s3_client: S3Client) -> Path:
+    filtered_ldif = filter_ldif_from_s3_by_property(
+        s3_path=s3_input_path, filter_terms=FILTER_TERMS, s3_client=s3_client
+    )
+
+    spine_device_questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_DEVICE, questionnaire_version=1
+    )
+    spine_endpoint_questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_ENDPOINT, questionnaire_version=1
+    )
+
+    _spine_device_questionnaire = spine_device_questionnaire.dict()
+    _spine_endpoint_questionnaire = spine_endpoint_questionnaire.dict()
+
+    all_keys = set()
+
+    good_rows = []
+    for row in tqdm(filtered_ldif.tobytes().split(b"\n\n")):
+        unprocessed_records = deque(parse_ldif(file_opener=BytesIO, path_or_data=row))
+        processed_records = deque()
+
+        exception = apply_action(
+            unprocessed_records=unprocessed_records,
+            processed_records=processed_records,
+            action=lambda record: parse_sds_record(*record).dict(),
+            record_serializer=lambda dn_and_record: json_loads(
+                json.dumps(dn_and_record[1], cls=EtlEncoder)
+            ),
+        )
+        if exception:
+            raise exception
+
+        processed_transform_records = deque()
+        exception = apply_action(
+            unprocessed_records=processed_records,
+            processed_records=processed_transform_records,
+            action=lambda record: translate(
+                obj=record,
+                spine_device_questionnaire=spine_device_questionnaire,
+                _spine_device_questionnaire=_spine_device_questionnaire,
+                spine_endpoint_questionnaire=spine_endpoint_questionnaire,
+                _spine_endpoint_questionnaire=_spine_endpoint_questionnaire,
+                _trust=True,
+                repository=None,
+            ),
+        )
+        if exception:
+            continue
+
+        is_duplicate = False
+        for transform_events in processed_transform_records:
+            ((_, event),) = transform_events.items()
+            device_key = event.get("key")
+            if device_key:
+                is_duplicate = device_key in all_keys
+                all_keys.add(device_key)
+            if is_duplicate:
+                break
+
+        if not is_duplicate:
+            good_rows.append(row)
+
+    with open("good.ldif", "w") as f:
+        f.write(b"\n\n".join(good_rows).decode())
+
+
+if __name__ == "__main__":
+    ldif_cleanup(s3_input_path="~/Downloads/538684.ldif", s3_client=None)
diff --git a/src/conftest.py b/src/conftest.py
index bf6271167..59da9ffb3 100644
--- a/src/conftest.py
+++ b/src/conftest.py
@@ -11,7 +11,7 @@
     log_capture_global_fixture as log_capture_global,
 )
 from nhs_context_logging.formatters import json_serializer
-from pytest import Config, FixtureRequest, Item, fixture
+from pytest import Config, FixtureRequest, Item, Parser, fixture
 
 from test_helpers.aws_session import aws_session
 from test_helpers.constants import PROJECT_ROOT
@@ -19,6 +19,10 @@
 from test_helpers.terraform import read_terraform_output
 
 
+def pytest_addoption(parser: Parser):
+    parser.addoption("--suppress-logs", action="store", default=False)
+
+
 def is_integration(request: FixtureRequest) -> bool:
     return request.node.get_closest_marker("integration") is not None
 
@@ -65,9 +69,14 @@ def pytest_collection_modifyitems(items: list[Item], config: Config):
 
 
 @fixture(autouse=True)
-def log_on_failure(request: FixtureRequest, log_capture):
+def log_on_failure(pytestconfig: Config, request: FixtureRequest, log_capture):
     setup_logger(request.node.name)
 
+    if pytestconfig.getoption("suppress_logs") is not False:
+        from nhs_context_logging import app_logger
+
+        app_logger.log = lambda *args, **kwargs: None
+
     exception = None
     try:
         yield
@@ -76,7 +85,8 @@ def log_on_failure(request: FixtureRequest, log_capture):
 
     std_out, std_err = log_capture
     for log in (*std_out, *std_err):
-        print(json.dumps(log, indent=2, default=json_serializer))  # noqa: T201
+        if pytestconfig.getoption("suppress_logs") is False:
+            print(json.dumps(log, indent=2, default=json_serializer))  # noqa: T201
 
     if isinstance(exception, Exception):
         raise exception
diff --git a/src/etl/sds/tests/changelog/changelog_components/add/accredited_system.ldif b/src/etl/sds/tests/changelog/changelog_components/add/accredited_system.ldif
new file mode 100644
index 000000000..138b3f622
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/add/accredited_system.ldif
@@ -0,0 +1,16 @@
+dn: uniqueIdentifier=000173655515,ou=Services,o=nhs
+changeType: add
+objectClass: nhsAS
+objectClass: top
+nhsApproverURP: uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs
+nhsAsClient: K83015
+nhsAsSvcIA: urn:nhs:names:services:pdsquery:QUQI_IN010000UK14
+nhsDateApproved: 20091016133823
+nhsDateRequested: 20091016133757
+nhsIDCode: K83015
+nhsMHSPartyKey: K83015-806782
+nhsProductKey: 6216
+nhsProductName: TPP SystmOne
+nhsRequestorURP: uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs
+nhsTempUid: 10312
+uniqueIdentifier: 000173655515
diff --git a/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.AnotherWithSameUniqueIdentifier.ldif b/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.AnotherWithSameUniqueIdentifier.ldif
new file mode 100644
index 000000000..d5d403ee9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.AnotherWithSameUniqueIdentifier.ldif
@@ -0,0 +1,24 @@
+dn: uniqueIdentifier=00000a84594b2ef34279,ou=Services,o=nhs
+changeType: add
+objectClass: nhsMhs
+objectClass: top
+nhsApproverURP: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+nhsContractPropertyTemplateKey: 14
+nhsDateApproved: 20231030092939
+nhsDateDNSApproved: 20231030092939
+nhsDateRequested: 20231030092906
+nhsDNSApprover: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+nhsEPInteractionType: FHIR
+nhsIDCode: C3O9X
+nhsMhsCPAId: 00000a84594b2ef34279
+nhsMHSEndPoint: https://test.C3O9X.nhs.uk/
+nhsMhsFQDN: test.C3O9X.nhs.uk
+nhsMHsIN: READ_PRACTITIONER_ROLE_R4_V001
+nhsMHSIsAuthenticated: none
+nhsMHSPartyKey: C3O9X-123456
+nhsMHsSN: urn:nhs:names:services:ers
+nhsMhsSvcIA: urn:nhs:names:services:ers:ABCDEFG
+nhsProductKey: 11929
+nhsProductVersion: Mar2023
+nhsRequestorURP: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+uniqueIdentifier: 00000a84594b2ef34279
diff --git a/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.ldif b/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.ldif
new file mode 100644
index 000000000..694db4354
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/add/message_handling_system.ldif
@@ -0,0 +1,24 @@
+dn: uniqueIdentifier=00000a84594b2ef34279,ou=Services,o=nhs
+changeType: add
+objectClass: nhsMhs
+objectClass: top
+nhsApproverURP: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+nhsContractPropertyTemplateKey: 14
+nhsDateApproved: 20231030092939
+nhsDateDNSApproved: 20231030092939
+nhsDateRequested: 20231030092906
+nhsDNSApprover: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+nhsEPInteractionType: FHIR
+nhsIDCode: C3O9X
+nhsMhsCPAId: 00000a84594b2ef34279
+nhsMHSEndPoint: https://test.C3O9X.nhs.uk/
+nhsMhsFQDN: test.C3O9X.nhs.uk
+nhsMHsIN: READ_PRACTITIONER_ROLE_R4_V001
+nhsMHSIsAuthenticated: none
+nhsMHSPartyKey: C3O9X-823610
+nhsMHsSN: urn:nhs:names:services:ers
+nhsMhsSvcIA: urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001
+nhsProductKey: 11929
+nhsProductVersion: Mar2023
+nhsRequestorURP: uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs
+uniqueIdentifier: 00000a84594b2ef34279
diff --git a/src/etl/sds/tests/changelog/changelog_components/delete/accredited_system.ldif b/src/etl/sds/tests/changelog/changelog_components/delete/accredited_system.ldif
new file mode 100644
index 000000000..fd9ac7175
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/delete/accredited_system.ldif
@@ -0,0 +1,5 @@
+dn: uniqueIdentifier=000173655515,ou=Services,o=nhs
+objectClass: delete
+objectClass: top
+changeType: delete
+uniqueIdentifier: 000173655515
diff --git a/src/etl/sds/tests/changelog/changelog_components/delete/message_handling_system.ldif b/src/etl/sds/tests/changelog/changelog_components/delete/message_handling_system.ldif
new file mode 100644
index 000000000..dcae648e2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/delete/message_handling_system.ldif
@@ -0,0 +1,5 @@
+dn: uniqueIdentifier=00000a84594b2ef34279,ou=Services,o=nhs
+objectClass: delete
+objectClass: top
+changeType: delete
+uniqueIdentifier: 00000a84594b2ef34279
diff --git a/src/etl/sds/tests/changelog/changelog_components/delete/unknown_entity.ldif b/src/etl/sds/tests/changelog/changelog_components/delete/unknown_entity.ldif
new file mode 100644
index 000000000..aa14cffbe
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/delete/unknown_entity.ldif
@@ -0,0 +1,5 @@
+dn: uniqueIdentifier=1234,ou=Services,o=nhs
+objectClass: delete
+objectClass: top
+changeType: delete
+uniqueIdentifier: 1234
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_approver_urp.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_approver_urp.ldif
new file mode 100644
index 000000000..466b457f0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_approver_urp.ldif
@@ -0,0 +1,2 @@
+add: nhsApproverURP
+nhsApproverURP: fooApprover
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.AlreadyExists.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.AlreadyExists.ldif
new file mode 100644
index 000000000..995f19887
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.AlreadyExists.ldif
@@ -0,0 +1,2 @@
+add: nhsAsClient
+nhsAsClient: K83015
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.Another.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.Another.ldif
new file mode 100644
index 000000000..250c1536f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.Another.ldif
@@ -0,0 +1,2 @@
+add: nhsAsClient
+nhsAsClient: CCC
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.ldif
new file mode 100644
index 000000000..c35b014d1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_client.ldif
@@ -0,0 +1,2 @@
+add: nhsAsClient
+nhsAsClient: AAA
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_svc_ia.ldif
new file mode 100644
index 000000000..a492cb974
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_as_svc_ia.ldif
@@ -0,0 +1,2 @@
+add: nhsAsSvcIA
+nhsAsSvcIA: urn:nhs:names:services:pdsquery:123456
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_product_name.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_product_name.ldif
new file mode 100644
index 000000000..e2b07c195
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/add/nhs_product_name.ldif
@@ -0,0 +1,2 @@
+add: nhsProductName
+nhsProductName: fooProduct
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/base.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/base.ldif
new file mode 100644
index 000000000..0472699e1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/base.ldif
@@ -0,0 +1,6 @@
+dn: uniqueIdentifier=000173655515,ou=Services,o=nhs
+changeType: modify
+<<TEMPLATE>>
+objectClass: modify
+objectClass: top
+uniqueIdentifier: 000173655515
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_approver_urp.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_approver_urp.ldif
new file mode 100644
index 000000000..e7b140506
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_approver_urp.ldif
@@ -0,0 +1 @@
+delete: nhsApproverURP
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_client.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_client.ldif
new file mode 100644
index 000000000..e9ec10116
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_client.ldif
@@ -0,0 +1 @@
+delete: nhsAsClient
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_svc_ia.ldif
new file mode 100644
index 000000000..5467a462f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_as_svc_ia.ldif
@@ -0,0 +1 @@
+delete: nhsAsSvcIA
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_product_name.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_product_name.ldif
new file mode 100644
index 000000000..8fa24cd3c
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/delete/nhs_product_name.ldif
@@ -0,0 +1 @@
+delete: nhsProductName
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.TooManyValues.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.TooManyValues.ldif
new file mode 100644
index 000000000..b33b565d6
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.TooManyValues.ldif
@@ -0,0 +1,3 @@
+replace: nhsApproverURP
+nhsApproverURP: fooApprover
+nhsApproverURP: anotherApprover
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.ldif
new file mode 100644
index 000000000..58a43a463
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_approver_urp.ldif
@@ -0,0 +1,2 @@
+replace: nhsApproverURP
+nhsApproverURP: fooApprover
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_client.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_client.ldif
new file mode 100644
index 000000000..a3a8ee8d1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_client.ldif
@@ -0,0 +1,3 @@
+replace: nhsAsClient
+nhsAsClient: AAA
+nhsAsClient: BBB
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_svc_ia.ldif
new file mode 100644
index 000000000..fa59ab397
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_as_svc_ia.ldif
@@ -0,0 +1,3 @@
+replace: nhsAsSvcIA
+nhsAsSvcIA: urn:nhs:names:services:pdsquery:45678
+nhsAsSvcIA: urn:nhs:names:services:pdsquery:78910
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_product_name.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_product_name.ldif
new file mode 100644
index 000000000..84812459e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/accredited_system/replace/nhs_product_name.ldif
@@ -0,0 +1,2 @@
+replace: nhsProductName
+nhsProductName: fooProduct
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_ep_interaction_type.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_ep_interaction_type.ldif
new file mode 100644
index 000000000..e122e11c9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_ep_interaction_type.ldif
@@ -0,0 +1,2 @@
+add: nhsEPInteractionType
+nhsEPInteractionType: foo
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_id_code.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_id_code.ldif
new file mode 100644
index 000000000..ea6e53b01
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_id_code.ldif
@@ -0,0 +1,2 @@
+add: nhsIDCode
+nhsIDCode: AAA
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.InvalidValue.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.InvalidValue.ldif
new file mode 100644
index 000000000..2061fe5b8
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.InvalidValue.ldif
@@ -0,0 +1,2 @@
+add: nhsMHSAckRequested
+nhsMHSAckRequested: foo
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.ldif
new file mode 100644
index 000000000..d70267242
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_ack_requested.ldif
@@ -0,0 +1,2 @@
+add: nhsMHSAckRequested
+nhsMHSAckRequested: never
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_party_key.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_party_key.ldif
new file mode 100644
index 000000000..0fb614b0a
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_party_key.ldif
@@ -0,0 +1,2 @@
+add: nhsMHSPartyKey
+nhsMHSPartyKey: AAA-823610
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_svc_ia.ldif
new file mode 100644
index 000000000..8202a3090
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/add/nhs_mhs_svc_ia.ldif
@@ -0,0 +1,2 @@
+add: nhsMhsSvcIA
+nhsMhsSvcIA: urn:nhs:names:services:ers:12345
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/base.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/base.ldif
new file mode 100644
index 000000000..eb462a8a2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/base.ldif
@@ -0,0 +1,6 @@
+dn: uniqueIdentifier=00000a84594b2ef34279,ou=Services,o=nhs
+changeType: modify
+<<TEMPLATE>>
+objectClass: modify
+objectClass: top
+uniqueIdentifier: 00000a84594b2ef34279
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_ep_interaction_type.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_ep_interaction_type.ldif
new file mode 100644
index 000000000..caf3fd9a3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_ep_interaction_type.ldif
@@ -0,0 +1 @@
+delete: nhsEPInteractionType
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_id_code.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_id_code.ldif
new file mode 100644
index 000000000..603a07d7d
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_id_code.ldif
@@ -0,0 +1 @@
+delete: nhsIDCode
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_ack_requested.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_ack_requested.ldif
new file mode 100644
index 000000000..78fd656d9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_ack_requested.ldif
@@ -0,0 +1 @@
+delete: nhsMHSAckRequested
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_party_key.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_party_key.ldif
new file mode 100644
index 000000000..25b961e4f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_party_key.ldif
@@ -0,0 +1 @@
+delete: nhsMHSPartyKey
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_svc_ia.ldif
new file mode 100644
index 000000000..0814b8050
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/delete/nhs_mhs_svc_ia.ldif
@@ -0,0 +1 @@
+delete: nhsMhsSvcIA
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.InvalidValue.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.InvalidValue.ldif
new file mode 100644
index 000000000..d21a00148
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.InvalidValue.ldif
@@ -0,0 +1,2 @@
+replace: nhsEPInteractionType
+nhsEPInteractionType: foo
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.ldif
new file mode 100644
index 000000000..96f87afaf
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_ep_interaction_type.ldif
@@ -0,0 +1,2 @@
+replace: nhsEPInteractionType
+nhsEPInteractionType: EBXML
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_id_code.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_id_code.ldif
new file mode 100644
index 000000000..37fafe890
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_id_code.ldif
@@ -0,0 +1,2 @@
+replace: nhsIDCode
+nhsIDCode: AAA
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.InvalidValue.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.InvalidValue.ldif
new file mode 100644
index 000000000..78fdb7f84
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.InvalidValue.ldif
@@ -0,0 +1,2 @@
+replace: nhsMHSAckRequested
+nhsMHSAckRequested: foo
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.TooManyValues.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.TooManyValues.ldif
new file mode 100644
index 000000000..c70afd93d
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.TooManyValues.ldif
@@ -0,0 +1,3 @@
+replace: nhsMHSAckRequested
+nhsMHSAckRequested: never
+nhsMHSAckRequested: always
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.ldif
new file mode 100644
index 000000000..ec29defaa
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_ack_requested.ldif
@@ -0,0 +1,2 @@
+replace: nhsMHSAckRequested
+nhsMHSAckRequested: always
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_party_key.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_party_key.ldif
new file mode 100644
index 000000000..8b98929c2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_party_key.ldif
@@ -0,0 +1,2 @@
+replace: nhsMHSPartyKey
+nhsMHSPartyKey: AAA-823610
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_svc_ia.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_svc_ia.ldif
new file mode 100644
index 000000000..2e2bcd8eb
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/message_handling_system/replace/nhs_mhs_svc_ia.ldif
@@ -0,0 +1,2 @@
+replace: nhsMhsSvcIA
+nhsMhsSvcIA: urn:nhs:names:services:ers:12345
diff --git a/src/etl/sds/tests/changelog/changelog_components/modify/unknown_entity.ldif b/src/etl/sds/tests/changelog/changelog_components/modify/unknown_entity.ldif
new file mode 100644
index 000000000..039a30d41
--- /dev/null
+++ b/src/etl/sds/tests/changelog/changelog_components/modify/unknown_entity.ldif
@@ -0,0 +1,8 @@
+dn: uniqueIdentifier=1234,ou=Services,o=nhs
+changeType: modify
+add: foo
+foo: 123
+-
+objectClass: modify
+objectClass: top
+uniqueIdentifier: 1234
diff --git a/src/etl/sds/tests/changelog/conftest.py b/src/etl/sds/tests/changelog/conftest.py
new file mode 100644
index 000000000..32c30fffc
--- /dev/null
+++ b/src/etl/sds/tests/changelog/conftest.py
@@ -0,0 +1,128 @@
+import os
+import sys
+from collections import deque
+from copy import deepcopy
+from importlib.util import module_from_spec, spec_from_file_location
+from pathlib import Path
+from typing import Generator
+from unittest import mock
+
+import boto3
+import pytest
+from etl_utils.io import pkl_dumps_lz4
+from etl_utils.worker.model import WorkerEnvironment
+from moto import mock_aws
+from mypy_boto3_dynamodb import DynamoDBClient
+from mypy_boto3_s3 import S3Client
+
+from test_helpers.dynamodb import mock_table
+from test_helpers.terraform import read_terraform_output
+
+from .utils import Scenario
+
+SCENARIO_PATHS = list((Path(__file__).parent.glob("scenarios/*/*")))
+
+TABLE_NAME = "my-table"
+ETL_BUCKET = "etl-bucket"
+
+
+@pytest.fixture
+def dynamodb_client() -> Generator[DynamoDBClient, None, None]:
+    with mock_table(table_name=TABLE_NAME) as client:
+        yield client
+
+
+@pytest.fixture
+def s3_client() -> Generator[S3Client, None, None]:
+    with mock.patch.dict(
+        os.environ, {"AWS_DEFAULT_REGION": "us-east-1"}, clear=True
+    ), mock_aws():
+        client = boto3.client("s3")
+        yield client
+
+
+@pytest.fixture
+def scenario(request: pytest.FixtureRequest) -> Scenario:
+    scenario_path: Path = request.param
+    scenario_name = f"{scenario_path.parent.name}/{scenario_path.name}"
+
+    spec = spec_from_file_location(scenario_name, str(scenario_path / "__init__.py"))
+    module = module_from_spec(spec)
+    sys.modules[scenario_name] = module
+    spec.loader.exec_module(module)
+    return module.SCENARIO
+
+
+def parametrize_over_scenarios():
+    return pytest.mark.parametrize(
+        "scenario",
+        SCENARIO_PATHS,
+        indirect=True,
+        ids=list(map(lambda path: f"{path.parent.name}/{path.name}", SCENARIO_PATHS)),
+    )
+
+
+@pytest.fixture
+def extract_handler(scenario: Scenario, s3_client: S3Client):
+    s3_client.create_bucket(Bucket=ETL_BUCKET)
+    s3_client.put_object(
+        Bucket=ETL_BUCKET,
+        Key="input--extract/unprocessed",
+        Body=scenario.extract_input,
+    )
+    s3_client.put_object(
+        Bucket=ETL_BUCKET,
+        Key="input--transform/unprocessed",
+        Body=pkl_dumps_lz4(deque()),
+    )
+
+    with mock.patch.dict(
+        os.environ,
+        {"ETL_BUCKET": ETL_BUCKET, "AWS_DEFAULT_REGION": "us-east-1"},
+        clear=True,
+    ):
+        from etl.sds.worker.extract import extract
+
+        extract.ENVIRONMENT = WorkerEnvironment.build()
+        extract.S3_CLIENT = s3_client
+        yield extract.handler
+
+
+@pytest.fixture
+def transform_handler(scenario: Scenario):
+    etl_bucket = read_terraform_output("sds_etl.value.bucket")
+
+    original_environ = deepcopy(os.environ)
+
+    os.environ["ETL_BUCKET"] = etl_bucket
+    os.environ["TABLE_NAME"] = read_terraform_output("dynamodb_table_name.value")
+
+    from etl.sds.worker.transform import transform
+
+    transform.S3_CLIENT.put_object(
+        Bucket=etl_bucket,
+        Key="input--transform/unprocessed",
+        Body=pkl_dumps_lz4(deque(scenario.extract_output)),
+    )
+    transform.S3_CLIENT.put_object(
+        Bucket=etl_bucket,
+        Key="input--load/unprocessed",
+        Body=pkl_dumps_lz4(deque()),
+    )
+
+    yield transform.handler
+
+    os.environ = original_environ
+
+
+@pytest.fixture
+def load_handler(scenario: Scenario):
+    original_environ = deepcopy(os.environ)
+
+    os.environ["ETL_BUCKET"] = read_terraform_output("sds_etl.value.bucket")
+    os.environ["TABLE_NAME"] = read_terraform_output("dynamodb_table_name.value")
+
+    from etl.sds.worker.load import load
+
+    yield load.handler
+    os.environ = original_environ
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/__init__.py
new file mode 100644
index 000000000..79e902048
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/extract_output.json
new file mode 100644
index 000000000..10ebeacb4
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/load_output.json
new file mode 100644
index 000000000..fb87d7855
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_new_key_creates_new_device/load_output.json
@@ -0,0 +1,98 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/__init__.py
new file mode 100644
index 000000000..53f9fcae0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/__init__.py
@@ -0,0 +1,24 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_DELETE_NHS_PRODUCT_NAME = create_modify_ldif(
+    "delete/nhs_product_name.ldif", device_type="accredited_system"
+)
+_ADD_NHS_PRODUCT_NAME = create_modify_ldif(
+    "add/nhs_product_name.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _DELETE_NHS_PRODUCT_NAME,
+        _ADD_NHS_PRODUCT_NAME,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/extract_output.json
new file mode 100644
index 000000000..a8f5a27ae
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/extract_output.json
@@ -0,0 +1,41 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["delete", "nhsproductname", []]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsproductname", ["fooProduct"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/load_output.json
new file mode 100644
index 000000000..9cbb611d0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_optional_field_after_deleted_updates_all/load_output.json
@@ -0,0 +1,98 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] },
+            { "nhs_product_name": ["fooProduct"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] },
+            { "nhs_product_name": ["fooProduct"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/__init__.py
new file mode 100644
index 000000000..7c1981ffe
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_ADD_NHS_AS_SVC_IA = create_modify_ldif(
+    "add/nhs_as_svc_ia.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT, _ADD_NHS_AS_SVC_IA],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/extract_output.json
new file mode 100644
index 000000000..5e8dc9ff8
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/extract_output.json
@@ -0,0 +1,37 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [
+      ["add", "nhsassvcia", ["urn:nhs:names:services:pdsquery:123456"]]
+    ],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/load_output.json
new file mode 100644
index 000000000..40a505846
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/adding_to_list_field_appends_new_value_to_all/load_output.json
@@ -0,0 +1,100 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14",
+                "urn:nhs:names:services:pdsquery:123456"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14",
+                "urn:nhs:names:services:pdsquery:123456"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/__init__.py
new file mode 100644
index 000000000..0dfe07700
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.AlreadyExists.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/extract_output.json
new file mode 100644
index 000000000..8d01f89c3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["K83015"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/transform.error
new file mode 100644
index 000000000..bb9145cb5
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_existing_key/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (AccreditedSystemAlreadyExists) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['add', 'nhsasclient', ['K83015']]], 'unique_identifier': '000173655515'}
+  Accredited System with ODS code 'K83015' already exists
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/__init__.py
new file mode 100644
index 000000000..1f16eb5a5
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_APPROVER_URP = create_modify_ldif(
+    "add/nhs_approver_urp.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_APPROVER_URP]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/extract_output.json
new file mode 100644
index 000000000..0b15cb446
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsapproverurp", ["fooApprover"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/transform.error
new file mode 100644
index 000000000..530c8eed1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_add_mandatory_field/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['add', 'nhsapproverurp', ['fooApprover']]], 'unique_identifier': '000173655515'}
+  1 validation error for NhsAccreditedSystem
+  nhsapproverurp
+    str type expected (type=type_error.str)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/__init__.py
new file mode 100644
index 000000000..712511121
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/__init__.py
@@ -0,0 +1,15 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    DELETE_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[ADD_ACCREDITED_SYSTEM, DELETE_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/extract_output.json
new file mode 100644
index 000000000..bf0688fb1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/extract_output.json
@@ -0,0 +1,34 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "delete",
+    "change_type": "delete",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/load_output.json
new file mode 100644
index 000000000..40f69ae78
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_create_new_devices_from_inactive_device/load_output.json
@@ -0,0 +1,50 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/__init__.py
new file mode 100644
index 000000000..bd003d9fe
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_APPROVER_URP = create_modify_ldif(
+    "delete/nhs_approver_urp.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _DELETE_NHS_APPROVER_URP]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/extract_output.json
new file mode 100644
index 000000000..a9d11389f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["delete", "nhsapproverurp", []]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/transform.error
new file mode 100644
index 000000000..a69b55494
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_field/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (CannotDeleteMandatoryField) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['delete', 'nhsapproverurp', []]], 'unique_identifier': '000173655515'}
+  Field 'nhs_approver_urp' cannot be deleted
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/__init__.py
new file mode 100644
index 000000000..5bab2a9ed
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/__init__.py
@@ -0,0 +1,21 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_DELETE_NHS_AS_SVC_IA = create_modify_ldif(
+    "delete/nhs_as_svc_ia.ldif", device_type="accredited_system"
+)
+
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _DELETE_NHS_AS_SVC_IA,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/extract_output.json
new file mode 100644
index 000000000..71a653a74
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/extract_output.json
@@ -0,0 +1,35 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["delete", "nhsassvcia", []]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/transform.error
new file mode 100644
index 000000000..3d509c443
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_mandatory_list_field/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (CannotDeleteMandatoryField) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['delete', 'nhsassvcia', []]], 'unique_identifier': '000173655515'}
+  Field 'nhs_as_svc_ia' cannot be deleted
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/__init__.py
new file mode 100644
index 000000000..d80ee1547
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_AS_CLIENT = create_modify_ldif(
+    "delete/nhs_as_client.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _DELETE_NHS_AS_CLIENT]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/extract_output.json
new file mode 100644
index 000000000..c37a63b3f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["delete", "nhsasclient", []]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/transform.error
new file mode 100644
index 000000000..9ef7766e7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_delete_nhs_as_client/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['delete', 'nhsasclient', []]], 'unique_identifier': '000173655515'}
+  Forbidden to delete NhsAccreditedSystem.nhs_as_client
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/__init__.py
new file mode 100644
index 000000000..0c58fa4a3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/__init__.py
@@ -0,0 +1,20 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_REPLACE_NHS_APPROVER_URP = create_modify_ldif(
+    "replace/nhs_approver_urp.TooManyValues.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _REPLACE_NHS_APPROVER_URP,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/extract_output.json
new file mode 100644
index 000000000..e41032bf4
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/extract_output.json
@@ -0,0 +1,37 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [
+      ["replace", "nhsapproverurp", ["fooApprover", "anotherApprover"]]
+    ],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/transform.error b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/transform.error
new file mode 100644
index 000000000..f580988ab
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/cannot_replace_non_list_field_with_list/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'object_class': 'modify', 'change_type': 'modify', 'modifications': [['replace', 'nhsapproverurp', ['fooApprover', 'anotherApprover']]], 'unique_identifier': '000173655515'}
+  1 validation error for NhsAccreditedSystem
+  nhsapproverurp
+    str type expected (type=type_error.str)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/__init__.py
new file mode 100644
index 000000000..04871fe24
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/__init__.py
@@ -0,0 +1,14 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    DELETE_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT, DELETE_ACCREDITED_SYSTEM],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/extract_output.json
new file mode 100644
index 000000000..6e74907e7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/extract_output.json
@@ -0,0 +1,34 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "delete",
+    "change_type": "delete",
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/load_output.json
new file mode 100644
index 000000000..e0923d0a2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/delete_deletes_all_devices/load_output.json
@@ -0,0 +1,98 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/__init__.py
new file mode 100644
index 000000000..10238836a
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/__init__.py
@@ -0,0 +1,21 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_DELETE_NHS_PRODUCT_NAME = create_modify_ldif(
+    "delete/nhs_product_name.ldif", device_type="accredited_system"
+)
+
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _DELETE_NHS_PRODUCT_NAME,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/extract_output.json
new file mode 100644
index 000000000..20b6f3b8e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/extract_output.json
@@ -0,0 +1,35 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["delete", "nhsproductname", []]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/load_output.json
new file mode 100644
index 000000000..d34549bd7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/deleting_optional_field_deletes_from_all/load_output.json
@@ -0,0 +1,96 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/__init__.py
new file mode 100644
index 000000000..87adc9ba0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/__init__.py
@@ -0,0 +1,22 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    DELETE_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_REPLACE_NHS_AS_SVC_IA = create_modify_ldif(
+    "replace/nhs_as_svc_ia.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        DELETE_ACCREDITED_SYSTEM,
+        _REPLACE_NHS_AS_SVC_IA,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/extract_output.json
new file mode 100644
index 000000000..840f116c9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/extract_output.json
@@ -0,0 +1,49 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "delete",
+    "change_type": "delete",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [
+      [
+        "replace",
+        "nhsassvcia",
+        [
+          "urn:nhs:names:services:pdsquery:45678",
+          "urn:nhs:names:services:pdsquery:78910"
+        ]
+      ]
+    ],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/load_output.json
new file mode 100644
index 000000000..e0923d0a2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/inactive_devices_not_affected_by_updates/load_output.json
@@ -0,0 +1,98 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/__init__.py
new file mode 100644
index 000000000..855bbf6ea
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/__init__.py
@@ -0,0 +1,24 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_AS_CLIENT = create_modify_ldif(
+    "replace/nhs_as_client.ldif", device_type="accredited_system"
+)
+_ADD_NHS_AS_SVC_IA = create_modify_ldif(
+    "add/nhs_as_svc_ia.ldif", device_type="accredited_system"
+)
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.Another.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _REPLACE_NHS_AS_CLIENT,
+        _ADD_NHS_AS_SVC_IA,
+        _ADD_NHS_AS_CLIENT,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/extract_output.json
new file mode 100644
index 000000000..5bd200fee
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["replace", "nhsasclient", ["AAA", "BBB"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [
+      ["add", "nhsassvcia", ["urn:nhs:names:services:pdsquery:123456"]]
+    ],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["CCC"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/load_output.json
new file mode 100644
index 000000000..e976b6357
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/new_devices_are_created_from_latest_active_device/load_output.json
@@ -0,0 +1,197 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14",
+                "urn:nhs:names:services:pdsquery:123456"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "BBB:000173655515": {
+        "key": "BBB:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "BBB",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["BBB"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14",
+                "urn:nhs:names:services:pdsquery:123456"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "CCC:000173655515": {
+        "key": "CCC:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "CCC",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["CCC"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14",
+                "urn:nhs:names:services:pdsquery:123456"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/__init__.py
new file mode 100644
index 000000000..25c45b8fd
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/__init__.py
@@ -0,0 +1,12 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_AS_CLIENT = create_modify_ldif(
+    "replace/nhs_as_client.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__, extract_input=[ADD_ACCREDITED_SYSTEM, _REPLACE_NHS_AS_CLIENT]
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/extract_output.json
new file mode 100644
index 000000000..9b7420747
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/extract_output.json
@@ -0,0 +1,29 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["replace", "nhsasclient", ["AAA", "BBB"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/load_output.json
new file mode 100644
index 000000000..6e715f9bd
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_key_deletes_and_creates_devices/load_output.json
@@ -0,0 +1,142 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "inactive",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "BBB:000173655515": {
+        "key": "BBB:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "BBB",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["BBB"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/__init__.py
new file mode 100644
index 000000000..f3498c211
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_REPLACE_NHS_AS_SVC_IA = create_modify_ldif(
+    "replace/nhs_as_svc_ia.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[ADD_ACCREDITED_SYSTEM, _ADD_NHS_AS_CLIENT, _REPLACE_NHS_AS_SVC_IA],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/extract_output.json
new file mode 100644
index 000000000..548566d90
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/extract_output.json
@@ -0,0 +1,44 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [
+      [
+        "replace",
+        "nhsassvcia",
+        [
+          "urn:nhs:names:services:pdsquery:45678",
+          "urn:nhs:names:services:pdsquery:78910"
+        ]
+      ]
+    ],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/load_output.json
new file mode 100644
index 000000000..a0ce5db61
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_list_field_updates_all/load_output.json
@@ -0,0 +1,100 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:45678",
+                "urn:nhs:names:services:pdsquery:78910"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:45678",
+                "urn:nhs:names:services:pdsquery:78910"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/__init__.py
new file mode 100644
index 000000000..ddddff88d
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/__init__.py
@@ -0,0 +1,20 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_REPLACE_NHS_APPROVER_URP = create_modify_ldif(
+    "replace/nhs_approver_urp.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _REPLACE_NHS_APPROVER_URP,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/extract_output.json
new file mode 100644
index 000000000..49f04c69c
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/extract_output.json
@@ -0,0 +1,35 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["replace", "nhsapproverurp", ["fooApprover"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/load_output.json
new file mode 100644
index 000000000..a4a8545e7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_mandatory_field_updates_all/load_output.json
@@ -0,0 +1,94 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": ["fooApprover"]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": ["fooApprover"]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["TPP SystmOne"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/__init__.py b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/__init__.py
new file mode 100644
index 000000000..e126f10c0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/__init__.py
@@ -0,0 +1,20 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ACCREDITED_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_AS_CLIENT = create_modify_ldif(
+    "add/nhs_as_client.ldif", device_type="accredited_system"
+)
+_REPLACE_NHS_PRODUCT_NAME = create_modify_ldif(
+    "replace/nhs_product_name.ldif", device_type="accredited_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_ACCREDITED_SYSTEM,
+        _ADD_NHS_AS_CLIENT,
+        _REPLACE_NHS_PRODUCT_NAME,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/extract_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/extract_output.json
new file mode 100644
index 000000000..5e993afc9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/extract_output.json
@@ -0,0 +1,35 @@
+[
+  {
+    "change_type": "add",
+    "description": null,
+    "nhs_approver_urp": "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_as_acf": null,
+    "nhs_as_category_bag": null,
+    "nhs_as_client": ["K83015"],
+    "nhs_as_svc_ia": ["urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"],
+    "nhs_date_approved": "20091016133823",
+    "nhs_date_requested": "20091016133757",
+    "nhs_id_code": "K83015",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "K83015-806782",
+    "nhs_product_key": "6216",
+    "nhs_product_name": "TPP SystmOne",
+    "nhs_product_version": null,
+    "nhs_requestor_urp": "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs",
+    "nhs_temp_uid": "10312",
+    "object_class": "nhsAS",
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["add", "nhsasclient", ["AAA"]]],
+    "unique_identifier": "000173655515"
+  },
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "modifications": [["replace", "nhsproductname", ["fooProduct"]]],
+    "unique_identifier": "000173655515"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/load_output.json b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/load_output.json
new file mode 100644
index 000000000..dedf46823
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/accredited_system/replacing_optional_field_updates_all/load_output.json
@@ -0,0 +1,98 @@
+[
+  {
+    "keys": {
+      "K83015:000173655515": {
+        "key": "K83015:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "K83015",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["fooProduct"] },
+            { "nhs_as_client": ["K83015"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  },
+  {
+    "keys": {
+      "AAA:000173655515": {
+        "key": "AAA:000173655515",
+        "type": "accredited_system_id"
+      }
+    },
+    "name": "TPP SystmOne",
+    "ods_code": "AAA",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "questionnaire_responses": {
+      "spine_device/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsAS"] },
+            { "unique_identifier": ["000173655515"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueIdentifier=102583034545,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_approved": ["20091016133823"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueIdentifier=203171972540,uniqueIdentifier=352307522545,uid=432776896545,ou=People,o=nhs"
+              ]
+            },
+
+            { "nhs_date_requested": ["20091016133757"] },
+            { "nhs_id_code": ["K83015"] },
+            { "nhs_mhs_party_key": ["K83015-806782"] },
+            { "nhs_product_key": ["6216"] },
+            { "nhs_product_name": ["fooProduct"] },
+            { "nhs_as_client": ["AAA"] },
+            {
+              "nhs_as_svc_ia": [
+                "urn:nhs:names:services:pdsquery:QUQI_IN010000UK14"
+              ]
+            },
+            { "nhs_temp_uid": ["10312"] }
+          ]
+        }
+      ]
+    },
+    "status": "active",
+    "type": "product"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/__init__.py
new file mode 100644
index 000000000..865b80ac3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/__init__.py
@@ -0,0 +1,15 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_ANOTHER_MESSAGE_HANDLING_SYSTEM_WITH_SAME_UNIQUE_IDENTIFIER,
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    DELETE_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+)
+
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        DELETE_MESSAGE_HANDLING_SYSTEM,
+        ADD_ANOTHER_MESSAGE_HANDLING_SYSTEM_WITH_SAME_UNIQUE_IDENTIFIER,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/extract_output.json
new file mode 100644
index 000000000..7d5102e90
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/extract_output.json
@@ -0,0 +1,77 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "delete",
+    "object_class": "delete",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-123456",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:ABCDEFG",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/load_output.json
new file mode 100644
index 000000000..1afcc826e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_and_delete_device_with_same_unique_identifier/load_output.json
@@ -0,0 +1,116 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "inactive",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  },
+  {
+    "name": "C3O9X:C3O9X-123456:urn:nhs:names:services:ers:ABCDEFG",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-123456:urn:nhs:names:services:ers:ABCDEFG": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-123456:urn:nhs:names:services:ers:ABCDEFG"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-123456"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": ["urn:nhs:names:services:ers:ABCDEFG"]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/__init__.py
new file mode 100644
index 000000000..e4de4bc66
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "add/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/extract_output.json
new file mode 100644
index 000000000..ae58d4349
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhsackrequested", ["never"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/load_output.json
new file mode 100644
index 000000000..280e74333
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_add_optional_field/load_output.json
@@ -0,0 +1,61 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_mhs_ack_requested": ["never"] }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/__init__.py
new file mode 100644
index 000000000..634259490
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/__init__.py
@@ -0,0 +1,13 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    DELETE_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+)
+
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        DELETE_MESSAGE_HANDLING_SYSTEM,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/extract_output.json
new file mode 100644
index 000000000..bdfe728c2
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/extract_output.json
@@ -0,0 +1,42 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "delete",
+    "object_class": "delete",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/load_output.json
new file mode 100644
index 000000000..17d89050d
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_device/load_output.json
@@ -0,0 +1,60 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "inactive",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/__init__.py
new file mode 100644
index 000000000..08198890e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/__init__.py
@@ -0,0 +1,20 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "add/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+_DELETE_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "delete/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_ACK_REQUESTED,
+        _DELETE_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/extract_output.json
new file mode 100644
index 000000000..24d6d18f9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/extract_output.json
@@ -0,0 +1,49 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhsackrequested", ["never"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsmhsackrequested", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/load_output.json
new file mode 100644
index 000000000..ac37d7d2a
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_delete_optional_field/load_output.json
@@ -0,0 +1,60 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/__init__.py
new file mode 100644
index 000000000..dfc1d019a
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/__init__.py
@@ -0,0 +1,20 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "add/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+_REPLACE_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "replace/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_ACK_REQUESTED,
+        _REPLACE_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/extract_output.json
new file mode 100644
index 000000000..f18628594
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/extract_output.json
@@ -0,0 +1,49 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhsackrequested", ["never"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["replace", "nhsmhsackrequested", ["always"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/load_output.json
new file mode 100644
index 000000000..7de0b2519
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/can_replace_optional_field/load_output.json
@@ -0,0 +1,61 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_mhs_ack_requested": ["always"] }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/__init__.py
new file mode 100644
index 000000000..941cdd0c3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "add/nhs_mhs_ack_requested.InvalidValue.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/extract_output.json
new file mode 100644
index 000000000..6c7cf566e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhsackrequested", ["foo"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/transform.error
new file mode 100644
index 000000000..1bbcf3f55
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_invalid_value_to_optional_field/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['add', 'nhsmhsackrequested', ['foo']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  1 validation error for NhsMhs
+  nhsmhsackrequested
+    value is not a valid enumeration member; permitted: 'always', 'never' (type=type_error.enum; enum_values=[<YesNoAnswer.ALWAYS: 'always'>, <YesNoAnswer.NEVER: 'never'>])
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/__init__.py
new file mode 100644
index 000000000..6298051a1
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_ID_CODE = create_modify_ldif(
+    "add/nhs_id_code.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_ID_CODE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/extract_output.json
new file mode 100644
index 000000000..860e90250
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsidcode", ["AAA"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/transform.error
new file mode 100644
index 000000000..75afa9b36
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_id_code/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['add', 'nhsidcode', ['AAA']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to add NhsMhs.nhs_id_code
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/__init__.py
new file mode 100644
index 000000000..350c6bc44
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_PARTY_KEY = create_modify_ldif(
+    "add/nhs_mhs_party_key.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_PARTY_KEY,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/extract_output.json
new file mode 100644
index 000000000..0f7d57210
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhspartykey", ["AAA-823610"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/transform.error
new file mode 100644
index 000000000..ced6d173e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_party_key/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['add', 'nhsmhspartykey', ['AAA-823610']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to add NhsMhs.nhs_mhs_party_key
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/__init__.py
new file mode 100644
index 000000000..c6c5414a7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_SVC_IA = create_modify_ldif(
+    "add/nhs_mhs_svc_ia.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_SVC_IA,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/extract_output.json
new file mode 100644
index 000000000..84934efcc
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/extract_output.json
@@ -0,0 +1,45 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [
+      ["add", "nhsmhssvcia", ["urn:nhs:names:services:ers:12345"]]
+    ],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/transform.error
new file mode 100644
index 000000000..f3c3f7d06
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_key_field_nhs_mhs_svc_ia/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['add', 'nhsmhssvcia', ['urn:nhs:names:services:ers:12345']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to add NhsMhs.nhs_mhs_svc_ia
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/__init__.py
new file mode 100644
index 000000000..851634a05
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_EP_INTERACTION_TYPE = create_modify_ldif(
+    "add/nhs_ep_interaction_type.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_EP_INTERACTION_TYPE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/extract_output.json
new file mode 100644
index 000000000..3188b8176
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsepinteractiontype", ["foo"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/transform.error
new file mode 100644
index 000000000..b544f1007
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_add_mandatory_value/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['add', 'nhsepinteractiontype', ['foo']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  1 validation error for NhsMhs
+  nhsepinteractiontype
+    value is not a valid enumeration member; permitted: 'fhir', 'hl7', 'ebxml', 'N/A', 'mshsignalsonly' (type=type_error.enum; enum_values=[<InteractionType.FHIR: 'fhir'>, <InteractionType.HL7: 'hl7'>, <InteractionType.EBXML: 'ebxml'>, <InteractionType.NA: 'N/A'>, <InteractionType.MSHSIGNALSONLY: 'mshsignalsonly'>])
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/__init__.py
new file mode 100644
index 000000000..a05460ac9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_ID_CODE = create_modify_ldif(
+    "delete/nhs_id_code.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_ID_CODE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/extract_output.json
new file mode 100644
index 000000000..2a91563f9
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsidcode", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/transform.error
new file mode 100644
index 000000000..cc9c3e7d3
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_id_code/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['delete', 'nhsidcode', []]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to delete NhsMhs.nhs_id_code
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/__init__.py
new file mode 100644
index 000000000..8dbf11b51
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_MHS_PARTY_KEY = create_modify_ldif(
+    "delete/nhs_mhs_party_key.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _DELETE_NHS_MHS_PARTY_KEY,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/extract_output.json
new file mode 100644
index 000000000..491cc0787
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsmhspartykey", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/transform.error
new file mode 100644
index 000000000..dd588e5e0
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_party_key/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['delete', 'nhsmhspartykey', []]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to delete NhsMhs.nhs_mhs_party_key
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/__init__.py
new file mode 100644
index 000000000..cf5a54e49
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_MHS_SVC_IA = create_modify_ldif(
+    "delete/nhs_mhs_svc_ia.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _DELETE_NHS_MHS_SVC_IA,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/extract_output.json
new file mode 100644
index 000000000..fd2636b7e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsmhssvcia", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/transform.error
new file mode 100644
index 000000000..718c4f770
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_key_field_nhs_mhs_svc_ia/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (InvalidModificationRequest) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['delete', 'nhsmhssvcia', []]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Forbidden to delete NhsMhs.nhs_mhs_svc_ia
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/__init__.py
new file mode 100644
index 000000000..c9ffa7647
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_EP_INTERACTION_TYPE = create_modify_ldif(
+    "delete/nhs_ep_interaction_type.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _DELETE_NHS_EP_INTERACTION_TYPE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/extract_output.json
new file mode 100644
index 000000000..1e964c601
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsepinteractiontype", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/transform.error
new file mode 100644
index 000000000..b1cf99a1e
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_mandatory_field/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (CannotDeleteMandatoryField) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['delete', 'nhsepinteractiontype', []]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Field 'nhs_ep_interaction_type' cannot be deleted
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/__init__.py
new file mode 100644
index 000000000..0a2c85e4b
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_DELETE_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "delete/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _DELETE_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/extract_output.json
new file mode 100644
index 000000000..91c69d533
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["delete", "nhsmhsackrequested", []]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/transform.error
new file mode 100644
index 000000000..d49b9e334
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_delete_optional_field_that_does_currently_exist/transform.error
@@ -0,0 +1,5 @@
+The following errors were encountered
+  -- Error 1 (NothingToDelete) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['delete', 'nhsmhsackrequested', []]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  Field 'nhs_mhs_ack_requested' cannot be deleted
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/__init__.py
new file mode 100644
index 000000000..dea05e9cc
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/__init__.py
@@ -0,0 +1,17 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_EP_INTERACTION_TYPE = create_modify_ldif(
+    "replace/nhs_ep_interaction_type.InvalidValue.ldif",
+    device_type="message_handling_system",
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _REPLACE_NHS_EP_INTERACTION_TYPE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/extract_output.json
new file mode 100644
index 000000000..ed1ba2828
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["replace", "nhsepinteractiontype", ["foo"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/transform.error
new file mode 100644
index 000000000..305d9a878
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_mandatory_field_with_invalid_value/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['replace', 'nhsepinteractiontype', ['foo']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  1 validation error for NhsMhs
+  nhsepinteractiontype
+    value is not a valid enumeration member; permitted: 'fhir', 'hl7', 'ebxml', 'N/A', 'mshsignalsonly' (type=type_error.enum; enum_values=[<InteractionType.FHIR: 'fhir'>, <InteractionType.HL7: 'hl7'>, <InteractionType.EBXML: 'ebxml'>, <InteractionType.NA: 'N/A'>, <InteractionType.MSHSIGNALSONLY: 'mshsignalsonly'>])
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/__init__.py
new file mode 100644
index 000000000..1b0a94a40
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/__init__.py
@@ -0,0 +1,21 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_ADD_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "add/nhs_mhs_ack_requested.ldif", device_type="message_handling_system"
+)
+_REPLACE_NHS_MHS_ACK_REQUESTED = create_modify_ldif(
+    "replace/nhs_mhs_ack_requested.TooManyValues.ldif",
+    device_type="message_handling_system",
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _ADD_NHS_MHS_ACK_REQUESTED,
+        _REPLACE_NHS_MHS_ACK_REQUESTED,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/extract_output.json
new file mode 100644
index 000000000..bfa8aa453
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/extract_output.json
@@ -0,0 +1,49 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["add", "nhsmhsackrequested", ["never"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["replace", "nhsmhsackrequested", ["never", "always"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/transform.error b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/transform.error
new file mode 100644
index 000000000..7968d8632
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/cannot_replace_non_list_field_with_list_field/transform.error
@@ -0,0 +1,7 @@
+The following errors were encountered
+  -- Error 1 (ValidationError) --
+  Failed to parse record 0
+  {'change_type': 'modify', 'modifications': [['replace', 'nhsmhsackrequested', ['never', 'always']]], 'object_class': 'modify', 'unique_identifier': '00000a84594b2ef34279'}
+  1 validation error for NhsMhs
+  nhsmhsackrequested
+    value is not a valid enumeration member; permitted: 'always', 'never' (type=type_error.enum; enum_values=[<YesNoAnswer.ALWAYS: 'always'>, <YesNoAnswer.NEVER: 'never'>])
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/__init__.py
new file mode 100644
index 000000000..293bb9825
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_ID_CODE = create_modify_ldif(
+    "replace/nhs_id_code.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _REPLACE_NHS_ID_CODE,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/extract_output.json
new file mode 100644
index 000000000..d3b357d3f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["replace", "nhsidcode", ["AAA"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/load_output.json
new file mode 100644
index 000000000..42d84d81f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_id_code/load_output.json
@@ -0,0 +1,118 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "inactive",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  },
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "AAA",
+    "keys": {
+      "AAA:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "AAA:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["AAA"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/__init__.py
new file mode 100644
index 000000000..ee5813fde
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_MHS_PARTY_KEY = create_modify_ldif(
+    "replace/nhs_mhs_party_key.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _REPLACE_NHS_MHS_PARTY_KEY,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/extract_output.json
new file mode 100644
index 000000000..e2b42c345
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/extract_output.json
@@ -0,0 +1,43 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [["replace", "nhsmhspartykey", ["AAA-823610"]]],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/load_output.json
new file mode 100644
index 000000000..f26ecfe30
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_party_key/load_output.json
@@ -0,0 +1,118 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "inactive",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  },
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:AAA-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:AAA-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["AAA-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/__init__.py b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/__init__.py
new file mode 100644
index 000000000..84c249ab5
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/__init__.py
@@ -0,0 +1,16 @@
+from etl.sds.tests.changelog.utils import (
+    ADD_MESSAGE_HANDLING_SYSTEM,
+    _Scenario,
+    create_modify_ldif,
+)
+
+_REPLACE_NHS_MHS_SVC_IA = create_modify_ldif(
+    "replace/nhs_mhs_svc_ia.ldif", device_type="message_handling_system"
+)
+SCENARIO = _Scenario(
+    file_path=__file__,
+    extract_input=[
+        ADD_MESSAGE_HANDLING_SYSTEM,
+        _REPLACE_NHS_MHS_SVC_IA,
+    ],
+)
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/extract_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/extract_output.json
new file mode 100644
index 000000000..f756d682f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/extract_output.json
@@ -0,0 +1,45 @@
+[
+  {
+    "change_type": "add",
+    "nhs_approver_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_contract_property_template_key": "14",
+    "nhs_date_approved": "20231030092939",
+    "nhs_date_dns_approved": "20231030092939",
+    "nhs_date_requested": "20231030092906",
+    "nhs_dns_approver": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "nhs_ep_interaction_type": "fhir",
+    "nhs_id_code": "C3O9X",
+    "nhs_mhs_ack_requested": null,
+    "nhs_mhs_actor": null,
+    "nhs_mhs_cpa_id": "00000a84594b2ef34279",
+    "nhs_mhs_duplicate_elimination": null,
+    "nhs_mhs_end_point": "https://test.C3O9X.nhs.uk/",
+    "nhs_mhs_fqdn": "test.C3O9X.nhs.uk",
+    "nhs_mhs_in": "READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_ip_address": null,
+    "nhs_mhs_is_authenticated": "none",
+    "nhs_mhs_manufacturer_org": null,
+    "nhs_mhs_party_key": "C3O9X-823610",
+    "nhs_mhs_persist_duration": null,
+    "nhs_mhs_retries": null,
+    "nhs_mhs_retry_interval": null,
+    "nhs_mhs_service_description": null,
+    "nhs_mhs_sn": "urn:nhs:names:services:ers",
+    "nhs_mhs_svc_ia": "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "nhs_mhs_sync_reply_mode": null,
+    "nhs_product_key": "11929",
+    "nhs_product_name": null,
+    "nhs_product_version": "Mar2023",
+    "nhs_requestor_urp": "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs",
+    "object_class": "nhsMhs",
+    "unique_identifier": "00000a84594b2ef34279"
+  },
+  {
+    "change_type": "modify",
+    "modifications": [
+      ["replace", "nhsmhssvcia", ["urn:nhs:names:services:ers:12345"]]
+    ],
+    "object_class": "modify",
+    "unique_identifier": "00000a84594b2ef34279"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/load_output.json b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/load_output.json
new file mode 100644
index 000000000..509a65238
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/message_handling_system/replacing_key_field_deletes_and_creates_device_nhs_mhs_svc_ia/load_output.json
@@ -0,0 +1,114 @@
+[
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "active",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:12345": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:12345"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            { "nhs_mhs_svc_ia": ["urn:nhs:names:services:ers:12345"] },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  },
+  {
+    "name": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001",
+    "type": "endpoint",
+    "status": "inactive",
+    "product_team_id": "12345678-1234-5678-1234-567812345678",
+    "ods_code": "C3O9X",
+    "keys": {
+      "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001": {
+        "type": "message_handling_system_id",
+        "key": "C3O9X:C3O9X-823610:urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+      }
+    },
+    "questionnaire_responses": {
+      "spine_endpoint/1": [
+        {
+          "responses": [
+            { "object_class": ["nhsMhs"] },
+            { "unique_identifier": ["00000a84594b2ef34279"] },
+            {
+              "nhs_approver_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_contract_property_template_key": ["14"] },
+            { "nhs_date_approved": ["20231030092939"] },
+            { "nhs_date_dns_approved": ["20231030092939"] },
+            { "nhs_date_requested": ["20231030092906"] },
+            {
+              "nhs_dns_approver": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            },
+            { "nhs_ep_interaction_type": ["fhir"] },
+            { "nhs_id_code": ["C3O9X"] },
+            { "nhs_mhs_cpa_id": ["00000a84594b2ef34279"] },
+            { "nhs_mhs_end_point": ["https://test.C3O9X.nhs.uk/"] },
+            { "nhs_mhs_fqdn": ["test.C3O9X.nhs.uk"] },
+            { "nhs_mhs_in": ["READ_PRACTITIONER_ROLE_R4_V001"] },
+            { "nhs_mhs_is_authenticated": ["none"] },
+            { "nhs_mhs_party_key": ["C3O9X-823610"] },
+            { "nhs_mhs_sn": ["urn:nhs:names:services:ers"] },
+            {
+              "nhs_mhs_svc_ia": [
+                "urn:nhs:names:services:ers:READ_PRACTITIONER_ROLE_R4_V001"
+              ]
+            },
+            { "nhs_product_key": ["11929"] },
+            { "nhs_product_version": ["Mar2023"] },
+            {
+              "nhs_requestor_urp": [
+                "uniqueidentifier=555050304105,uniqueidentifier=555008548101,uid=555008545108,ou=people, o=nhs"
+              ]
+            }
+          ]
+        }
+      ]
+    }
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/__init__.py b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/__init__.py
new file mode 100644
index 000000000..65ddc7a19
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/__init__.py
@@ -0,0 +1,3 @@
+from etl.sds.tests.changelog.utils import DELETE_UNKNOWN_ENTITY, _Scenario
+
+SCENARIO = _Scenario(file_path=__file__, extract_input=[DELETE_UNKNOWN_ENTITY])
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/extract_output.json b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/extract_output.json
new file mode 100644
index 000000000..76949d5a7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/extract_output.json
@@ -0,0 +1,7 @@
+[
+  {
+    "object_class": "delete",
+    "change_type": "delete",
+    "unique_identifier": "1234"
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/load_output.json b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/load_output.json
new file mode 100644
index 000000000..fe51488c7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/deleting_unknown_entity_silently_passes/load_output.json
@@ -0,0 +1 @@
+[]
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/__init__.py b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/__init__.py
new file mode 100644
index 000000000..83c40de6d
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/__init__.py
@@ -0,0 +1,3 @@
+from etl.sds.tests.changelog.utils import MODIFY_UNKNOWN_ENTITY, _Scenario
+
+SCENARIO = _Scenario(file_path=__file__, extract_input=[MODIFY_UNKNOWN_ENTITY])
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/extract_output.json b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/extract_output.json
new file mode 100644
index 000000000..c46ccff9f
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/extract_output.json
@@ -0,0 +1,8 @@
+[
+  {
+    "object_class": "modify",
+    "change_type": "modify",
+    "unique_identifier": "1234",
+    "modifications": [["add", "foo", ["123"]]]
+  }
+]
diff --git a/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/load_output.json b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/load_output.json
new file mode 100644
index 000000000..fe51488c7
--- /dev/null
+++ b/src/etl/sds/tests/changelog/scenarios/unknown_entity/modifying_unknown_entity_silently_passes/load_output.json
@@ -0,0 +1 @@
+[]
diff --git a/src/etl/sds/tests/changelog/test_changelog_scenarios.py b/src/etl/sds/tests/changelog/test_changelog_scenarios.py
new file mode 100644
index 000000000..f83e67078
--- /dev/null
+++ b/src/etl/sds/tests/changelog/test_changelog_scenarios.py
@@ -0,0 +1,137 @@
+from copy import deepcopy
+from typing import Generator
+
+import pytest
+from domain.core.device import Device
+from domain.repository.device_repository import DeviceRepository
+from domain.repository.keys import TableKeys
+from domain.repository.marshall import unmarshall
+from etl_utils.io import pkl_load_lz4
+from event.aws.client import dynamodb_client as get_dynamodb_client
+from mypy_boto3_s3 import S3Client
+
+from etl.sds.worker.load.tests.test_load_worker import MockDeviceRepository
+from test_helpers.terraform import read_terraform_output
+
+from .conftest import ETL_BUCKET, parametrize_over_scenarios
+from .utils import Handler, Scenario, convert_list_likes, device_as_json_dict
+
+
+def get_first_key(device: dict[str, dict[str, str]]):
+    keys = list(device.get("keys", {"": ""}).keys())
+    return keys[0]
+
+
+def sort_devices(devices: list[dict]):
+    devices_without_dates = []
+    for device in devices:
+        _device = deepcopy(device)
+        _device.pop("created_on", None)
+        _device.pop("deleted_on", None)
+        _device.pop("updated_on", None)
+        devices_without_dates.append(_device)
+
+    sorted_devices = sorted(
+        devices_without_dates,
+        key=lambda device: (
+            device.get("name"),
+            device.get("ods_code"),
+            get_first_key(device),
+        ),
+    )
+    responses = [
+        response
+        for device in sorted_devices
+        for questionnaire_responses in device.get(
+            "questionnaire_responses", {}
+        ).values()
+        for questionnaire_response in questionnaire_responses
+        for response in questionnaire_response["responses"]
+    ]
+    for response in responses:
+        ((field, answers),) = response.items()
+        response[field] = sorted(answers)
+
+    return sorted_devices
+
+
+class EtlError(Exception):
+    pass
+
+
+class MockDeviceRepository(DeviceRepository):
+    def all_devices(self) -> Generator[Device, None, None]:
+        response = self.client.scan(TableName=self.table_name)
+        items = list(map(unmarshall, response["Items"]))
+        devices = list(TableKeys.DEVICE.filter(items, key="sk"))
+        for device in devices:
+            yield self.read(id=device["id"])
+
+
+@parametrize_over_scenarios()
+def test_extract(scenario: Scenario, extract_handler: Handler, s3_client: S3Client):
+    handler_response = extract_handler(event={}, context=None)
+    error_message = handler_response.get("error_message")
+    assert not error_message, error_message
+
+    response = s3_client.get_object(
+        Bucket=ETL_BUCKET, Key="input--transform/unprocessed"
+    )
+    actual_extract_output = pkl_load_lz4(response["Body"])
+    assert convert_list_likes(actual_extract_output) == convert_list_likes(
+        scenario.extract_output
+    )
+
+
+def run_transform_and_load(transform_handler: Handler, load_handler: Handler):
+    unprocessed_transform_records = None
+    while unprocessed_transform_records is None or unprocessed_transform_records > 0:
+        transform_response = transform_handler(
+            event={"max_records": 1, "trust": False}, context=None
+        )
+        error_message = transform_response.get("error_message")
+        if error_message:
+            raise EtlError(error_message)
+        unprocessed_transform_records = transform_response.get("unprocessed_records")
+
+        unprocessed_load_records = None
+        while unprocessed_load_records is None or unprocessed_load_records > 0:
+            load_response = load_handler(event={"max_records": 1}, context=None)
+            error_message = load_response.get("error_message")
+            if error_message:
+                raise EtlError(error_message)
+            unprocessed_load_records = load_response.get("unprocessed_records")
+
+
+@pytest.mark.integration
+@parametrize_over_scenarios()
+def test_transform_and_load(
+    scenario: Scenario, transform_handler: Handler, load_handler: Handler
+):
+    try:
+        run_transform_and_load(
+            transform_handler=transform_handler, load_handler=load_handler
+        )
+    except EtlError as error:
+        if not scenario.expected_errors:
+            raise
+        (expected_error_snippet,) = scenario.expected_errors
+        try:
+            assert expected_error_snippet in str(error)
+        except AssertionError:
+            print("Snippet not found in error message, see below diff:")  # noqa: T201
+            assert str(error) == expected_error_snippet
+        return
+
+    n_expected_errors = len(scenario.expected_errors)
+    assert (
+        n_expected_errors == 0
+    ), f"{n_expected_errors} errors were expected but none were raised"
+
+    dynamodb_client = get_dynamodb_client()
+    table_name = read_terraform_output("dynamodb_table_name.value")
+    repo = MockDeviceRepository(table_name=table_name, dynamodb_client=dynamodb_client)
+    devices = list(map(device_as_json_dict, repo.all_devices()))
+    assert len(devices) == len(scenario.load_output), devices
+
+    assert sort_devices(devices) == sort_devices(scenario.load_output), devices
diff --git a/src/etl/sds/tests/changelog/utils.py b/src/etl/sds/tests/changelog/utils.py
new file mode 100644
index 000000000..0cdd2ffdd
--- /dev/null
+++ b/src/etl/sds/tests/changelog/utils.py
@@ -0,0 +1,120 @@
+from collections import deque
+from pathlib import Path
+from typing import Any, Literal, Protocol
+
+from domain.core.device import Device
+from event.json import json_load, json_loads
+
+PATH_TO_HERE = Path(__file__).parent / "changelog_components"
+
+
+def read_ldif(relative_path: str):
+    with open(PATH_TO_HERE / relative_path) as f:
+        return f.read().strip("\n")
+
+
+def create_modify_ldif(
+    *relative_paths: str,
+    device_type: Literal["accredited_system", "message_handling_system"],
+):
+    with open(PATH_TO_HERE / "modify" / device_type / "base.ldif") as f:
+        base = f.read()
+
+    components = list(
+        map(lambda path: read_ldif(f"modify/{device_type}/{path}"), relative_paths)
+    )
+    return base.replace("<<TEMPLATE>>", "\n-\n".join(components))
+
+
+class Handler(Protocol):
+    def __call__(self, event, context) -> dict[str, any]:
+        ...
+
+
+class Scenario(Protocol):
+    @property
+    def extract_input(self) -> str:
+        ...
+
+    @property
+    def database_initial_state(self) -> str:
+        ...
+
+    @property
+    def extract_output(self) -> str:
+        ...
+
+    @property
+    def transform_output(self) -> str:
+        ...
+
+    @property
+    def load_output(self) -> str:
+        ...
+
+    @property
+    def expected_errors(self) -> list[str]:
+        ...
+
+
+class _Scenario:
+    def __init__(self, file_path: str, extract_input: list[str]):
+        self.root = Path(file_path).parent
+        self.name = self.root.name
+        self.extract_input = "\n\n".join(extract_input)
+
+    def __getattribute__(self, name: str) -> Any:
+        try:
+            return super().__getattribute__(name)
+        except AttributeError:
+            if name == "expected_errors":
+                expected_errors = []
+                error_files = filter(
+                    lambda path: path.suffix == ".error", self.root.iterdir()
+                )
+                for path in error_files:
+                    with open(file=path) as f:
+                        expected_errors.append(f.read())
+                return expected_errors
+            else:
+                with open(self.root / f"{name}.json") as f:
+                    return json_load(f)
+
+
+obj_likes = (list, set, deque, tuple, dict)
+
+
+def convert_list_likes(obj: tuple | set | deque | list | dict):
+    if isinstance(obj, (list, set, deque, tuple)):
+        _list = list if any(isinstance(item, obj_likes) for item in obj) else sorted
+        _obj = _list(map(convert_list_likes, obj))
+    elif isinstance(obj, dict):
+        _obj = {k: convert_list_likes(v) for k, v in obj.items()}
+    else:
+        _obj = obj
+    return _obj
+
+
+def device_as_json_dict(device: Device) -> dict:
+    _device: dict = json_loads(device.json())
+    _device.pop("id")
+    _device["keys"] = {k: json_loads(key.json()) for k, key in device.keys.items()}
+    _device["questionnaire_responses"] = {
+        k: [
+            json_loads(questionnaire_response.json(exclude={"questionnaire"}))
+            for questionnaire_response in questionnaire_responses
+        ]
+        for k, questionnaire_responses in device.questionnaire_responses.items()
+    }
+    return _device
+
+
+ADD_ACCREDITED_SYSTEM = read_ldif("add/accredited_system.ldif")
+DELETE_ACCREDITED_SYSTEM = read_ldif("delete/accredited_system.ldif")
+ADD_MESSAGE_HANDLING_SYSTEM = read_ldif("add/message_handling_system.ldif")
+DELETE_MESSAGE_HANDLING_SYSTEM = read_ldif("delete/message_handling_system.ldif")
+DELETE_UNKNOWN_ENTITY = read_ldif("delete/unknown_entity.ldif")
+MODIFY_UNKNOWN_ENTITY = read_ldif("modify/unknown_entity.ldif")
+ADD_ANOTHER_MESSAGE_HANDLING_SYSTEM_WITH_SAME_UNIQUE_IDENTIFIER = read_ldif(
+    "add/message_handling_system.AnotherWithSameUniqueIdentifier.ldif"
+)
diff --git a/src/etl/sds/tests/test_sds_etl_components.py b/src/etl/sds/tests/test_sds_etl_components.py
index dec9bbd31..b250a76a5 100644
--- a/src/etl/sds/tests/test_sds_etl_components.py
+++ b/src/etl/sds/tests/test_sds_etl_components.py
@@ -79,6 +79,13 @@ def repository():
 def execute_state_machine(
     state_machine_input: StateMachineInput, client
 ) -> StartSyncExecutionOutputTypeDef:
+    config = Config(
+        retries={
+            "max_attempts": 10,  # Increase the number of max attempts
+            "mode": "standard",  # Standard retry mode
+        }
+    )
+    client = boto3.client("stepfunctions", config=config)
     state_machine_arn = read_terraform_output("sds_etl.value.state_machine_arn")
     name = state_machine_input.name
     execution_response = client.start_execution(
@@ -266,9 +273,7 @@ def test_end_to_end_bulk_trigger(
 )
 @pytest.mark.parametrize(
     "state_machine_input",
-    [
-        StateMachineInput.bulk(changelog_number=123),
-    ],
+    [StateMachineInput.bulk(changelog_number=123)],
     indirect=True,
 )
 def test_end_to_end_changelog_delete(
diff --git a/src/etl/sds/trigger/bulk/steps.py b/src/etl/sds/trigger/bulk/steps.py
index 18e62a240..30a2a3849 100644
--- a/src/etl/sds/trigger/bulk/steps.py
+++ b/src/etl/sds/trigger/bulk/steps.py
@@ -1,6 +1,7 @@
 from pathlib import Path
 from typing import TYPE_CHECKING, TypedDict
 
+from etl_utils.constants import WorkerKey
 from etl_utils.trigger.model import StateMachineInput
 from etl_utils.trigger.operations import start_execution, validate_state_keys_are_empty
 from event.step_chain import StepChain
@@ -46,19 +47,19 @@ def _create_state_machine_input(data, cache):
 
 def _copy_to_state_machine(data, cache: Cache):
     source_bucket, source_key = data[StepChain.INIT]
-    state_machine_input: StateMachineInput = data[_create_state_machine_input]
     return cache["s3_client"].copy_object(
         Bucket=source_bucket,
-        Key=state_machine_input.init,
+        Key=WorkerKey.EXTRACT,
         CopySource=f"{source_bucket}/{source_key}",
     )
 
 
 def _copy_to_history(data, cache: Cache):
     source_bucket, source_key = data[StepChain.INIT]
+    state_machine_input: StateMachineInput = data[_create_state_machine_input]
     return cache["s3_client"].copy_object(
         Bucket=source_bucket,
-        Key=f"history/{source_key}",
+        Key=f"history/{state_machine_input.etl_type}/{source_key}",
         CopySource=f"{source_bucket}/{source_key}",
     )
 
diff --git a/src/etl/sds/trigger/bulk/tests/test_bulk_trigger.py b/src/etl/sds/trigger/bulk/tests/test_bulk_trigger.py
index 9bd1ef444..ad920b7e0 100644
--- a/src/etl/sds/trigger/bulk/tests/test_bulk_trigger.py
+++ b/src/etl/sds/trigger/bulk/tests/test_bulk_trigger.py
@@ -50,7 +50,7 @@ def test_bulk_trigger():
     etl_bucket = read_terraform_output("sds_etl.value.bucket")
     bulk_trigger_prefix = read_terraform_output("sds_etl.value.bulk_trigger_prefix")
     initial_trigger_key = f"{bulk_trigger_prefix}/{TEST_DATA_NAME}"
-    final_trigger_key = f"history/{initial_trigger_key}"
+    final_trigger_key = f"history/bulk/{initial_trigger_key}"
     table_name = read_terraform_output("dynamodb_table_name.value")
 
     client = dynamodb_client()
diff --git a/src/etl/sds/trigger/update/operations.py b/src/etl/sds/trigger/update/operations.py
index dff2af633..9ff3683ed 100644
--- a/src/etl/sds/trigger/update/operations.py
+++ b/src/etl/sds/trigger/update/operations.py
@@ -7,7 +7,7 @@
     CHANGELOG_NUMBER,
     FILTERED_OUT,
     LDAP_FILTER_ALL,
-    SDS_ORGANISATIONAL_UNIT_PEOPLE,
+    UNSUPPORTED_ORGANISATIONAL_UNITS,
     ChangelogAttributes,
 )
 from etl_utils.ldap_typing import LdapClientProtocol, LdapModuleProtocol
@@ -102,6 +102,11 @@ def get_latest_changelog_number_from_ldap(
     return int(last_changelog_number_str)
 
 
+def _filter_unsupported_organisational_units(record: dict[str, list[str]]):
+    target_dn = record["targetDN"][0].lower()
+    return any(ou in target_dn for ou in UNSUPPORTED_ORGANISATIONAL_UNITS)
+
+
 def get_changelog_entries_from_ldap(
     ldap_client: LdapClientProtocol,
     ldap: LdapModuleProtocol,
@@ -117,10 +122,7 @@ def get_changelog_entries_from_ldap(
             base=CHANGELOG_BASE,
             scope=ldap.SCOPE_ONELEVEL,
             filterstr=f"(changenumber={changelog_number})",
-            filter_function=(
-                lambda record: SDS_ORGANISATIONAL_UNIT_PEOPLE
-                in record["targetDN"][0].lower()
-            ),
+            filter_function=_filter_unsupported_organisational_units,
         )
         if record != FILTERED_OUT:
             changelog_records.append(record)
diff --git a/src/etl/sds/trigger/update/steps.py b/src/etl/sds/trigger/update/steps.py
index acaa8641f..9fc74dca5 100644
--- a/src/etl/sds/trigger/update/steps.py
+++ b/src/etl/sds/trigger/update/steps.py
@@ -2,7 +2,7 @@
 from pathlib import Path
 from typing import TYPE_CHECKING, TypedDict
 
-from etl_utils.constants import LDIF_RECORD_DELIMITER
+from etl_utils.constants import LDIF_RECORD_DELIMITER, WorkerKey
 from etl_utils.ldap_typing import LdapModuleProtocol
 from etl_utils.trigger.model import StateMachineInput
 from etl_utils.trigger.operations import start_execution, validate_state_keys_are_empty
@@ -115,10 +115,9 @@ def _parse_and_join_changelog_changes(data, cache):
 
 def _put_to_state_machine(data, cache: Cache):
     changes = data[_parse_and_join_changelog_changes]
-    state_machine_input: StateMachineInput = data[_create_state_machine_input]
 
     return cache["s3_client"].put_object(
-        Bucket=cache["etl_bucket"], Key=state_machine_input.init, Body=changes
+        Bucket=cache["etl_bucket"], Key=WorkerKey.EXTRACT, Body=changes
     )
 
 
@@ -134,10 +133,11 @@ def _start_execution(data, cache):
 def _put_to_history(data, cache: Cache):
     latest_changelog_number = data[_get_latest_changelog_number_from_ldap]
     changes = data[_parse_and_join_changelog_changes]
-    state_machine_input = data[_create_state_machine_input]
+    state_machine_input: StateMachineInput = data[_create_state_machine_input]
+
     return cache["s3_client"].put_object(
         Bucket=cache["etl_bucket"],
-        Key=f"history/changelog/{latest_changelog_number}/{state_machine_input.init}",
+        Key=f"history/{state_machine_input.etl_type}/{latest_changelog_number}/{WorkerKey.EXTRACT}",
         Body=changes,
     )
 
diff --git a/src/etl/sds/trigger/update/tests/test_update_trigger.py b/src/etl/sds/trigger/update/tests/test_update_trigger.py
index fc743ccb3..494f990cb 100644
--- a/src/etl/sds/trigger/update/tests/test_update_trigger.py
+++ b/src/etl/sds/trigger/update/tests/test_update_trigger.py
@@ -4,7 +4,7 @@
 
 import boto3
 import pytest
-from etl_utils.constants import CHANGELOG_NUMBER
+from etl_utils.constants import CHANGELOG_NUMBER, WorkerKey
 from moto import mock_aws
 
 from etl.sds.trigger.update.steps import _start_execution
@@ -165,14 +165,14 @@ def test_update(change_result):
         # Verify the history file was created
         etl_history_response = s3_client.get_object(
             Bucket=MOCKED_UPDATE_TRIGGER_ENVIRONMENT["ETL_BUCKET"],
-            Key=f"history/changelog/{int(LATEST_CHANGELOG_NUMBER)}/input--extract/unprocessed",
+            Key=f"history/update/{int(LATEST_CHANGELOG_NUMBER)}/{WorkerKey.EXTRACT}",
         )
         assert etl_history_response["Body"].read().lower() == CHANGE_AS_LDIF.lower()
 
         # Verify the ETL input file was created
         etl_input_response = s3_client.get_object(
             Bucket=MOCKED_UPDATE_TRIGGER_ENVIRONMENT["ETL_BUCKET"],
-            Key="input--extract/unprocessed",
+            Key=WorkerKey.EXTRACT,
         )
         assert etl_input_response["Body"].read().lower() == CHANGE_AS_LDIF.lower()
 
diff --git a/src/etl/sds/trigger/update/tests/test_update_trigger_operations.py b/src/etl/sds/trigger/update/tests/test_update_trigger_operations.py
index 92431aeba..8f02640d2 100644
--- a/src/etl/sds/trigger/update/tests/test_update_trigger_operations.py
+++ b/src/etl/sds/trigger/update/tests/test_update_trigger_operations.py
@@ -233,10 +233,10 @@ def test_parse_changelog_changes_with_modify():
         result
         == """dn: o=nhs,ou=services,uniqueidentifier=200000002202
 changetype: modify
-objectclass: modify
 replace: nhsAsSvcIA
 nhsAsSvcIA: urn:nhs:names:services:cpisquery:MCCI_IN010000UK13
 nhsAsSvcIA: urn:nhs:names:services:cpisquery:QUPC_IN000006GB01
+objectclass: modify
 uniqueidentifier: 200000002202"""
     )
 
diff --git a/src/etl/sds/worker/extract/extract.py b/src/etl/sds/worker/extract/extract.py
index 95eaf2f5e..f2f7169b6 100644
--- a/src/etl/sds/worker/extract/extract.py
+++ b/src/etl/sds/worker/extract/extract.py
@@ -10,7 +10,7 @@
 from etl_utils.ldif.ldif import filter_ldif_from_s3_by_property, ldif_dump, parse_ldif
 from etl_utils.smart_open import smart_open
 from etl_utils.worker.action import apply_action
-from etl_utils.worker.model import WorkerActionResponse, WorkerEnvironment
+from etl_utils.worker.model import WorkerActionResponse, WorkerEnvironment, WorkerEvent
 from etl_utils.worker.worker_step_chain import execute_step_chain
 from event.json import json_loads
 from nhs_context_logging import log_action
@@ -38,7 +38,7 @@ def _read(s3_client: "S3Client", s3_input_path: str) -> deque[dict]:
 
 
 def extract(
-    s3_client: "S3Client", s3_input_path: str, s3_output_path: str
+    s3_client: "S3Client", s3_input_path: str, s3_output_path: str, max_records: int
 ) -> WorkerActionResponse:
     unprocessed_records = _read(s3_client=s3_client, s3_input_path=s3_input_path)
 
@@ -52,6 +52,7 @@ def extract(
         record_serializer=lambda dn_and_record: json_loads(
             json.dumps(dn_and_record[1], cls=EtlEncoder)
         ),
+        max_records=max_records,
     )
 
     return WorkerActionResponse(
@@ -64,6 +65,7 @@ def extract(
 
 
 def handler(event, context):
+    max_records = WorkerEvent(**event).max_records
     response = execute_step_chain(
         action=extract,
         s3_client=S3_CLIENT,
@@ -71,5 +73,6 @@ def handler(event, context):
         s3_output_path=ENVIRONMENT.s3_path(WorkerKey.TRANSFORM),
         unprocessed_dumper=ldif_dump,
         processed_dumper=pkl_dump_lz4,
+        max_records=max_records,
     )
     return asdict(response)
diff --git a/src/etl/sds/worker/extract/tests/test_extract_worker.py b/src/etl/sds/worker/extract/tests/test_extract_worker.py
index b9300073d..0dcfda2ec 100644
--- a/src/etl/sds/worker/extract/tests/test_extract_worker.py
+++ b/src/etl/sds/worker/extract/tests/test_extract_worker.py
@@ -8,6 +8,7 @@
 from etl_utils.constants import WorkerKey
 from etl_utils.io import pkl_dumps_lz4
 from etl_utils.io.test.io_utils import pkl_loads_lz4
+from etl_utils.worker.model import WorkerEnvironment
 from moto import mock_aws
 from mypy_boto3_s3 import S3Client
 
@@ -81,6 +82,7 @@ def mock_s3_client():
     ):
         from etl.sds.worker.extract import extract
 
+        extract.ENVIRONMENT = WorkerEnvironment.build()
         extract.S3_CLIENT.create_bucket(Bucket=BUCKET_NAME)
         yield extract.S3_CLIENT
 
@@ -127,7 +129,7 @@ def test_extract_worker_pass(
     put_object(key=WorkerKey.TRANSFORM, body=pkl_dumps_lz4(initial_processed_data))
 
     # Execute the extract worker
-    response = extract.handler(event=None, context=None)
+    response = extract.handler(event={}, context=None)
     assert response == {
         "stage_name": "extract",
         "processed_records": 10,
@@ -147,6 +149,63 @@ def test_extract_worker_pass(
     assert n_final_unprocessed == 0
 
 
+@pytest.mark.parametrize("max_records", range(1, 10))
+@pytest.mark.parametrize(
+    ("initial_unprocessed_data", "initial_processed_data"),
+    [
+        ("", [PROCESSED_SDS_RECORD] * 10),
+        ("\n".join([GOOD_SDS_RECORD] * 5), [PROCESSED_SDS_RECORD] * 5),
+        ("\n".join([GOOD_SDS_RECORD] * 10), []),
+    ],
+    ids=["processed-only", "partly-processed", "unprocessed-only"],
+)
+def test_extract_worker_pass_max_records(
+    initial_unprocessed_data: str,
+    initial_processed_data: str,
+    max_records: int,
+    put_object: Callable[[str], None],
+    get_object: Callable[[str], bytes],
+):
+    from etl.sds.worker.extract import extract
+
+    # Initial state
+    n_initial_unprocessed = len(_split_ldif(initial_unprocessed_data))
+    n_initial_processed = len(initial_processed_data)
+    put_object(key=WorkerKey.EXTRACT, body=initial_unprocessed_data)
+    put_object(key=WorkerKey.TRANSFORM, body=pkl_dumps_lz4(initial_processed_data))
+
+    n_total_processed_records_expected = n_initial_processed
+    n_unprocessed_records = n_initial_unprocessed
+    while n_unprocessed_records > 0:
+        n_newly_processed_records_expected = min(n_unprocessed_records, max_records)
+        n_unprocessed_records_expected = (
+            n_unprocessed_records - n_newly_processed_records_expected
+        )
+        n_total_processed_records_expected += n_newly_processed_records_expected
+
+        # Execute the extract worker
+        response = extract.handler(event={"max_records": max_records}, context=None)
+        assert response == {
+            "stage_name": "extract",
+            "processed_records": n_total_processed_records_expected,
+            "unprocessed_records": n_unprocessed_records_expected,
+            "error_message": None,
+        }
+
+        n_unprocessed_records = response["unprocessed_records"]
+
+    # Final state
+    final_unprocessed_data: str = get_object(key=WorkerKey.EXTRACT).decode()
+    final_processed_data: str = get_object(key=WorkerKey.TRANSFORM)
+    n_final_unprocessed = len(_split_ldif(final_unprocessed_data))
+    n_final_processed = len(pkl_loads_lz4(final_processed_data))
+
+    # Confirm that everything has now been processed, and that there is no
+    # unprocessed data left in the bucket
+    assert n_final_processed == n_initial_unprocessed + n_initial_processed
+    assert n_final_unprocessed == 0
+
+
 @pytest.mark.parametrize(
     "initial_unprocessed_data",
     permutations([BAD_SDS_RECORD, GOOD_SDS_RECORD, GOOD_SDS_RECORD]),
@@ -169,36 +228,39 @@ def test_extract_worker_bad_record(
     put_object(key=WorkerKey.TRANSFORM, body=initial_processed_data)
 
     # Execute the extract worker
-    response = extract.handler(event=None, context=None)
+    response = extract.handler(event={}, context=None)
+    response["error_message"] = response["error_message"].split("\n")[:24]
+
     assert response == {
         "stage_name": "extract",
         "processed_records": n_initial_processed + bad_record_index,
         "unprocessed_records": n_initial_unprocessed - bad_record_index,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (ValidationError) --\n"
-            f"  Failed to parse record {bad_record_index}\n"
-            "  {'objectclass': ['nhsAS', 'top']}\n"
-            "  9 validation errors for NhsAccreditedSystem\n"
-            "  uniqueidentifier\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsapproverurp\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsdateapproved\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsrequestorurp\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsdaterequested\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsidcode\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsmhspartykey\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsproductkey\n"
-            "    field required (type=value_error.missing)\n"
-            "  nhsassvcia\n"
-            "    field required (type=value_error.missing)"
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (ValidationError) --",
+            f"  Failed to parse record {bad_record_index}",
+            "  {'objectclass': ['nhsAS', 'top']}",
+            "  9 validation errors for NhsAccreditedSystem",
+            "  uniqueidentifier",
+            "    field required (type=value_error.missing)",
+            "  nhsapproverurp",
+            "    field required (type=value_error.missing)",
+            "  nhsdateapproved",
+            "    field required (type=value_error.missing)",
+            "  nhsrequestorurp",
+            "    field required (type=value_error.missing)",
+            "  nhsdaterequested",
+            "    field required (type=value_error.missing)",
+            "  nhsidcode",
+            "    field required (type=value_error.missing)",
+            "  nhsmhspartykey",
+            "    field required (type=value_error.missing)",
+            "  nhsproductkey",
+            "    field required (type=value_error.missing)",
+            "  nhsassvcia",
+            "    field required (type=value_error.missing)",
+            "Traceback (most recent call last):",
+        ],
     }
 
     # Final state
@@ -234,24 +296,25 @@ def test_extract_worker_fatal_record(
     put_object(key=WorkerKey.TRANSFORM, body=initial_processed_data)
 
     # Execute the extract worker
-    response = extract.handler(event=None, context=None)
+    response = extract.handler(event={}, context=None)
 
     # The line number in the error changes for each example, so
     # substitute it for the value 'NUMBER'
-    response["error_message"] = re.sub(
+    subbed_error_message = re.sub(
         r"Line \d{1,2}", "Line NUMBER", response["error_message"]
     )
+    response["error_message"] = subbed_error_message.split("\n")[:4]
 
     assert response == {
         "stage_name": "extract",
         "processed_records": None,
         "unprocessed_records": None,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (ValueError) --\n"
-            '  Line NUMBER: First line of record does not start with "dn:": '
-            "'objectclass'"
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (ValueError) --",
+            "  Line NUMBER: First line of record does not start with \"dn:\": 'objectclass'",
+            "Traceback (most recent call last):",
+        ],
     }
 
     # Final state
diff --git a/src/etl/sds/worker/load/load.py b/src/etl/sds/worker/load/load.py
index a6e777dd1..9f166912e 100644
--- a/src/etl/sds/worker/load/load.py
+++ b/src/etl/sds/worker/load/load.py
@@ -10,7 +10,7 @@
 from etl_utils.io import pkl_dump_lz4, pkl_load_lz4
 from etl_utils.smart_open import smart_open
 from etl_utils.worker.action import apply_action
-from etl_utils.worker.model import WorkerActionResponse
+from etl_utils.worker.model import WorkerActionResponse, WorkerEvent
 from etl_utils.worker.worker_step_chain import execute_step_chain
 from event.aws.client import dynamodb_client
 from event.environment import BaseEnvironment
@@ -36,7 +36,7 @@ def s3_path(self, key) -> str:
 
 
 def load(
-    s3_client: "S3Client", s3_input_path: str, s3_output_path: str
+    s3_client: "S3Client", s3_input_path: str, s3_output_path: str, max_records: int
 ) -> WorkerActionResponse:
     with smart_open(s3_path=s3_input_path, s3_client=s3_client) as f:
         unprocessed_records: deque[dict] = pkl_load_lz4(f)
@@ -46,7 +46,7 @@ def load(
         unprocessed_records=unprocessed_records,
         processed_records=processed_records,
         action=lambda record: DeviceEventDeserializer.parse(exported_event=record),
-        max_records=MAX_RECORDS,
+        max_records=max_records,
     )
 
     return WorkerActionResponse(
@@ -57,7 +57,8 @@ def load(
     )
 
 
-def handler(event, context):
+def handler(event: dict, context):
+    max_records = WorkerEvent(**event).max_records or MAX_RECORDS
     response = execute_step_chain(
         action=load,
         s3_client=S3_CLIENT,
@@ -65,5 +66,6 @@ def handler(event, context):
         s3_output_path=None,
         unprocessed_dumper=pkl_dump_lz4,
         processed_dumper=lambda events: REPOSITORY.write(AggregateRoot(events=events)),
+        max_records=max_records,
     )
     return asdict(response)
diff --git a/src/etl/sds/worker/load/tests/test_load_worker.py b/src/etl/sds/worker/load/tests/test_load_worker.py
index 9d5a150b0..11468af09 100644
--- a/src/etl/sds/worker/load/tests/test_load_worker.py
+++ b/src/etl/sds/worker/load/tests/test_load_worker.py
@@ -170,7 +170,7 @@ def test_load_worker_pass(
         repository.write(device)
 
     # Execute the load worker
-    response = load.handler(event=None, context=None)
+    response = load.handler(event={}, context=None)
     assert response == {
         "stage_name": "load",
         "processed_records": 2 * n_initial_unprocessed,
@@ -193,6 +193,72 @@ def test_load_worker_pass(
     assert final_unprocessed_data == deque([])
 
 
+@pytest.mark.parametrize(
+    ("n_initial_unprocessed", "n_initial_processed"),
+    [(0, 10), (5, 5), (10, 0)],
+    ids=["processed-only", "partly-processed", "unprocessed-only"],
+)
+def test_load_worker_pass_max_records(
+    n_initial_unprocessed: int,
+    n_initial_processed: int,
+    put_object: Callable[[str], None],
+    get_object: Callable[[str], bytes],
+    repository: MockDeviceRepository,
+):
+    MAX_RECORDS = 7
+
+    from etl.sds.worker.load import load
+
+    # Initial state
+    _initial_unprocessed_data = [
+        device_factory(id=i + 1) for i in range(n_initial_unprocessed)
+    ]
+    initial_unprocessed_data = deque()
+    for device in _initial_unprocessed_data:
+        initial_unprocessed_data += device.export_events()
+
+    initial_processed_data = [
+        device_factory(id=(i + 1) * 1000) for i in range(n_initial_processed)
+    ]
+
+    put_object(key=WorkerKey.LOAD, body=pkl_dumps_lz4(initial_unprocessed_data))
+    for device in initial_processed_data:
+        repository.write(device)
+
+    n_unprocessed_records = len(initial_unprocessed_data)
+    while n_unprocessed_records > 0:
+        n_processed_records_expected = min(n_unprocessed_records, MAX_RECORDS)
+        n_unprocessed_records_expected = (
+            n_unprocessed_records - n_processed_records_expected
+        )
+
+        # Execute the load worker
+        response = load.handler(event={"max_records": MAX_RECORDS}, context=None)
+        assert response == {
+            "stage_name": "load",
+            # 2 x because above device_factory creates 2 events per device
+            "processed_records": n_processed_records_expected,
+            "unprocessed_records": n_unprocessed_records_expected,
+            "error_message": None,
+        }
+
+        n_unprocessed_records = response["unprocessed_records"]
+
+    # Final state
+    final_unprocessed_data = pkl_loads_lz4(get_object(key=WorkerKey.LOAD))
+    final_processed_data: list[Device] = list(repository.all_devices())
+
+    initial_ids = sorted(
+        device.id for device in _initial_unprocessed_data + initial_processed_data
+    )
+    final_processed_ids = sorted(device.id for device in final_processed_data)
+
+    # Confirm that everything has now been processed, and that there is no
+    # unprocessed data left in the bucket
+    assert final_processed_ids == initial_ids
+    assert final_unprocessed_data == deque([])
+
+
 @pytest.mark.slow
 @pytest.mark.parametrize(
     "initial_unprocessed_data",
@@ -224,18 +290,20 @@ def test_load_worker_bad_record(
     )
 
     # Execute the load worker
-    response = load.handler(event=None, context=None)
+    response = load.handler(event={}, context=None)
+    response["error_message"] = response["error_message"].split("\n")[:6]
     assert response == {
         "stage_name": "load",
         "processed_records": bad_record_index,
         "unprocessed_records": n_initial_unprocessed - bad_record_index,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (ValueError) --\n"
-            f"  Failed to parse record {bad_record_index}\n"
-            "  {}\n"
-            "  not enough values to unpack (expected 1, got 0)"
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (ValueError) --",
+            f"  Failed to parse record {bad_record_index}",
+            "  {}",
+            "  not enough values to unpack (expected 1, got 0)",
+            "Traceback (most recent call last):",
+        ],
     }
 
     # Final state
diff --git a/src/etl/sds/worker/transform/reject_duplicates.py b/src/etl/sds/worker/transform/reject_duplicates.py
index d274cc370..289d970f1 100644
--- a/src/etl/sds/worker/transform/reject_duplicates.py
+++ b/src/etl/sds/worker/transform/reject_duplicates.py
@@ -1,7 +1,9 @@
 import json
 from collections import defaultdict
-from typing import DefaultDict, Generator
+from itertools import chain
+from typing import Generator
 
+from domain.core.device import DeviceKeyAddedEvent
 from domain.core.event import ExportedEventsTypeDef
 from etl_utils.io import EtlEncoder
 
@@ -13,25 +15,26 @@ class DuplicateSdsKey(Exception):
 def _get_duplicate_events(
     exported_events: ExportedEventsTypeDef,
 ) -> Generator[tuple[str, list[list[dict]]], None, None]:
-    ids_by_key: DefaultDict[str, list[str]] = defaultdict(list)
-    events_by_id: DefaultDict[str, list[dict]] = defaultdict(list)
+    device_ids_by_device_key = defaultdict(set)
+    events_by_id = defaultdict(list)
+
     for exported_event in exported_events:
-        ((_, event),) = exported_event.items()
-        event_id = event.get("id") or event.get("entity_id")
-        device_key = event.get("key")
+        ((event_name, event),) = exported_event.items()
+        if event_name != DeviceKeyAddedEvent.public_name:
+            continue
 
-        events_by_id[event_id].append(event)
-        if device_key:
-            ids_by_key[device_key].append(event_id)
+        device_id = event["id"]
+        device_key = event["key"]
+        device_ids_by_device_key[device_key].add(device_id)
+        events_by_id[device_id].append(event)
 
-    for device_key, event_ids in ids_by_key.items():
+    for device_key, event_ids in device_ids_by_device_key.items():
         if len(event_ids) == 1:
             continue
-
-        yield (
-            device_key,
-            list(events_by_id[_event_id] for _event_id in event_ids),
+        events_for_this_key = chain.from_iterable(
+            events_by_id[_event_id] for _event_id in event_ids
         )
+        yield (device_key, list(events_for_this_key))
 
 
 def reject_duplicate_keys(exported_events: ExportedEventsTypeDef):
@@ -39,7 +42,7 @@ def reject_duplicate_keys(exported_events: ExportedEventsTypeDef):
         "\n".join(
             (
                 f"Duplicates found for device key '{device_key}'",
-                *(json.dumps(duplicates[0], cls=EtlEncoder),),
+                *(json.dumps(duplicates, cls=EtlEncoder),),
                 "===============",
             )
         )
diff --git a/src/etl/sds/worker/transform/tests/test_transform_worker.py b/src/etl/sds/worker/transform/tests/test_transform_worker.py
index 7ed8ddb19..fb7090d96 100644
--- a/src/etl/sds/worker/transform/tests/test_transform_worker.py
+++ b/src/etl/sds/worker/transform/tests/test_transform_worker.py
@@ -143,7 +143,7 @@ def test_transform_worker_pass_no_dupes(
 
     # Execute the transform worker
     with mock.patch("etl.sds.worker.transform.transform.reject_duplicate_keys"):
-        response = transform.handler(event=None, context=None)
+        response = transform.handler(event={}, context=None)
 
     assert response == {
         "stage_name": "transform",
@@ -165,6 +165,59 @@ def test_transform_worker_pass_no_dupes(
     assert n_final_unprocessed == 0
 
 
+@pytest.mark.parametrize("max_records", range(1, 10))
+def test_transform_worker_pass_no_dupes_max_records(
+    put_object: Callable[[str], None],
+    get_object: Callable[[str], bytes],
+    max_records: int,
+):
+    from etl.sds.worker.transform import transform
+
+    initial_unprocessed_data = deque([GOOD_SDS_RECORD_AS_JSON] * 10)
+    initial_processed_data = deque([])
+
+    # Initial state
+    n_initial_unprocessed = len(initial_unprocessed_data)
+    n_initial_processed = len(initial_processed_data)
+    put_object(key=WorkerKey.TRANSFORM, body=pkl_dumps_lz4(initial_unprocessed_data))
+    put_object(key=WorkerKey.LOAD, body=pkl_dumps_lz4(initial_processed_data))
+
+    n_total_processed_records_expected = 0
+    n_unprocessed_records = n_initial_unprocessed
+    while n_unprocessed_records > 0:
+        n_newly_processed_records_expected = min(n_unprocessed_records, max_records)
+        n_unprocessed_records_expected = (
+            n_unprocessed_records - n_newly_processed_records_expected
+        )
+        # 5 x initial unprocessed because 5 events are created for each input record
+        n_total_processed_records_expected += 5 * n_newly_processed_records_expected
+
+        # Execute the transform worker
+        with mock.patch("etl.sds.worker.transform.transform.reject_duplicate_keys"):
+            response = transform.handler(
+                event={"max_records": max_records}, context=None
+            )
+        assert response == {
+            "stage_name": "transform",
+            "processed_records": n_total_processed_records_expected,
+            "unprocessed_records": n_unprocessed_records_expected,
+            "error_message": None,
+        }
+
+        n_unprocessed_records = response["unprocessed_records"]
+
+    # Final state
+    final_unprocessed_data: str = get_object(key=WorkerKey.TRANSFORM)
+    final_processed_data: str = get_object(key=WorkerKey.LOAD)
+    n_final_unprocessed = len(pkl_loads_lz4(final_unprocessed_data))
+    n_final_processed = len(pkl_loads_lz4(final_processed_data))
+
+    # Confirm that everything has now been processed, and that there is no
+    # unprocessed data left in the bucket
+    assert n_final_processed == n_initial_processed + 5 * n_initial_unprocessed
+    assert n_final_unprocessed == 0
+
+
 def test_transform_worker_pass_duplicate_fail(
     put_object: Callable[[str], None],
     get_object: Callable[[str], bytes],
@@ -183,23 +236,25 @@ def test_transform_worker_pass_duplicate_fail(
     put_object(key=WorkerKey.LOAD, body=pkl_dumps_lz4(initial_processed_data))
 
     # Execute the transform worker
-    response = transform.handler(event=None, context=None)
+    response = transform.handler(event={"trust": True}, context=None)
+
     response["error_message"] = re.sub(
         r"'RVL:000428682512'\n(.+)\n",
         r"'RVL:000428682512'\nREDACTED\n",
         response["error_message"],
-    )
+    ).split("\n")[:6]
     assert response == {
         "stage_name": "transform",
         "processed_records": None,
         "unprocessed_records": None,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (DuplicateSdsKey) --\n"
-            "  Duplicates found for device key 'RVL:000428682512'\n"
-            "REDACTED\n"
-            "  ==============="
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (DuplicateSdsKey) --",
+            "  Duplicates found for device key 'RVL:000428682512'",
+            "REDACTED",
+            "  ===============",
+            "Traceback (most recent call last):",
+        ],
     }
 
     # Final state
@@ -241,18 +296,22 @@ def test_transform_worker_bad_record(
     # Execute the transform worker
     with mock.patch("etl.sds.worker.transform.transform.reject_duplicate_keys"):
         response = transform.handler(event={}, context=None)
+
+    response["error_message"] = response["error_message"].split("\n")[:6]
+
     assert response == {
         "stage_name": "transform",
         # 5 x initial unprocessed because a key event + 2 questionnaire events + 1 index event are also created
         "processed_records": n_initial_processed + (5 * bad_record_index),
         "unprocessed_records": n_initial_unprocessed - bad_record_index,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (KeyError) --\n"
-            f"  Failed to parse record {bad_record_index}\n"
-            "  {}\n"
-            "  'object_class'"
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (KeyError) --",
+            f"  Failed to parse record {bad_record_index}",
+            "  {}",
+            "  'object_class'",
+            "Traceback (most recent call last):",
+        ],
     }
 
     # Final state
@@ -291,16 +350,17 @@ def test_transform_worker_fatal_record(
     response["error_message"] = re.sub(
         r"Line \d{1,2}", "Line NUMBER", response["error_message"]
     )
+    response["error_message"] = response["error_message"].split("\n")[:3]
 
     assert response == {
         "stage_name": "transform",
         "processed_records": None,
         "unprocessed_records": None,
-        "error_message": (
-            "The following errors were encountered\n"
-            "  -- Error 1 (RuntimeError) --\n"
-            "  LZ4F_decompress failed with code: ERROR_frameType_unknown"
-        ),
+        "error_message": [
+            "The following errors were encountered",
+            "  -- Error 1 (RuntimeError) --",
+            "  LZ4F_decompress failed with code: ERROR_frameType_unknown",
+        ],
     }
 
     # Final state
diff --git a/src/etl/sds/worker/transform/transform.py b/src/etl/sds/worker/transform/transform.py
index c29cb4bb1..3c2adc4d2 100644
--- a/src/etl/sds/worker/transform/transform.py
+++ b/src/etl/sds/worker/transform/transform.py
@@ -11,7 +11,7 @@
 from etl_utils.io import pkl_dump_lz4, pkl_load_lz4
 from etl_utils.smart_open import smart_open
 from etl_utils.worker.action import apply_action
-from etl_utils.worker.model import WorkerActionResponse
+from etl_utils.worker.model import WorkerActionResponse, WorkerEvent
 from etl_utils.worker.worker_step_chain import execute_step_chain
 from event.aws.client import dynamodb_client
 from event.environment import BaseEnvironment
@@ -39,7 +39,11 @@ def s3_path(self, key) -> str:
 
 
 def transform(
-    s3_client: "S3Client", s3_input_path: str, s3_output_path: str
+    s3_client: "S3Client",
+    s3_input_path: str,
+    s3_output_path: str,
+    max_records: int,
+    trust: bool,
 ) -> WorkerActionResponse:
     with smart_open(s3_path=s3_input_path, s3_client=s3_client) as f:
         unprocessed_records: deque[dict] = pkl_load_lz4(f)
@@ -66,12 +70,13 @@ def transform(
             _spine_device_questionnaire=_spine_device_questionnaire,
             spine_endpoint_questionnaire=spine_endpoint_questionnaire,
             _spine_endpoint_questionnaire=_spine_endpoint_questionnaire,
-            _trust=True,
+            _trust=trust,
             repository=REPOSITORY,
         ),
+        max_records=max_records,
     )
 
-    if exception is None:
+    if trust and exception is None:
         reject_duplicate_keys(exported_events=processed_records)
 
     return WorkerActionResponse(
@@ -84,6 +89,7 @@ def transform(
 
 
 def handler(event: dict, context):
+    _event = WorkerEvent(**event)
     response = execute_step_chain(
         action=transform,
         s3_client=S3_CLIENT,
@@ -91,5 +97,7 @@ def handler(event: dict, context):
         s3_output_path=ENVIRONMENT.s3_path(WorkerKey.LOAD),
         unprocessed_dumper=pkl_dump_lz4,
         processed_dumper=pkl_dump_lz4,
+        max_records=_event.max_records,
+        trust=_event.trust,
     )
     return asdict(response)
diff --git a/src/layers/domain/core/device.py b/src/layers/domain/core/device.py
index bd331942a..bc2baf573 100644
--- a/src/layers/domain/core/device.py
+++ b/src/layers/domain/core/device.py
@@ -2,7 +2,7 @@
 from datetime import datetime
 from enum import StrEnum, auto
 from itertools import chain
-from typing import Optional
+from typing import Any, Optional
 from uuid import UUID, uuid4
 
 from attr import dataclass, field
@@ -164,6 +164,7 @@ class Device(AggregateRoot):
     questionnaire_responses: dict[str, list[QuestionnaireResponse]] = Field(
         default_factory=lambda: defaultdict(list), exclude=True
     )
+    indexes: set[tuple[str, str, Any]] = Field(default_factory=set, exclude=True)
 
     def update(self, **kwargs) -> DeviceUpdatedEvent:
         if "updated_on" not in kwargs:
@@ -223,7 +224,7 @@ def add_index(
             )
             events.append(event)
             self.add_event(event)
-
+            self.indexes.add((questionnaire_id, question_name, answer))
         return events
 
     def add_questionnaire_response(
@@ -323,6 +324,9 @@ def delete_questionnaire_response(
         )
         return self.add_event(event)
 
+    def is_active(self):
+        return self.status is DeviceStatus.ACTIVE
+
 
 class DeviceEventDeserializer(EventDeserializer):
     event_types = (
diff --git a/src/layers/domain/core/questionnaire.py b/src/layers/domain/core/questionnaire.py
index d12c3ffe9..4a2caa908 100644
--- a/src/layers/domain/core/questionnaire.py
+++ b/src/layers/domain/core/questionnaire.py
@@ -249,6 +249,13 @@ def validate_responses(response: dict[str, list], values: dict[str, Questionnair
             validate_response_against_question(question=question, answers=answers)
         return response
 
+    def get_response(self, question_name) -> list:
+        for response in self.responses:
+            value = response.get(question_name)
+            if value is not None:
+                return value
+        return []
+
 
 def validate_mandatory_questions_answered(
     questionnaire_name: str,
diff --git a/src/layers/domain/core/tests/test_device.py b/src/layers/domain/core/tests/test_device.py
index 9fa7b49ac..8933b0ea6 100644
--- a/src/layers/domain/core/tests/test_device.py
+++ b/src/layers/domain/core/tests/test_device.py
@@ -270,6 +270,10 @@ def test_device_add_index(device: Device):
     assert len(events) == N_UNIQUE_ANSWERS
     assert all(isinstance(event, DeviceIndexAddedEvent) for event in events)
 
+    for answer in ["a", "b", "c", "d", "e", "f", "g"]:
+        assert (questionnaire.id, "question1", answer) in device.indexes
+    assert (questionnaire.id, "question1", "foo") not in device.indexes
+
 
 def test_device_add_index_no_such_questionnaire(device: Device):
     with pytest.raises(QuestionnaireNotFoundError):
diff --git a/src/layers/domain/repository/device_repository.py b/src/layers/domain/repository/device_repository.py
index 0b20a888b..67afe43e7 100644
--- a/src/layers/domain/repository/device_repository.py
+++ b/src/layers/domain/repository/device_repository.py
@@ -244,6 +244,11 @@ def read(self, id) -> Device:
 
         (device,) = TableKeys.DEVICE.filter(items, key="sk")
         keys = TableKeys.DEVICE_KEY.filter_and_group(items, key="sk")
+        _indexes = TableKeys.DEVICE_INDEX.filter(items, key="sk")
+        indexes = set(
+            (idx["questionnaire_id"], idx["question_name"], idx["value"])
+            for idx in _indexes
+        )
 
         questionnaires = {}
         for id_, data in TableKeys.QUESTIONNAIRE.filter_and_group(items, key="sk"):
@@ -264,5 +269,6 @@ def read(self, id) -> Device:
         return Device(
             keys={id_: DeviceKey(**data) for id_, data in keys},
             questionnaire_responses=questionnaire_responses,
+            indexes=indexes,
             **device,
         )
diff --git a/src/layers/domain/repository/tests/device_repository_tests/test_device_repository_indexes.py b/src/layers/domain/repository/tests/device_repository_tests/test_device_repository_indexes.py
index 22389dda1..4854a190a 100644
--- a/src/layers/domain/repository/tests/device_repository_tests/test_device_repository_indexes.py
+++ b/src/layers/domain/repository/tests/device_repository_tests/test_device_repository_indexes.py
@@ -65,6 +65,7 @@ def test__device_repository__query_by_index__find_right_shoes(
         questionnaire_id="shoe/1", question_name="foot", value="R"
     )
     assert device.id == device_right_shoe_size_123.id
+    assert device.indexes == device_right_shoe_size_123.indexes
 
 
 @pytest.mark.integration
@@ -80,6 +81,7 @@ def test__device_repository__query_by_index__find_left_shoes(
         questionnaire_id="shoe/1", question_name="foot", value="L"
     )
     assert device.id == device_left_shoe_size_123.id
+    assert device.indexes == device_left_shoe_size_123.indexes
 
 
 @pytest.mark.integration
@@ -98,6 +100,10 @@ def test__device_repository__query_by_index__find_shoes_by_size_int(
         device_left_shoe_size_123.id,
         device_right_shoe_size_123.id,
     }
+    assert {*device_2.indexes, *device_1.indexes} == {
+        *device_left_shoe_size_123.indexes,
+        *device_right_shoe_size_123.indexes,
+    }
 
 
 @pytest.mark.integration
@@ -116,6 +122,10 @@ def test__device_repository__query_by_index__find_shoes_by_size_str(
         device_left_shoe_size_123.id,
         device_right_shoe_size_123.id,
     }
+    assert {*device_2.indexes, *device_1.indexes} == {
+        *device_left_shoe_size_123.indexes,
+        *device_right_shoe_size_123.indexes,
+    }
 
 
 @pytest.mark.integration
diff --git a/src/layers/etl_utils/constants/__init__.py b/src/layers/etl_utils/constants/__init__.py
index 9ea444016..49c4f60ff 100644
--- a/src/layers/etl_utils/constants/__init__.py
+++ b/src/layers/etl_utils/constants/__init__.py
@@ -4,12 +4,18 @@
 CHANGELOG_NUMBER = "changelog-number"
 CHANGELOG_BASE = "cn=Changelog,o=nhs"
 LDAP_FILTER_ALL = "(objectClass=*)"
-SDS_ORGANISATIONAL_UNIT_PEOPLE = b"ou=people"
 FILTERED_OUT = "FILTERED-OUT"
 EMPTY_LDIF = ""
 EMPTY_ARRAY = deque()
 LDIF_RECORD_DELIMITER = "\n\n"
 
+UNSUPPORTED_ORGANISATIONAL_UNITS = {
+    b"ou=people",
+    b"ou=organisations",
+    b"ou=workgroups",
+    b"ou=referencedata",
+}
+
 
 class ChangelogAttributes(StrEnum):
     FIRST_CHANGELOG_NUMBER = "firstchangenumber"
diff --git a/src/layers/etl_utils/ldif/_ldif.py b/src/layers/etl_utils/ldif/_ldif.py
index d91edeef5..5abde19be 100644
--- a/src/layers/etl_utils/ldif/_ldif.py
+++ b/src/layers/etl_utils/ldif/_ldif.py
@@ -1,9 +1,10 @@
 """
 Downloaded, pruned and modified from https://raw.githubusercontent.com/python-ldap/python-ldap/main/Lib/ldif.py
 
-The only modifications were (search this file for '**We modified this**'):
+The only modifications were:
     * yield records in parse(), rather than append.
     * lowercase all attribute names
+    * implement a method for parsing and extracting ldif modify
 Other than that, unnecessary features were removed.
 """
 
@@ -11,6 +12,7 @@
 
 import re
 from base64 import b64decode, b64encode
+from collections import defaultdict
 from typing import IO
 from urllib.parse import urlparse
 from urllib.request import urlopen
@@ -28,7 +30,9 @@
 safe_string_re = re.compile(SAFE_STRING_PATTERN)
 
 
-CHANGE_TYPES = ["add", "delete", "modify", "modrdn"]
+CHANGE_TYPES = {"add", "delete", "modify"}  # ,'modrdn'
+MODIFICATION_OPERATIONS = {"add", "delete", "replace"}
+PARSED_MODIFICATION_KEY = "modifications"  # **We added this**
 
 
 def is_dn(s):
@@ -145,7 +149,15 @@ def _unfold_lines(self):
         self._last_line = next_line
         return "".join(unfolded_lines)
 
-    def _next_key_and_value(self):
+    def _next_key_and_value(self, raise_on_eof=False):
+        try:
+            return self.__next_key_and_value()
+        except EOFError:
+            if raise_on_eof:
+                raise
+            return None, None
+
+    def __next_key_and_value(self):
         """
         Parse a single attribute type and value pair from one or
         more lines of LDIF data
@@ -191,7 +203,7 @@ def _next_key_and_value(self):
             # All values should be valid ascii; we support UTF-8 as a
             # non-official, backwards compatibility layer.
             attr_value = unfolded_line[colon_pos + 1 :].encode("utf-8")
-        return attr_type.lower(), attr_value  # ** We modified this**
+        return attr_type.lower(), attr_value
 
     def _consume_empty_lines(self):
         """
@@ -200,73 +212,115 @@ def _consume_empty_lines(self):
 
         Returns non-empty key-value-tuple.
         """
-        # Local symbol for better performance
-        next_key_and_value = self._next_key_and_value
+        k, v = self._next_key_and_value()
+        while k is None and v is None:
+            try:
+                k, v = self._next_key_and_value(raise_on_eof=True)
+            except EOFError:
+                break
+        return k, v
+
+    def _parse_header(self):
         # Consume empty lines
-        try:
-            k, v = next_key_and_value()
-            while k is None and v is None:
-                k, v = next_key_and_value()
-        except EOFError:
-            k, v = None, None
+        k, v = self._consume_empty_lines()
+        # Consume 'version' line
+        if k == "version":
+            self.version = int(v.decode("ascii"))
+            k, v = self._consume_empty_lines()
         return k, v
 
+    def _parse_dn(self, k: str, v: bytes):
+        if k != "dn":
+            raise ValueError(
+                'Line %d: First line of record does not start with "dn:": %s'
+                % (self.line_counter, repr(k))
+            )
+        # Value of a 'dn' field *has* to be valid UTF-8
+        # k is text, v is bytes.
+        v = v.decode("utf-8")
+        if not is_dn(v):
+            raise ValueError(
+                "Line %d: Not a valid string-representation for dn: %s."
+                % (self.line_counter, repr(v))
+            )
+        return v
+
+    def _parse_changetype(self, k, v):
+        if k == "changetype":
+            # v is still bytes, spec says it should be valid utf-8; decode it.
+            v = v.decode("utf-8")
+            if not v in CHANGE_TYPES:
+                raise ValueError("Invalid changetype: %s" % repr(v))
+            return v
+        return None
+
+    def _parse_modify(self):
+        modifications = defaultdict(list)
+        modifications["changetype"].append(b"modify")
+        modifications[PARSED_MODIFICATION_KEY] = []
+
+        k, v = self._next_key_and_value()
+        # Loop for reading the list of modifications
+        while k != None:
+            # Extract attribute mod-operation (add, delete, replace)
+            if k not in MODIFICATION_OPERATIONS:
+                modifications[k].append(v)
+                k, v = self._next_key_and_value()
+                continue
+            modification_operation = k
+
+            # we now have the attribute name to be modified
+            # v is still bytes, spec says it should be valid utf-8; decode it.
+            v = v.decode("utf-8")
+            attribute_name = v.lower()
+            new_values = set()
+            k, v = self._next_key_and_value()
+            while k == attribute_name:
+                new_values.add(v.decode())
+                k, v = self._next_key_and_value()
+
+            modifications[PARSED_MODIFICATION_KEY].append(
+                (modification_operation, attribute_name, new_values)
+            )
+
+            if k == "-":  # skip hyphens
+                k, v = self._next_key_and_value()
+        return modifications
+
+    def _parse_entry(self, k, v):
+        entry = defaultdict(list)
+
+        # Loop for reading the attributes
+        while k != None:
+            # Add the attribute to the entry if not ignored attribute
+            if not k.lower() in self._ignored_attr_types:
+                entry[k].append(v)
+            k, v = self._next_key_and_value()
+        return entry
+
     def parse(self):
         """
         Continuously read and parse LDIF entry records
         """
-        # Local symbol for better performance
-        next_key_and_value = self._next_key_and_value
-
-        try:
-            # Consume empty lines
-            k, v = self._consume_empty_lines()
-            # Consume 'version' line
-            if k == "version":
-                self.version = int(v.decode("ascii"))
-                k, v = self._consume_empty_lines()
-        except EOFError:
-            return
+        k, v = self._parse_header()
 
         # Loop for processing whole records
         while k != None and (
             not self._max_entries or self.records_read < self._max_entries
         ):
             # Consume first line which must start with "dn: "
-            if k != "dn":
-                raise ValueError(
-                    'Line %d: First line of record does not start with "dn:": %s'
-                    % (self.line_counter, repr(k))
-                )
-            # Value of a 'dn' field *has* to be valid UTF-8
-            # k is text, v is bytes.
-            v = v.decode("utf-8")
-            if not is_dn(v):
-                raise ValueError(
-                    "Line %d: Not a valid string-representation for dn: %s."
-                    % (self.line_counter, repr(v))
-                )
-            dn = v
-            entry = {}
+            dn = self._parse_dn(k, v)
             # Consume second line of record
-            k, v = next_key_and_value()
-
-            # Loop for reading the attributes
-            while k != None:
-                # Add the attribute to the entry if not ignored attribute
-                if not k.lower() in self._ignored_attr_types:
-                    try:
-                        entry[k].append(v)
-                    except KeyError:
-                        entry[k] = [v]
-                # Read the next line within the record
-                try:
-                    k, v = next_key_and_value()
-                except EOFError:
-                    k, v = None, None
-
-            yield (dn, entry)  # ** We modified this**
-            self.records_read = self.records_read + 1
+            k, v = self._next_key_and_value()
+
+            # Determine changetype first
+            changetype = self._parse_changetype(k, v)
+            if changetype == "modify":
+                entry = self._parse_modify()
+            else:
+                entry = self._parse_entry(k, v)
+            yield (dn, entry)
+
             # Consume empty separator line(s)
             k, v = self._consume_empty_lines()
         return
@@ -354,8 +408,16 @@ def _unparseEntryRecord(self, entry):
             dictionary holding an entry
         """
         for attr_type, values in sorted(entry.items()):
-            for attr_value in values:
-                self._unparseAttrTypeandValue(attr_type, attr_value)
+            if attr_type == PARSED_MODIFICATION_KEY:
+                for modification_operation, attribute_name, new_values in values:
+                    self._unfold_lines(f"{modification_operation}: {attribute_name}")
+                    for v in sorted(new_values):
+                        self._unfold_lines(f"{attribute_name}: {v}")
+                    self._unfold_lines("-")
+
+            else:
+                for attr_value in values:
+                    self._unparseAttrTypeandValue(attr_type, attr_value)
 
     def unparse(self, dn: str, record):
         """
diff --git a/src/layers/etl_utils/ldif/ldif.py b/src/layers/etl_utils/ldif/ldif.py
index e537ed747..9ad274585 100644
--- a/src/layers/etl_utils/ldif/ldif.py
+++ b/src/layers/etl_utils/ldif/ldif.py
@@ -6,7 +6,7 @@
 from etl_utils.ldif.model import DistinguishedName
 from smart_open import open as _smart_open
 
-from ._ldif import LDIFParser, LDIFWriter
+from ._ldif import PARSED_MODIFICATION_KEY, LDIFParser, LDIFWriter
 
 if TYPE_CHECKING:
     from mypy_boto3_s3 import S3Client
@@ -21,7 +21,16 @@ def _decode_record(record: dict[str, list[bytes]]) -> dict[str, set[str]]:
     decoded_record = {}
     for field_name, field_items in record.items():
         non_empty_items = filter(bool, field_items)
-        decoded_items = set(map(bytes.decode, non_empty_items))
+
+        # "modification" items are not arrays of strings, instead they are
+        # tuples of complex objects and therefore can neither be decoded
+        # nor hashed (ie can't use 'set')
+        decoded_items = (
+            set(map(bytes.decode, non_empty_items))
+            if field_name != PARSED_MODIFICATION_KEY
+            else list(non_empty_items)
+        )
+
         if decoded_items:
             decoded_record[field_name.lower()] = decoded_items
     return decoded_record
@@ -40,7 +49,11 @@ def parse_ldif(
 
 def _encode_record(record: dict[str, set[str]]) -> dict[str, list[bytes]]:
     return {
-        field_name: sorted(item.encode() for item in field_items)
+        field_name: (
+            sorted(item.encode() for item in field_items)
+            if field_name != PARSED_MODIFICATION_KEY
+            else field_items
+        )
         for field_name, field_items in record.items()
     }
 
diff --git a/src/layers/etl_utils/ldif/tests/test_ldif.py b/src/layers/etl_utils/ldif/tests/test_ldif.py
index ae8894ecc..77146232b 100644
--- a/src/layers/etl_utils/ldif/tests/test_ldif.py
+++ b/src/layers/etl_utils/ldif/tests/test_ldif.py
@@ -38,7 +38,7 @@
 changetype: delete
 """
 
-# Same as the above with comments and hyphens removed, and all keys lower cased
+# Same as the above with comments but all keys lower cased
 DUMPED_SAMPLE_LDIF = """dn: dc=com,dc=example,ou=test
 changetype: add
 objectclass: organizationalUnit
@@ -46,13 +46,16 @@
 ou: test
 
 dn: dc=com,dc=example,ou=test
-add: description
 changetype: modify
-delete: seeAlso
+add: description
 description: First description value
 description: Second description value
+-
+replace: postalcode
 postalcode: 12345
-replace: postalCode
+-
+delete: seealso
+-
 
 dn: dc=com,dc=example,ou=test
 changetype: delete
@@ -74,6 +77,7 @@
 -
 """
 
+
 PARSED_SAMPLE_LDIF = [
     (
         DistinguishedName(parts=(("dc", "com"), ("dc", "example"), ("ou", "test"))),
@@ -86,12 +90,24 @@
     (
         DistinguishedName(parts=(("dc", "com"), ("dc", "example"), ("ou", "test"))),
         {
-            "add": {"description"},
             "changetype": {"modify"},
-            "delete": {"seeAlso"},
-            "description": {"First description value", "Second description value"},
-            "postalcode": {"12345"},
-            "replace": {"postalCode"},
+            "modifications": [
+                (
+                    "add",
+                    "description",
+                    {"First description value", "Second description value"},
+                ),
+                (
+                    "replace",
+                    "postalcode",
+                    {"12345"},
+                ),
+                (
+                    "delete",
+                    "seealso",
+                    set(),
+                ),
+            ],
         },
     ),
     (
@@ -102,6 +118,135 @@
     ),
 ]
 
+SAMPLE_LDIF_DATA_ADD = """
+# Modify an entry
+dn: ou=test,dc=example,dc=com
+changetype: add
+description: First description value
+description: Second description value
+"""
+
+PARSED_LDIF_DATA_ADD = (
+    DistinguishedName(parts=(("dc", "com"), ("dc", "example"), ("ou", "test"))),
+    {
+        "changetype": {"add"},
+        "description": {"First description value", "Second description value"},
+    },
+)
+
+
+SAMPLE_LDIF_DATA_DELETE = """
+# Modify an entry
+dn: ou=test,dc=example,dc=com
+changetype: delete
+description: First description value
+"""
+
+PARSED_LDIF_DATA_DELETE = (
+    DistinguishedName(parts=(("dc", "com"), ("dc", "example"), ("ou", "test"))),
+    {
+        "changetype": {"delete"},
+        "description": {"First description value"},
+    },
+)
+
+
+SAMPLE_LDIF_DATA_COMPLEX_MODIFY = """
+# Modify an entry
+dn: ou=test,dc=example,dc=com
+changetype: modify
+add: description
+description: First description value
+description: Second description value
+-
+add: shoeSize
+shoeSize: 123
+-
+add: description
+description: Third description value
+description: Fourth description value
+-
+replace: postalCode
+postalCode: 12345
+-
+delete: seeAlso
+-
+replace: postalCode
+postalCode: 45678
+postalCode: 54321
+-
+"""
+
+
+PARSED_LDIF_DATA_COMPLEX_MODIFY = (
+    DistinguishedName(parts=(("dc", "com"), ("dc", "example"), ("ou", "test"))),
+    {
+        "changetype": {"modify"},
+        "modifications": [
+            (
+                "add",
+                "description",
+                {"First description value", "Second description value"},
+            ),
+            (
+                "add",
+                "shoesize",
+                {"123"},
+            ),
+            (
+                "add",
+                "description",
+                {"Third description value", "Fourth description value"},
+            ),
+            (
+                "replace",
+                "postalcode",
+                {"12345"},
+            ),
+            (
+                "delete",
+                "seealso",
+                set(),
+            ),
+            (
+                "replace",
+                "postalcode",
+                {"45678", "54321"},
+            ),
+        ],
+    },
+)
+
+
+UPDATE_TRIGGER_LDIF_MODIFY_EXAMPLE = """
+dn: uniqueIdentifier=000173655515,ou=Services,o=nhs
+changeType: modify
+add: nhsAsClient
+nhsAsClient: AAA
+-
+objectClass: modify
+objectClass: top
+uniqueIdentifier: 000173655515
+"""
+
+PARSED_UPDATE_TRIGGER_LDIF_MODIFY = (
+    DistinguishedName(
+        parts=(("o", "nhs"), ("ou", "services"), ("uniqueidentifier", "000173655515"))
+    ),
+    {
+        "changetype": {"modify"},
+        "modifications": [
+            (
+                "add",
+                "nhsasclient",
+                {"AAA"},
+            )
+        ],
+        "objectclass": {"modify", "top"},
+        "uniqueidentifier": {"000173655515"},
+    },
+)
+
 
 @pytest.mark.parametrize(
     ("raw_distinguished_name", "parsed_distinguished_name"),
@@ -153,7 +298,8 @@ def test_dumped_ldif_same_as_initial():
 def test_ldif_dump():
     io = BytesIO()
     ldif_dump(fp=io, obj=PARSED_SAMPLE_LDIF)
-    assert io.getvalue().decode() == DUMPED_SAMPLE_LDIF
+    data = io.getvalue().decode()
+    assert data == DUMPED_SAMPLE_LDIF
 
 
 @mock.patch(
@@ -174,3 +320,46 @@ def test_filter_ldif_from_s3_by_property(mocked_open):
     assert modify_record in parse_ldif(
         file_opener=StringIO, path_or_data=SAMPLE_LDIF_DATA
     )
+
+
+@pytest.mark.parametrize(
+    ["raw_ldif", "parsed_ldif"],
+    [
+        (SAMPLE_LDIF_DATA_COMPLEX_MODIFY, PARSED_LDIF_DATA_COMPLEX_MODIFY),
+        (SAMPLE_LDIF_DATA_DELETE, PARSED_LDIF_DATA_DELETE),
+        (SAMPLE_LDIF_DATA_ADD, PARSED_LDIF_DATA_ADD),
+        (UPDATE_TRIGGER_LDIF_MODIFY_EXAMPLE, PARSED_UPDATE_TRIGGER_LDIF_MODIFY),
+    ],
+)
+def test_parse_ldif_changes(raw_ldif, parsed_ldif):
+    ((dn, record),) = parse_ldif(file_opener=StringIO, path_or_data=raw_ldif)
+    _dn, _record = parsed_ldif
+    assert dn == _dn
+    assert record == _record
+
+
+def test_parse_ldif_multiple_changes():
+    raw_ldif = "\n\n".join(
+        (
+            SAMPLE_LDIF_DATA_COMPLEX_MODIFY,
+            SAMPLE_LDIF_DATA_DELETE,
+            SAMPLE_LDIF_DATA_ADD,
+            SAMPLE_LDIF_DATA_ADD,
+            SAMPLE_LDIF_DATA_DELETE,
+            SAMPLE_LDIF_DATA_COMPLEX_MODIFY,
+        )
+    )
+    expected_parsed_ldif = [
+        PARSED_LDIF_DATA_COMPLEX_MODIFY,
+        PARSED_LDIF_DATA_DELETE,
+        PARSED_LDIF_DATA_ADD,
+        PARSED_LDIF_DATA_ADD,
+        PARSED_LDIF_DATA_DELETE,
+        PARSED_LDIF_DATA_COMPLEX_MODIFY,
+    ]
+
+    records = [
+        record for _, record in parse_ldif(file_opener=StringIO, path_or_data=raw_ldif)
+    ]
+    expected_records = [record for _, record in expected_parsed_ldif]
+    assert records == expected_records
diff --git a/src/layers/etl_utils/trigger/model.py b/src/layers/etl_utils/trigger/model.py
index e8cfe64e4..7eb88f0fe 100644
--- a/src/layers/etl_utils/trigger/model.py
+++ b/src/layers/etl_utils/trigger/model.py
@@ -1,9 +1,7 @@
-import json
 from datetime import datetime as dt
 from enum import StrEnum, auto
 from typing import Self
 
-from etl_utils.constants import CHANGELOG_NUMBER, WorkerKey
 from pydantic import BaseModel, Field
 
 NAME_SEPARATOR = "."
@@ -17,50 +15,40 @@ def _create_timestamp() -> str:
 class StateMachineInputType(StrEnum):
     BULK = auto()
     UPDATE = auto()
-    RETRY = auto()
 
 
 class StateMachineInput(BaseModel):
-    init: WorkerKey
+    etl_type: StateMachineInputType
     changelog_number_start: int
     changelog_number_end: int
-    name_: StateMachineInputType
     timestamp: str = Field(default_factory=_create_timestamp)
 
     @classmethod
     def bulk(cls, changelog_number: int) -> Self:
         return cls(
-            init=WorkerKey.EXTRACT,
+            etl_type=StateMachineInputType.BULK,
             changelog_number_start=0,
             changelog_number_end=changelog_number,
-            name_=StateMachineInputType.BULK,
         )
 
     @classmethod
     def update(cls, changelog_number_start: int, changelog_number_end: int) -> Self:
         return cls(
-            init=WorkerKey.EXTRACT,
+            etl_type=StateMachineInputType.UPDATE,
             changelog_number_start=changelog_number_start,
             changelog_number_end=changelog_number_end,
-            name_=StateMachineInputType.UPDATE,
         )
 
-    def dict(self):
-        changelog_number = self.changelog_number_end or json.dumps(None)
-        return {"init": self.init.name.lower(), CHANGELOG_NUMBER: changelog_number}
-
     @property
     def name(self) -> str:
-        state_machine_name = ".".join(
+        state_machine_name = NAME_SEPARATOR.join(
             (
-                self.name_,
-                self.init.name,
+                self.etl_type,
                 str(self.changelog_number_start),
                 str(self.changelog_number_end),
                 self.timestamp,
             )
         )
-
         for char in BAD_CHARACTERS:
             state_machine_name = state_machine_name.replace(char, NAME_SEPARATOR)
         return state_machine_name
diff --git a/src/layers/etl_utils/worker/exception.py b/src/layers/etl_utils/worker/exception.py
index 9b810a439..249af1d8a 100644
--- a/src/layers/etl_utils/worker/exception.py
+++ b/src/layers/etl_utils/worker/exception.py
@@ -18,7 +18,10 @@
 >        inner-oops
 """
 
+from traceback import TracebackException
+
 INDENTATION = "  "
+TRUNCATION_DEPTH = 2000
 
 
 def _render_exception(exception: Exception) -> str:
@@ -40,7 +43,15 @@ def _render_nested_exception(exception: Exception, nested_index: list[int]):
     message = render_exception(exception=exception, nested_index=nested_index)
     error_index = ".".join(map(str, nested_index))
     prefix = f"-- Error {error_index} ({type(exception).__name__}) --\n"
-    return f"{indentation}{prefix}{message}"
+    _traceback = "".join(TracebackException.from_exception(exception).format())
+
+    if len(message) > TRUNCATION_DEPTH:
+        message = message[:TRUNCATION_DEPTH]
+
+    if len(_traceback) > TRUNCATION_DEPTH:
+        _traceback = _traceback[:TRUNCATION_DEPTH]
+
+    return f"{indentation}{prefix}{message}\n{_traceback}\n"
 
 
 def _render_exception_group(
diff --git a/src/layers/etl_utils/worker/model.py b/src/layers/etl_utils/worker/model.py
index 6a9fb3678..e378424c7 100644
--- a/src/layers/etl_utils/worker/model.py
+++ b/src/layers/etl_utils/worker/model.py
@@ -1,7 +1,9 @@
 from collections import deque
 from dataclasses import dataclass, field
+from typing import Optional
 
 from event.environment import BaseEnvironment
+from pydantic import BaseModel
 
 
 class WorkerEnvironment(BaseEnvironment):
@@ -11,6 +13,11 @@ def s3_path(self, key) -> str:
         return f"s3://{self.ETL_BUCKET}/{key}"
 
 
+class WorkerEvent(BaseModel):
+    max_records: Optional[int] = None
+    trust: Optional[bool] = None  # flag to db indicating not to do condition check
+
+
 @dataclass
 class WorkerResponse:
     """The response of an ETL worker lambda"""
diff --git a/src/layers/etl_utils/worker/steps.py b/src/layers/etl_utils/worker/steps.py
index 6e2d2e3b6..a4c96be5b 100644
--- a/src/layers/etl_utils/worker/steps.py
+++ b/src/layers/etl_utils/worker/steps.py
@@ -12,12 +12,15 @@
 
 
 def execute_action(data: dict, cache: dict) -> WorkerActionResponse:
-    action, s3_client, s3_input_path, s3_output_path, kwargs = data[StepChain.INIT]
+    action, s3_client, s3_input_path, s3_output_path, max_records, kwargs = data[
+        StepChain.INIT
+    ]
     return action(
         s3_client=s3_client,
         s3_input_path=s3_input_path,
         s3_output_path=s3_output_path,
-        **kwargs
+        max_records=max_records,
+        **kwargs,
     )
 
 
diff --git a/src/layers/etl_utils/worker/tests/test_exception.py b/src/layers/etl_utils/worker/tests/test_exception.py
index 42e6cddf1..df5d2c575 100644
--- a/src/layers/etl_utils/worker/tests/test_exception.py
+++ b/src/layers/etl_utils/worker/tests/test_exception.py
@@ -1,3 +1,5 @@
+from unittest import mock
+
 from etl_utils.worker.exception import render_exception
 
 
@@ -28,13 +30,80 @@ def test__render_exception_group():
         "outer-group\n"
         "  -- Error 1 (ValueError) --\n"
         "  oops\n"
+        "ValueError: oops\n"
+        "\n"
+        "\n"
         "  -- Error 2 (ExceptionGroup) --\n"
         "  inner-group\n"
         "    -- Error 2.1 (ExceptionGroup) --\n"
         "    inner-inner-group\n"
         "      -- Error 2.1.1 (ValueError) --\n"
         "      inner-inner-oops\n"
+        "ValueError: inner-inner-oops\n"
+        "\n"
+        "\n"
+        "  | ExceptionGroup: inner-inner-group (1 sub-exception)\n"
+        "  +-+---------------- 1 ----------------\n"
+        "    | ValueError: inner-inner-oops\n"
+        "    +------------------------------------\n"
+        "\n"
+        "\n"
         "    -- Error 2.2 (ValueError) --\n"
         "    inner-oops-note-1, inner-oops-note-2\n"
-        "    inner-oops"
+        "    inner-oops\n"
+        "ValueError: inner-oops\n"
+        "inner-oops-note-1\n"
+        "inner-oops-note-2\n"
+        "\n"
+        "\n"
+        "  | ExceptionGroup: inner-group (2 sub-exceptions)\n"
+        "  +-+---------------- 1 ----------------\n"
+        "    | ExceptionGroup: inner-inner-group (1 sub-exception)\n"
+        "    +-+---------------- 1 ----------------\n"
+        "      | ValueError: inner-inner-oops\n"
+        "      +------------------------------------\n"
+        "    +---------------- 2 ----------------\n"
+        "    | ValueError: inner-oops\n"
+        "    | inner-oops-note-1\n"
+        "    | inner-oops-note-2\n"
+        "    +------------------------------------\n"
+        "\n"
+    )
+
+
+@mock.patch("etl_utils.worker.exception.TRUNCATION_DEPTH", 50)
+def test__render_exception_group_truncation():
+    inner_oops = ValueError("inner-oops")
+    inner_oops.add_note("inner-oops-note-1")
+    inner_oops.add_note("inner-oops-note-2")
+
+    nested_exception = ExceptionGroup(
+        "outer-group",
+        [
+            ValueError("oops"),
+            ExceptionGroup(
+                "inner-group",
+                [
+                    ExceptionGroup(
+                        "inner-inner-group",
+                        [
+                            ValueError("inner-inner-oops"),
+                        ],
+                    ),
+                    inner_oops,
+                ],
+            ),
+        ],
+    )
+    assert render_exception(nested_exception) == (
+        "outer-group\n"
+        "  -- Error 1 (ValueError) --\n"
+        "  oops\n"
+        "ValueError: oops\n"
+        "\n"
+        "\n"
+        "  -- Error 2 (ExceptionGroup) --\n"
+        "  inner-group\n"
+        "    -- Error 2.1 (ExceptionGroup) --\n"
+        "  | ExceptionGroup: inner-group (2 sub-exceptions)\n"
     )
diff --git a/src/layers/etl_utils/worker/tests/test_worker_steps.py b/src/layers/etl_utils/worker/tests/test_worker_steps.py
index 5aabecf0c..6b0c69865 100644
--- a/src/layers/etl_utils/worker/tests/test_worker_steps.py
+++ b/src/layers/etl_utils/worker/tests/test_worker_steps.py
@@ -22,6 +22,7 @@ class MyException(Exception):
 BUCKET_NAME = "my-bucket"
 S3_INPUT_PATH = f"s3://{BUCKET_NAME}/an_input_path"
 S3_OUTPUT_PATH = f"s3://{BUCKET_NAME}/an_output_path"
+MAX_RECORDS = 123
 
 
 def test_execute_action_pass():
@@ -30,7 +31,14 @@ def action(**kwargs):
 
     action_response = execute_action(
         data={
-            StepChain.INIT: (action, "a_client", S3_INPUT_PATH, S3_OUTPUT_PATH, {}),
+            StepChain.INIT: (
+                action,
+                "a_client",
+                S3_INPUT_PATH,
+                S3_OUTPUT_PATH,
+                MAX_RECORDS,
+                {},
+            ),
         },
         cache=None,
     )
@@ -39,6 +47,7 @@ def action(**kwargs):
         "s3_client": "a_client",
         "s3_input_path": S3_INPUT_PATH,
         "s3_output_path": S3_OUTPUT_PATH,
+        "max_records": MAX_RECORDS,
     }
 
 
@@ -51,7 +60,14 @@ def action(**kwargs):
     with pytest.raises(MyException):
         execute_action(
             data={
-                StepChain.INIT: (action, "a_client", S3_INPUT_PATH, S3_OUTPUT_PATH, {}),
+                StepChain.INIT: (
+                    action,
+                    "a_client",
+                    S3_INPUT_PATH,
+                    S3_OUTPUT_PATH,
+                    MAX_RECORDS,
+                    {},
+                ),
             },
             cache=None,
         )
diff --git a/src/layers/etl_utils/worker/worker_step_chain.py b/src/layers/etl_utils/worker/worker_step_chain.py
index 884a7867f..36c0876f7 100644
--- a/src/layers/etl_utils/worker/worker_step_chain.py
+++ b/src/layers/etl_utils/worker/worker_step_chain.py
@@ -56,13 +56,16 @@ def execute_step_chain(
     s3_output_path: str,
     unprocessed_dumper: FunctionType,
     processed_dumper: FunctionType,
-    **kwargs
+    max_records: int = None,
+    **kwargs,
 ) -> WorkerResponse:
     # Run the main action chain
     action_chain = StepChain(
         step_chain=[execute_action], step_decorators=[_log_action_without_inputs]
     )
-    action_chain.run(init=(action, s3_client, s3_input_path, s3_output_path, kwargs))
+    action_chain.run(
+        init=(action, s3_client, s3_input_path, s3_output_path, max_records, kwargs)
+    )
 
     # Save the action chain results if there were no unhandled (fatal) exceptions
     count_unprocessed_records = None
diff --git a/src/layers/sds/cpm_translation/__init__.py b/src/layers/sds/cpm_translation/__init__.py
index eb85869d4..1fc2d6ae7 100644
--- a/src/layers/sds/cpm_translation/__init__.py
+++ b/src/layers/sds/cpm_translation/__init__.py
@@ -8,28 +8,16 @@
 from sds.domain.nhs_mhs import NhsMhs
 from sds.domain.parse import UnknownSdsModel
 from sds.domain.sds_deletion_request import SdsDeletionRequest
+from sds.domain.sds_modification_request import SdsModificationRequest
 
+from .constants import BAD_UNIQUE_IDENTIFIERS
 from .translations import (
     delete_devices,
+    modify_devices,
     nhs_accredited_system_to_cpm_devices,
     nhs_mhs_to_cpm_device,
 )
 
-BAD_UNIQUE_IDENTIFIERS = {
-    "31af51067f47f1244d38",  # pragma: allowlist secret
-    "a83e1431f26461894465",  # pragma: allowlist secret
-    "S2202584A2577603",
-    "S100049A300185",
-}
-
-
-def update_in_list_of_dict(obj: list[dict[str, str]], key, value):
-    for item in obj:
-        if key in item:
-            item[key] = value
-            return
-    obj.append({key: value})
-
 
 def translate(
     obj: dict[str, str],
@@ -72,6 +60,16 @@ def translate(
             ],
             repository=repository,
         )
+    elif object_class == SdsModificationRequest.OBJECT_CLASS:
+        modification_request = SdsModificationRequest.construct(**obj)
+        devices = modify_devices(
+            modification_request=modification_request,
+            questionnaire_ids=[
+                spine_endpoint_questionnaire.id,
+                spine_device_questionnaire.id,
+            ],
+            repository=repository,
+        )
     else:
         raise UnknownSdsModel(
             f"No translation available for models with object class '{object_class}'"
diff --git a/src/layers/sds/cpm_translation/constants.py b/src/layers/sds/cpm_translation/constants.py
new file mode 100644
index 000000000..e897b52d4
--- /dev/null
+++ b/src/layers/sds/cpm_translation/constants.py
@@ -0,0 +1,32 @@
+from uuid import UUID
+
+DEFAULT_ORGANISATION = "CDEF"
+
+DEFAULT_PRODUCT_TEAM = {
+    "id": UUID(int=0x12345678123456781234567812345678),
+    "name": "ROOT",
+}
+
+EXCEPTIONAL_ODS_CODES = {
+    "696B001",
+    "TESTEBS1",
+    "TESTLSP0",
+    "TESTLSP1",
+    "TESTLSP3",
+    "TMSAsync1",
+    "TMSAsync2",
+    "TMSAsync3",
+    "TMSAsync4",
+    "TMSAsync5",
+    "TMSAsync6",
+    "TMSEbs2",
+}
+
+BAD_UNIQUE_IDENTIFIERS = {
+    "31af51067f47f1244d38",  # pragma: allowlist secret
+    "a83e1431f26461894465",  # pragma: allowlist secret
+    "S2202584A2577603",
+    "S100049A300185",
+}
+
+UNIQUE_IDENTIFIER = "unique_identifier"
diff --git a/src/layers/sds/cpm_translation/modify/modify_device.py b/src/layers/sds/cpm_translation/modify/modify_device.py
new file mode 100644
index 000000000..3929f5db2
--- /dev/null
+++ b/src/layers/sds/cpm_translation/modify/modify_device.py
@@ -0,0 +1,78 @@
+from domain.core.device import Device
+from domain.core.questionnaire import QuestionnaireResponse
+from sds.domain.constants import ModificationType
+from sds.domain.nhs_accredited_system import NhsAccreditedSystem
+from sds.domain.nhs_mhs import NhsMhs
+
+from ..utils import update_in_list_of_dict
+
+
+class DeletionErrorBase(Exception):
+    def __init__(self, field):
+        super().__init__(f"Field '{field}' cannot be deleted")
+
+
+class CannotDeleteMandatoryField(DeletionErrorBase):
+    ...
+
+
+class NothingToDelete(DeletionErrorBase):
+    ...
+
+
+def _as_questionnaire_response_answer(item):
+    """Questionnaire response answers must be in list form, even if they are a single item"""
+    if isinstance(item, (set, list)):
+        return list(item)
+    return [item]
+
+
+def new_questionnaire_response_from_template(
+    questionnaire_response: QuestionnaireResponse, field_to_update: str, value
+) -> QuestionnaireResponse:
+    answer = _as_questionnaire_response_answer(value)
+    update_in_list_of_dict(
+        obj=questionnaire_response.responses, key=field_to_update, value=answer
+    )
+    non_empty_responses = list(filter(bool, questionnaire_response.responses))
+    return questionnaire_response.questionnaire.respond(non_empty_responses)
+
+
+def update_device_metadata(
+    device: Device,
+    model: type[NhsAccreditedSystem] | type[NhsMhs],
+    modification_type: ModificationType,
+    field_alias: str,
+    new_values: list,
+) -> Device:
+    field = model.get_field_name_for_alias(alias=field_alias)
+    ((questionnaire_response,),) = device.questionnaire_responses.values()
+    _current_values = questionnaire_response.get_response(question_name=field)
+
+    if modification_type == ModificationType.ADD:
+        _unique_values = {*_current_values, *new_values}
+        parsed_values = model.parse_and_validate_field(
+            field=field, value=_unique_values
+        )
+    elif modification_type == ModificationType.REPLACE:
+        _unique_values = set(new_values)
+        parsed_values = model.parse_and_validate_field(
+            field=field, value=_unique_values
+        )
+    elif modification_type == ModificationType.DELETE:
+        if model.is_mandatory_field(field):
+            raise CannotDeleteMandatoryField(field)
+        if not _current_values:
+            raise NothingToDelete(field)
+        parsed_values = []
+
+    new_questionnaire_response = new_questionnaire_response_from_template(
+        questionnaire_response=questionnaire_response,
+        field_to_update=field,
+        value=parsed_values,
+    )
+    device.update_questionnaire_response(
+        questionnaire_response_index=0,
+        questionnaire_response=new_questionnaire_response,
+    )
+    return device
diff --git a/src/layers/sds/cpm_translation/modify/modify_key.py b/src/layers/sds/cpm_translation/modify/modify_key.py
new file mode 100644
index 000000000..1dce00e8f
--- /dev/null
+++ b/src/layers/sds/cpm_translation/modify/modify_key.py
@@ -0,0 +1,165 @@
+from dataclasses import astuple
+from typing import Callable, Generator
+
+import sds.domain
+from domain.core.device import Device
+from domain.core.device_key import DeviceKeyType
+from domain.core.product_team import ProductTeam
+from domain.core.validation import DEVICE_KEY_SEPARATOR
+from sds.cpm_translation.utils import get_in_list_of_dict
+from sds.domain.constants import ModificationType
+from sds.domain.nhs_accredited_system import NhsAccreditedSystem
+from sds.domain.nhs_mhs import MessageHandlingSystemKey, NhsMhs
+
+from ..constants import DEFAULT_PRODUCT_TEAM, UNIQUE_IDENTIFIER
+from .modify_device import new_questionnaire_response_from_template
+
+
+class AccreditedSystemAlreadyExists(Exception):
+    ...
+
+
+class NotAnSdsKey(Exception):
+    ...
+
+
+class InvalidModificationRequest(Exception):
+    ...
+
+
+def get_modify_key_function(
+    model: type[NhsMhs] | type[NhsAccreditedSystem],
+    modification_type: ModificationType,
+    field_name: str,
+) -> Callable[[list[Device], str, any], Generator[Device, None, None]]:
+    """Returns a function which yields deleted and created Devices"""
+    if not model.is_key_field(field_name):
+        raise NotAnSdsKey(field_name)
+
+    match (model, modification_type):
+        case (sds.domain.NhsAccreditedSystem, ModificationType.ADD):
+            return new_accredited_system
+        case (sds.domain.NhsAccreditedSystem, ModificationType.REPLACE):
+            return replace_accredited_systems
+        case (sds.domain.NhsMhs, ModificationType.REPLACE):
+            return replace_msg_handling_system
+        case _:
+            raise InvalidModificationRequest(
+                f"Forbidden to {modification_type} {model.__name__}.{field_name}",
+            )
+
+
+def new_accredited_system(
+    devices: list[Device], field_name: str, value: str
+) -> Generator[Device, None, None]:
+    (ods_code,) = NhsAccreditedSystem.parse_and_validate_field(
+        field=field_name, value=value
+    )
+
+    current_ods_codes = {device.ods_code for device in devices}
+    if ods_code in current_ods_codes:
+        raise AccreditedSystemAlreadyExists(
+            f"Accredited System with ODS code '{ods_code}' already exists"
+        )
+
+    _device = devices[0]
+    (
+        (questionnaire_id, (questionnaire_response,)),
+    ) = _device.questionnaire_responses.items()
+    new_questionnaire_response = new_questionnaire_response_from_template(
+        questionnaire_response=questionnaire_response,
+        field_to_update=field_name,
+        value=ods_code,
+    )
+    (unique_identifier,) = get_in_list_of_dict(
+        obj=questionnaire_response.responses, key=UNIQUE_IDENTIFIER
+    )
+    new_accredited_system_id = DEVICE_KEY_SEPARATOR.join((ods_code, unique_identifier))
+
+    product_team = ProductTeam(
+        id=_device.product_team_id,
+        ods_code=ods_code,
+        name=DEFAULT_PRODUCT_TEAM["name"],
+    )
+    new_device = product_team.create_device(name=_device.name, type=_device.type)
+    new_device.add_questionnaire_response(
+        questionnaire_response=new_questionnaire_response
+    )
+    new_device.add_key(
+        type=DeviceKeyType.ACCREDITED_SYSTEM_ID, key=new_accredited_system_id
+    )
+    new_device.add_index(
+        questionnaire_id=questionnaire_id, question_name=UNIQUE_IDENTIFIER
+    )
+    # "yield" to match the pattern of the functions returned by 'get_modify_key_function'
+    # which may in general yield multiple deleted / added Devices
+    for device in devices:
+        yield device
+    yield new_device
+
+
+def replace_accredited_systems(
+    devices: list[Device], field_name: str, value: str
+) -> Generator[Device, None, None]:
+    current_ods_codes = {device.ods_code for device in devices}
+    final_ods_codes = NhsAccreditedSystem.parse_and_validate_field(
+        field=field_name, value=value
+    )
+    removed_ods_codes = current_ods_codes - final_ods_codes
+    for device in devices:
+        if device.ods_code in removed_ods_codes:
+            device.delete()
+        yield device
+
+    for new_ods_code in final_ods_codes - current_ods_codes:
+        *_, new_device = new_accredited_system(
+            devices=devices, field_name=field_name, value=[new_ods_code]
+        )
+        yield new_device
+
+
+def _get_msg_handling_system_key(responses: list[dict]) -> MessageHandlingSystemKey:
+    """Construct the MHS scoped party key from questionnaire responses"""
+    return MessageHandlingSystemKey(
+        **{
+            key: values
+            for key in NhsMhs.key_fields()
+            for values in get_in_list_of_dict(obj=responses, key=key)
+        }
+    )
+
+
+def replace_msg_handling_system(
+    devices: list[Device], field_name: str, value: str
+) -> Generator[Device, None, None]:
+    (device,) = devices
+    device.delete()
+    yield device
+
+    (
+        (questionnaire_id, (_questionnaire_response,)),
+    ) = device.questionnaire_responses.items()
+    new_value = NhsMhs.parse_and_validate_field(field=field_name, value=value)
+    questionnaire_response = new_questionnaire_response_from_template(
+        questionnaire_response=_questionnaire_response,
+        field_to_update=field_name,
+        value=new_value,
+    )
+    msg_handling_system_key = _get_msg_handling_system_key(
+        responses=_questionnaire_response.responses
+    )
+    new_scoped_party_key = DEVICE_KEY_SEPARATOR.join(astuple(msg_handling_system_key))
+    product_team = ProductTeam(
+        id=device.product_team_id,
+        ods_code=msg_handling_system_key.nhs_id_code,
+        name=DEFAULT_PRODUCT_TEAM["name"],
+    )
+    new_device = product_team.create_device(name=device.name, type=device.type)
+    new_device.add_questionnaire_response(questionnaire_response=questionnaire_response)
+    new_device.add_key(
+        type=DeviceKeyType.MESSAGE_HANDLING_SYSTEM_ID, key=new_scoped_party_key
+    )
+    new_device.add_index(
+        questionnaire_id=questionnaire_id, question_name=UNIQUE_IDENTIFIER
+    )
+    yield new_device
diff --git a/src/layers/sds/cpm_translation/modify/tests/test_modify_device.py b/src/layers/sds/cpm_translation/modify/tests/test_modify_device.py
new file mode 100644
index 000000000..c4b8f723b
--- /dev/null
+++ b/src/layers/sds/cpm_translation/modify/tests/test_modify_device.py
@@ -0,0 +1,235 @@
+import pytest
+from domain.core.device import Device, DeviceType
+from domain.core.questionnaire import (
+    Questionnaire,
+    QuestionnaireResponse,
+    QuestionnaireResponseUpdatedEvent,
+)
+from domain.core.root import Root
+from pydantic import ValidationError
+from sds.cpm_translation.modify.modify_device import (
+    CannotDeleteMandatoryField,
+    NothingToDelete,
+    _as_questionnaire_response_answer,
+    new_questionnaire_response_from_template,
+    update_device_metadata,
+)
+from sds.domain.constants import ModificationType
+
+
+def _sort_key(obj):
+    if isinstance(obj, list):
+        return tuple(obj)
+    if isinstance(obj, dict):
+        return tuple(map(tuple, obj.items()))
+    return obj
+
+
+def _sort(obj):
+    if isinstance(obj, list):
+        return sorted((_sort(item) for item in obj), key=_sort_key)
+    if isinstance(obj, dict):
+        return {k: _sort(v) for k, v in obj.items()}
+    return obj
+
+
+class MyModel:
+    @classmethod
+    def get_field_name_for_alias(cls, alias):
+        return alias
+
+    @classmethod
+    def parse_and_validate_field(cls, field, value):
+        return value
+
+    @classmethod
+    def is_mandatory_field(cls, field):
+        return False
+
+
+@pytest.mark.parametrize("x", ["foo", 123, True, None, {"foo": "bar"}, ("foo",)])
+def test__as_questionnaire_response_answer_not_list_or_set(x):
+    assert _as_questionnaire_response_answer(x) == [x]
+
+
+@pytest.mark.parametrize("x", [["foo", "bar"], {"foo", "bar"}])
+def test__as_questionnaire_response_answer_list_or_set(x):
+    assert _as_questionnaire_response_answer(x) == list(x)
+
+
+@pytest.fixture
+def questionnaire_response():
+    _questionnaire = Questionnaire(name="my_questionnaire", version=1)
+    _questionnaire.add_question(name="hello", answer_types=(str,))
+    _questionnaire.add_question(name="foo", answer_types=(str,), multiple=True)
+    _questionnaire_response = _questionnaire.respond(
+        responses=[{"hello": ["world"]}, {"foo": ["bar", "baz"]}]
+    )
+    return _questionnaire_response
+
+
+@pytest.fixture
+def device(questionnaire_response):
+    org = Root.create_ods_organisation(ods_code="AB123")
+    product_team = org.create_product_team(
+        id="6f8c285e-04a2-4194-a84e-dabeba474ff7", name="Team"
+    )
+    _device = product_team.create_device(name="foo", type=DeviceType.PRODUCT)
+    _device.add_questionnaire_response(questionnaire_response=questionnaire_response)
+    return _device
+
+
+def test_new_questionnaire_response_from_template_modification(
+    questionnaire_response,
+):
+    new_questionnaire_response = new_questionnaire_response_from_template(
+        questionnaire_response=questionnaire_response,
+        field_to_update="hello",
+        value="whatever",
+    )
+    assert new_questionnaire_response.responses == [
+        {"hello": ["whatever"]},
+        {"foo": ["bar", "baz"]},
+    ]
+
+
+def test_new_questionnaire_response_from_template_deletion(
+    questionnaire_response,
+):
+    new_questionnaire_response = new_questionnaire_response_from_template(
+        questionnaire_response=questionnaire_response,
+        field_to_update="hello",
+        value=[],
+    )
+    assert new_questionnaire_response.responses == [
+        {"foo": ["bar", "baz"]},
+    ]
+
+
+@pytest.mark.parametrize(
+    ["modification_type", "field_alias", "new_values"],
+    (
+        [
+            ModificationType.ADD,
+            "hello",
+            ["WORLD"],
+        ],
+        [
+            ModificationType.REPLACE,
+            "hello",
+            ["world", "WORLD"],
+        ],
+    ),
+)
+def test_update_device_metadata_add_or_replace_non_empty_data_to_non_multiple(
+    modification_type,
+    field_alias,
+    new_values,
+    device,
+):
+    with pytest.raises(ValidationError) as error:
+        update_device_metadata(
+            device=device,
+            model=MyModel,
+            modification_type=modification_type,
+            field_alias=field_alias,
+            new_values=new_values,
+        )
+    assert "Question 'hello' does not allow multiple responses" in str(error.value)
+
+
+@pytest.mark.parametrize(
+    ["modification_type", "field_alias", "new_values", "expected_responses"],
+    [
+        (
+            ModificationType.ADD,
+            "foo",
+            ["BAR"],
+            [{"hello": ["world"]}, {"foo": ["bar", "baz", "BAR"]}],
+        ),
+        (
+            ModificationType.ADD,
+            "hello",
+            [],
+            [{"hello": ["world"]}, {"foo": ["bar", "baz"]}],
+        ),
+        (
+            ModificationType.ADD,
+            "foo",
+            ["BAR", "baz", "BAR"],
+            [
+                {"hello": ["world"]},
+                {"foo": ["bar", "baz", "BAR"]},
+            ],
+        ),
+        (
+            ModificationType.REPLACE,
+            "foo",
+            ["BAR", "baz", "BAR"],
+            [
+                {"hello": ["world"]},
+                {"foo": ["baz", "BAR"]},
+            ],
+        ),
+        (
+            ModificationType.DELETE,
+            "foo",
+            ["anything"],
+            [{"hello": ["world"]}],
+        ),
+    ],
+)
+def test_update_device_metadata(
+    modification_type,
+    field_alias,
+    new_values,
+    expected_responses,
+    device: Device,
+    questionnaire_response: QuestionnaireResponse,
+):
+    events_before = list(device.events)
+
+    _device = update_device_metadata(
+        device=device,
+        model=MyModel,
+        modification_type=modification_type,
+        field_alias=field_alias,
+        new_values=new_values,
+    )
+
+    assert _device is device
+    assert len(_device.events) == len(events_before) + 1
+    assert all(event in _device.events for event in events_before)
+    assert isinstance(_device.events[-1], QuestionnaireResponseUpdatedEvent)
+
+    device_metadata = _device.questionnaire_responses[
+        questionnaire_response.questionnaire.id
+    ][0].responses
+    assert _sort(device_metadata) == _sort(expected_responses)
+
+
+def test_update_device_metadata_delete_mandatory_field(device):
+    class _MyModel(MyModel):
+        @classmethod
+        def is_mandatory_field(cls, field):
+            return True
+
+    with pytest.raises(CannotDeleteMandatoryField):
+        update_device_metadata(
+            device=device,
+            model=_MyModel,
+            modification_type=ModificationType.DELETE,
+            field_alias="foo",
+            new_values=[],
+        )
+
+
+def test_update_device_metadata_delete_field_that_doesnt_exist(device):
+    with pytest.raises(NothingToDelete):
+        update_device_metadata(
+            device=device,
+            model=MyModel,
+            modification_type=ModificationType.DELETE,
+            field_alias="bar",
+            new_values=[],
+        )
diff --git a/src/layers/sds/cpm_translation/modify/tests/test_modify_key.py b/src/layers/sds/cpm_translation/modify/tests/test_modify_key.py
new file mode 100644
index 000000000..c7b574674
--- /dev/null
+++ b/src/layers/sds/cpm_translation/modify/tests/test_modify_key.py
@@ -0,0 +1,473 @@
+from dataclasses import astuple
+
+import pytest
+from domain.core.device import Device, DeviceStatus
+from domain.core.load_questionnaire import render_questionnaire
+from domain.core.questionnaires import QuestionnaireInstance
+from hypothesis import given, settings
+from sds.cpm_translation.modify.modify_key import (
+    InvalidModificationRequest,
+    NotAnSdsKey,
+    _get_msg_handling_system_key,
+    get_modify_key_function,
+    new_accredited_system,
+    replace_accredited_systems,
+    replace_msg_handling_system,
+)
+from sds.cpm_translation.tests.test_cpm_translation import (
+    NHS_ACCREDITED_SYSTEM_STRATEGY,
+    NHS_MHS_STRATEGY,
+)
+from sds.cpm_translation.translations import (
+    nhs_accredited_system_to_cpm_devices,
+    nhs_mhs_to_cpm_device,
+)
+from sds.cpm_translation.utils import get_in_list_of_dict
+from sds.domain.constants import ModificationType
+from sds.domain.nhs_accredited_system import NhsAccreditedSystem
+from sds.domain.nhs_mhs import MessageHandlingSystemKey, NhsMhs
+
+
+@pytest.mark.parametrize(
+    ("model", "modification_type", "field", "result"),
+    [
+        (
+            NhsAccreditedSystem,
+            ModificationType.ADD,
+            "nhs_as_client",
+            new_accredited_system,
+        ),
+        (
+            NhsAccreditedSystem,
+            ModificationType.REPLACE,
+            "nhs_as_client",
+            replace_accredited_systems,
+        ),
+        (
+            NhsMhs,
+            ModificationType.REPLACE,
+            "nhs_mhs_party_key",
+            replace_msg_handling_system,
+        ),
+        (
+            NhsMhs,
+            ModificationType.REPLACE,
+            "nhs_mhs_svc_ia",
+            replace_msg_handling_system,
+        ),
+        (
+            NhsMhs,
+            ModificationType.REPLACE,
+            "nhs_id_code",
+            replace_msg_handling_system,
+        ),
+    ],
+)
+def test_get_modify_key_function(model, modification_type, field, result):
+    assert (
+        get_modify_key_function(
+            model=model, modification_type=modification_type, field_name=field
+        )
+        is result
+    )
+
+
+@pytest.mark.parametrize(
+    ("model", "modification_type", "field"),
+    [
+        (NhsAccreditedSystem, ModificationType.DELETE, "nhs_as_client"),
+        (NhsMhs, ModificationType.ADD, "nhs_mhs_party_key"),
+        (NhsMhs, ModificationType.ADD, "nhs_mhs_svc_ia"),
+        (NhsMhs, ModificationType.ADD, "nhs_id_code"),
+        (NhsMhs, ModificationType.DELETE, "nhs_mhs_party_key"),
+        (NhsMhs, ModificationType.DELETE, "nhs_mhs_svc_ia"),
+        (NhsMhs, ModificationType.DELETE, "nhs_id_code"),
+    ],
+)
+def test_get_modify_key_function_invalid(model, modification_type, field):
+    with pytest.raises(InvalidModificationRequest):
+        get_modify_key_function(
+            model=model, modification_type=modification_type, field_name=field
+        )
+
+
+@pytest.mark.parametrize("model", (NhsAccreditedSystem, NhsMhs))
+@pytest.mark.parametrize(
+    "modification_type",
+    (ModificationType.ADD, ModificationType.REPLACE, ModificationType.DELETE),
+)
+def test_get_modify_key_function_other(model, modification_type):
+    with pytest.raises(NotAnSdsKey):
+        get_modify_key_function(
+            model=model, modification_type=modification_type, field_name="foo"
+        )
+
+
+def _test_device_updated(
+    old_device: Device, new_device: Device, questionnaire_id, expected_ods_code
+):
+    assert new_device.product_team_id == old_device.product_team_id
+    assert new_device.ods_code == expected_ods_code
+    assert new_device.name == old_device.name
+    assert new_device.indexes == old_device.indexes
+
+    ((key_name, device_key),) = old_device.keys.items()
+    ((new_key_name, new_device_key),) = new_device.keys.items()
+
+    expected_new_key_name = f"{expected_ods_code}:{key_name.split(':')[1]}"
+    assert expected_new_key_name == new_key_name
+    assert new_device_key.type is device_key.type
+    assert new_device_key.key == expected_new_key_name
+
+    new_responses = new_device.questionnaire_responses[questionnaire_id][0].responses
+    assert get_in_list_of_dict(new_responses, key="nhs_as_client") == [
+        expected_ods_code
+    ]
+    return True
+
+
+def _test_devices_updated(
+    old_device: Device,
+    new_devices: list[Device],
+    expected_ods_codes,
+    questionnaire_id,
+):
+    for ods_code, new_device in zip(
+        expected_ods_codes,
+        sorted(new_devices, key=lambda d: expected_ods_codes.index(d.ods_code)),
+    ):
+        return _test_device_updated(
+            old_device=old_device,
+            new_device=new_device,
+            questionnaire_id=questionnaire_id,
+            expected_ods_code=ods_code,
+        )
+    return True
+
+
+def _test_deleted_devices(
+    devices: list[Device],
+    old_devices: list[Device],
+    modified_devices: list[Device],
+    n_expected_new_devices,
+    questionnaire_id,
+    expected_ods_codes,
+):
+    assert all(d.status is DeviceStatus.INACTIVE for d in old_devices)
+
+    # Test that new devices are active
+    new_devices = modified_devices[-n_expected_new_devices:]
+    assert len(new_devices) == n_expected_new_devices
+    assert all(d.status is DeviceStatus.ACTIVE for d in new_devices)
+
+    assert _test_devices_updated(
+        old_device=devices[0],
+        new_devices=new_devices,
+        questionnaire_id=questionnaire_id,
+        expected_ods_codes=expected_ods_codes,
+    )
+
+
+@settings(deadline=3000)
+@given(nhs_accredited_system=NHS_ACCREDITED_SYSTEM_STRATEGY)
+def test_new_accredited_system(nhs_accredited_system):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_DEVICE, questionnaire_version=1
+    )
+    devices = list(
+        nhs_accredited_system_to_cpm_devices(
+            nhs_accredited_system=nhs_accredited_system,
+            questionnaire=questionnaire,
+            _questionnaire=questionnaire.dict(),
+        )
+    )
+
+    updated_devices = list(
+        new_accredited_system(
+            devices=devices, field_name="nhs_as_client", value=["foo"]
+        )
+    )
+    assert devices == updated_devices[:-1]
+
+    _test_device_updated(
+        old_device=devices[0],
+        new_device=updated_devices[-1],
+        questionnaire_id=questionnaire.id,
+        expected_ods_code="foo",
+    )
+
+
+@settings(deadline=3000)
+@given(nhs_accredited_system=NHS_ACCREDITED_SYSTEM_STRATEGY)
+def test_replace_accredited_systems_no_deletes(nhs_accredited_system):
+    # Set up initial state
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_DEVICE, questionnaire_version=1
+    )
+    devices = list(
+        nhs_accredited_system_to_cpm_devices(
+            nhs_accredited_system=nhs_accredited_system,
+            questionnaire=questionnaire,
+            _questionnaire=questionnaire.dict(),
+        )
+    )
+
+    old_ods_codes = [device.ods_code for device in devices]
+    new_ods_codes = ["foo", "bar"]
+    n_expected_new_devices = len(new_ods_codes)
+
+    modified_devices = list(
+        replace_accredited_systems(
+            devices=devices,
+            field_name="nhs_as_client",
+            value=old_ods_codes + new_ods_codes,
+        )
+    )
+    # Test that nothing was deleted
+    assert all(d.status is DeviceStatus.ACTIVE for d in modified_devices)
+
+    old_devices = modified_devices[:-n_expected_new_devices]
+    assert old_devices == devices
+
+    new_devices = modified_devices[-n_expected_new_devices:]
+    assert len(new_devices) == n_expected_new_devices
+
+    assert _test_devices_updated(
+        old_device=devices[0],
+        new_devices=new_devices,
+        questionnaire_id=questionnaire.id,
+        expected_ods_codes=new_ods_codes,
+    )
+
+
+@settings(deadline=3000)
+@given(nhs_accredited_system=NHS_ACCREDITED_SYSTEM_STRATEGY)
+def test_replace_accredited_systems_with_old_devices_deleted(nhs_accredited_system):
+    # Set up initial state
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_DEVICE, questionnaire_version=1
+    )
+    devices = list(
+        nhs_accredited_system_to_cpm_devices(
+            nhs_accredited_system=nhs_accredited_system,
+            questionnaire=questionnaire,
+            _questionnaire=questionnaire.dict(),
+        )
+    )
+    new_ods_codes = ["foo", "bar"]
+    n_expected_new_devices = len(new_ods_codes)
+
+    modified_devices = list(
+        replace_accredited_systems(
+            devices=devices,
+            field_name="nhs_as_client",
+            value=new_ods_codes,
+        )
+    )
+    # Test that old devices are inactive
+    old_devices = modified_devices[:-n_expected_new_devices]
+    _test_deleted_devices(
+        devices=devices,
+        old_devices=old_devices,
+        modified_devices=modified_devices,
+        n_expected_new_devices=n_expected_new_devices,
+        questionnaire_id=questionnaire.id,
+        expected_ods_codes=new_ods_codes,
+    )
+
+
+@settings(deadline=3000)
+@given(nhs_accredited_system=NHS_ACCREDITED_SYSTEM_STRATEGY)
+def test_replace_accredited_systems_with_some_devices_deleted(nhs_accredited_system):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_DEVICE, questionnaire_version=1
+    )
+    devices = list(
+        nhs_accredited_system_to_cpm_devices(
+            nhs_accredited_system=nhs_accredited_system,
+            questionnaire=questionnaire,
+            _questionnaire=questionnaire.dict(),
+        )
+    )
+    new_ods_codes = ["foo", "bar"]
+    old_ods_codes = [devices[0].ods_code]  # i.e. keep the first old device active
+    n_expected_new_devices = len(new_ods_codes)
+
+    modified_devices = list(
+        replace_accredited_systems(
+            devices=devices,
+            field_name="nhs_as_client",
+            value=old_ods_codes + new_ods_codes,
+        )
+    )
+
+    # Test that first old device is still active
+    first_old_device = modified_devices[0]
+    assert first_old_device == devices[0]
+    assert first_old_device.status is DeviceStatus.ACTIVE
+
+    # Test that all old devices other than the first are inactive
+    old_devices = modified_devices[1:-n_expected_new_devices]
+    assert [first_old_device] + old_devices == devices
+    _test_deleted_devices(
+        devices=devices,
+        old_devices=old_devices,
+        modified_devices=modified_devices,
+        n_expected_new_devices=n_expected_new_devices,
+        questionnaire_id=questionnaire.id,
+        expected_ods_codes=new_ods_codes,
+    )
+
+
+@settings(deadline=3000)
+@given(nhs_mhs=NHS_MHS_STRATEGY)
+def test__get_msg_handling_system_key(nhs_mhs: NhsMhs):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_ENDPOINT, questionnaire_version=1
+    )
+    device = nhs_mhs_to_cpm_device(
+        nhs_mhs=nhs_mhs,
+        questionnaire=questionnaire,
+        _questionnaire=questionnaire.dict(),
+    )
+    mhs_key = _get_msg_handling_system_key(
+        responses=device.questionnaire_responses[questionnaire.id][0].responses
+    )
+    expected_key = MessageHandlingSystemKey(
+        nhs_id_code=nhs_mhs.nhs_id_code,
+        nhs_mhs_party_key=nhs_mhs.nhs_mhs_party_key,
+        nhs_mhs_svc_ia=nhs_mhs.nhs_mhs_svc_ia,
+    )
+
+    assert mhs_key == expected_key
+    assert astuple(mhs_key) == (
+        nhs_mhs.nhs_id_code,
+        nhs_mhs.nhs_mhs_party_key,
+        nhs_mhs.nhs_mhs_svc_ia,
+    )
+
+
+def _test_mhs_devices(
+    new_device: Device,
+    deleted_device: Device,
+    old_device: Device,
+    expected_ods_code: str,
+):
+    assert deleted_device is old_device
+    assert deleted_device.status is DeviceStatus.INACTIVE
+    assert new_device.product_team_id == old_device.product_team_id
+    assert new_device.ods_code == expected_ods_code
+    assert new_device.name == old_device.name
+    assert new_device.indexes == old_device.indexes
+    return True
+
+
+@settings(deadline=3000)
+@given(nhs_mhs=NHS_MHS_STRATEGY)
+def test_replace_msg_handling_system_nhs_id_code(nhs_mhs: NhsMhs):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_ENDPOINT, questionnaire_version=1
+    )
+    old_device = nhs_mhs_to_cpm_device(
+        nhs_mhs=nhs_mhs,
+        questionnaire=questionnaire,
+        _questionnaire=questionnaire.dict(),
+    )
+
+    deleted_device, new_device = replace_msg_handling_system(
+        devices=[old_device], field_name="nhs_id_code", value="foo"
+    )
+    assert _test_mhs_devices(
+        new_device=new_device,
+        deleted_device=deleted_device,
+        old_device=old_device,
+        expected_ods_code="foo",
+    )
+
+    ((_, device_key),) = old_device.keys.items()
+    ((new_key_name, new_device_key),) = new_device.keys.items()
+
+    old_mhs_key = _get_msg_handling_system_key(
+        responses=old_device.questionnaire_responses[questionnaire.id][0].responses
+    )
+
+    expected_new_key_name = ":".join(
+        ("foo", old_mhs_key.nhs_mhs_party_key, old_mhs_key.nhs_mhs_svc_ia)
+    )
+    assert expected_new_key_name == new_key_name
+    assert new_device_key.type is device_key.type
+    assert new_device_key.key == expected_new_key_name
+
+
+@settings(deadline=3000)
+@given(nhs_mhs=NHS_MHS_STRATEGY)
+def test_replace_msg_handling_system_nhs_mhs_party_key(nhs_mhs: NhsMhs):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_ENDPOINT, questionnaire_version=1
+    )
+    old_device = nhs_mhs_to_cpm_device(
+        nhs_mhs=nhs_mhs,
+        questionnaire=questionnaire,
+        _questionnaire=questionnaire.dict(),
+    )
+
+    deleted_device, new_device = replace_msg_handling_system(
+        devices=[old_device], field_name="nhs_mhs_party_key", value="foo-0"
+    )
+    assert _test_mhs_devices(
+        new_device=new_device,
+        deleted_device=deleted_device,
+        old_device=old_device,
+        expected_ods_code=old_device.ods_code,
+    )
+
+    ((_, device_key),) = old_device.keys.items()
+    ((new_key_name, new_device_key),) = new_device.keys.items()
+
+    old_mhs_key = _get_msg_handling_system_key(
+        responses=old_device.questionnaire_responses[questionnaire.id][0].responses
+    )
+
+    expected_new_key_name = ":".join(
+        (old_mhs_key.nhs_id_code, "foo-0", old_mhs_key.nhs_mhs_svc_ia)
+    )
+    assert expected_new_key_name == new_key_name
+    assert new_device_key.type is device_key.type
+    assert new_device_key.key == expected_new_key_name
+
+
+@settings(deadline=3000)
+@given(nhs_mhs=NHS_MHS_STRATEGY)
+def test_replace_msg_handling_system_nhs_mhs_svc_ia(nhs_mhs: NhsMhs):
+    questionnaire = render_questionnaire(
+        questionnaire_name=QuestionnaireInstance.SPINE_ENDPOINT, questionnaire_version=1
+    )
+    old_device = nhs_mhs_to_cpm_device(
+        nhs_mhs=nhs_mhs,
+        questionnaire=questionnaire,
+        _questionnaire=questionnaire.dict(),
+    )
+
+    deleted_device, new_device = replace_msg_handling_system(
+        devices=[old_device], field_name="nhs_mhs_svc_ia", value="foo"
+    )
+    assert _test_mhs_devices(
+        new_device=new_device,
+        deleted_device=deleted_device,
+        old_device=old_device,
+        expected_ods_code=old_device.ods_code,
+    )
+
+    ((_, device_key),) = old_device.keys.items()
+    ((new_key_name, new_device_key),) = new_device.keys.items()
+
+    old_mhs_key = _get_msg_handling_system_key(
+        responses=old_device.questionnaire_responses[questionnaire.id][0].responses
+    )
+
+    expected_new_key_name = ":".join(
+        (old_mhs_key.nhs_id_code, old_mhs_key.nhs_mhs_party_key, "foo")
+    )
+    assert expected_new_key_name == new_key_name
+    assert new_device_key.type is device_key.type
+    assert new_device_key.key == expected_new_key_name
diff --git a/src/layers/sds/cpm_translation/tests/test_translations.py b/src/layers/sds/cpm_translation/tests/test_translations.py
new file mode 100644
index 000000000..d686b6cb4
--- /dev/null
+++ b/src/layers/sds/cpm_translation/tests/test_translations.py
@@ -0,0 +1,86 @@
+from unittest import mock
+from uuid import uuid4
+
+from domain.core.device import Device, DeviceType
+from domain.core.root import Root
+from sds.cpm_translation.modify.modify_key import NotAnSdsKey
+from sds.cpm_translation.translations import modify_devices
+from sds.domain.organizational_unit import OrganizationalUnitDistinguishedName
+from sds.domain.sds_modification_request import SdsModificationRequest
+
+MOCK_PATH = "sds.cpm_translation.translations.{}"
+
+DUMMY_SDS_MODIFICATION_REQUEST_DATA = dict(
+    distinguished_name=OrganizationalUnitDistinguishedName(
+        ou="services", o="nhs", uniqueidentifier=""
+    ),
+    objectclass={"modify"},
+    changetype={"add"},
+    uniqueidentifier={"123"},
+)
+
+
+def mock_patch(function_name):
+    return mock.patch(MOCK_PATH.format(function_name))
+
+
+@mock_patch("read_devices_by_unique_identifier")
+@mock_patch("get_modify_key_function")
+@mock_patch("update_device_metadata")
+def test_modify_devices(
+    mocked_update_device_metadata,
+    mocked_get_modify_key_function,
+    mocked_read_devices_by_unique_identifier,
+):
+    class DeviceFactory:
+        def __init__(self):
+            self.devices: list[Device] = []
+
+        def new_device(self) -> Device:
+            org = Root.create_ods_organisation(ods_code="foo")
+            product_team = org.create_product_team(id=uuid4(), name="foo")
+            device = product_team.create_device(name="foo", type=DeviceType.PRODUCT)
+            self.devices.append(device)
+            return device
+
+    new_device_factory = DeviceFactory()
+    old_device_factory = DeviceFactory()
+
+    def _get_modify_key_function(model, field_name, modification_type):
+        if field_name != "nhs_as_client":
+            raise NotAnSdsKey
+        return lambda devices, field_name, value: devices + [
+            new_device_factory.new_device()
+        ]
+
+    for _ in range(10):
+        old_device_factory.new_device()
+
+    mocked_update_device_metadata.side_effect = (
+        lambda device, model, modification_type, field_alias, new_values: device
+    )
+    mocked_get_modify_key_function.side_effect = _get_modify_key_function
+    mocked_read_devices_by_unique_identifier.return_value = old_device_factory.devices
+
+    modified_devices = list(
+        modify_devices(
+            modification_request=SdsModificationRequest(
+                **DUMMY_SDS_MODIFICATION_REQUEST_DATA,
+                modifications=[
+                    ("add", "nhsasclient", set()),  # key field
+                    ("add", "nhsproductname", set()),  # not a key field
+                    ("add", "nhsasclient", set()),
+                    ("add", "nhsproductname", set()),
+                ],
+            ),
+            questionnaire_ids=[],
+            repository=None,
+        )
+    )
+
+    assert len(new_device_factory.devices) == 2  # 2 key_field modifications
+    assert len(modified_devices) == 12  # 10 original plus 2 new
+    assert sorted(modified_devices, key=lambda device: device.id) == sorted(
+        old_device_factory.devices + new_device_factory.devices,
+        key=lambda device: device.id,
+    )
diff --git a/src/layers/sds/cpm_translation/tests/test_utils.py b/src/layers/sds/cpm_translation/tests/test_utils.py
new file mode 100644
index 000000000..39ec92745
--- /dev/null
+++ b/src/layers/sds/cpm_translation/tests/test_utils.py
@@ -0,0 +1,32 @@
+from sds.cpm_translation.utils import get_in_list_of_dict, update_in_list_of_dict
+
+
+def test_update_in_list_of_dict():
+    obj = [{"foo": "FOO", "hello": "world"}, {"foo": "OOF"}]
+    update_in_list_of_dict(obj=obj, key="foo", value="bar")
+    assert obj == [{"foo": "bar", "hello": "world"}, {"foo": "bar"}]
+
+
+def test_update_in_list_of_dict_doesnt_exist():
+    obj = [{"hello": "world"}]
+    update_in_list_of_dict(obj=obj, key="foo", value="bar")
+    assert obj == [{"hello": "world"}, {"foo": "bar"}]
+
+
+def test_update_in_list_of_dict_deletes_if_falsey():
+    obj = [{"foo": "FOO", "hello": "world"}, {"foo": "OOF"}]
+    update_in_list_of_dict(obj=obj, key="foo", value=[])
+    assert obj == [{"hello": "world"}]
+
+
+def test_update_in_list_of_dict_deletes_if_falsey_doesnt_exist():
+    obj = [{"hello": "world"}]
+    update_in_list_of_dict(obj=obj, key="foo", value=[])
+    assert obj == [{"hello": "world"}]
+
+
+def test_get_in_list_of_dict():
+    obj = [{"foo": "FOO", "hello": "world"}, {"foo": "OOF"}]
+    assert get_in_list_of_dict(obj=obj, key="foo") == "FOO"
+    assert get_in_list_of_dict(obj=obj, key="hello") == "world"
+    assert get_in_list_of_dict(obj=obj, key="bar") is None
diff --git a/src/layers/sds/cpm_translation/translations.py b/src/layers/sds/cpm_translation/translations.py
index b3f8e1db1..052147d8c 100644
--- a/src/layers/sds/cpm_translation/translations.py
+++ b/src/layers/sds/cpm_translation/translations.py
@@ -1,5 +1,6 @@
+from functools import partial
+from itertools import filterfalse
 from typing import Generator
-from uuid import UUID
 
 from domain.core.device import Device, DeviceType
 from domain.core.device_key import DeviceKeyType
@@ -11,27 +12,17 @@
 from sds.domain.nhs_accredited_system import NhsAccreditedSystem
 from sds.domain.nhs_mhs import NhsMhs
 from sds.domain.sds_deletion_request import SdsDeletionRequest
+from sds.domain.sds_modification_request import SdsModificationRequest
 
-DEFAULT_PRODUCT_TEAM = {
-    "id": UUID(int=0x12345678123456781234567812345678),
-    "name": "ROOT",
-}
-EXCEPTIONAL_ODS_CODES = {
-    "696B001",
-    "TESTEBS1",
-    "TESTLSP0",
-    "TESTLSP1",
-    "TESTLSP3",
-    "TMSAsync1",
-    "TMSAsync2",
-    "TMSAsync3",
-    "TMSAsync4",
-    "TMSAsync5",
-    "TMSAsync6",
-    "TMSEbs2",
-}
-
-DEFAULT_ORGANISATION = "CDEF"
+from .constants import (
+    DEFAULT_ORGANISATION,
+    DEFAULT_PRODUCT_TEAM,
+    EXCEPTIONAL_ODS_CODES,
+    UNIQUE_IDENTIFIER,
+)
+from .modify.modify_device import update_device_metadata
+from .modify.modify_key import NotAnSdsKey, get_modify_key_function
+from .utils import update_in_list_of_dict
 
 
 def accredited_system_ids(
@@ -44,18 +35,12 @@ def accredited_system_ids(
 
 
 def scoped_party_key(nhs_mhs: NhsMhs) -> str:
-    party_key = nhs_mhs.nhs_mhs_party_key.strip()
-    interaction_id = nhs_mhs.nhs_mhs_svc_ia.strip()
-    ods_code = nhs_mhs.nhs_id_code
-    return DEVICE_KEY_SEPARATOR.join((ods_code, party_key, interaction_id))
-
-
-def update_in_list_of_dict(obj: list[dict[str, str]], key, value):
-    for item in obj:
-        if key in item:
-            item[key] = value
-            return
-    obj.append({key: value})
+    return DEVICE_KEY_SEPARATOR.join(
+        map(
+            str.strip,
+            (getattr(nhs_mhs, key) for key in NhsMhs.key_fields()),
+        )
+    )
 
 
 def create_product_team(ods_code: str) -> ProductTeam:
@@ -105,23 +90,11 @@ def nhs_accredited_system_to_cpm_devices(
             _trust=True,
         )
         _device.add_index(
-            questionnaire_id=questionnaire.id, question_name="unique_identifier"
+            questionnaire_id=questionnaire.id, question_name=UNIQUE_IDENTIFIER
         )
         yield _device
 
 
-def modify_accredited_system_devices(
-    nhs_accredited_system: NhsAccreditedSystem, repository: DeviceRepository
-) -> Generator[Device, None, None]:
-    for (
-        _,
-        accredited_system_id,
-    ) in accredited_system_ids(nhs_accredited_system):
-        device = repository.read_by_key(key=accredited_system_id)
-        device.update(something="foo")
-        yield device
-
-
 def nhs_mhs_to_cpm_device(
     nhs_mhs: NhsMhs,
     questionnaire: Questionnaire,
@@ -150,16 +123,65 @@ def nhs_mhs_to_cpm_device(
         _questionnaire=_questionnaire,
         _trust=True,
     )
-    device.add_index(
-        questionnaire_id=questionnaire.id, question_name="unique_identifier"
-    )
+    device.add_index(questionnaire_id=questionnaire.id, question_name=UNIQUE_IDENTIFIER)
     return device
 
 
-def modify_mhs_device(nhs_mhs: NhsMhs, repository: DeviceRepository):
-    device = repository.read_by_key(key=scoped_party_key(nhs_mhs))
-    device.update(something="foo")
-    return device
+def read_devices_by_unique_identifier(
+    questionnaire_ids: list[str], repository: DeviceRepository, value: str
+) -> Generator[Device, None, None]:
+    for questionnaire_id in questionnaire_ids:
+        for device in repository.read_by_index(
+            questionnaire_id=questionnaire_id,
+            question_name=UNIQUE_IDENTIFIER,
+            value=value,
+        ):
+            if device.is_active():
+                yield device
+
+
+def modify_devices(
+    modification_request: SdsModificationRequest,
+    questionnaire_ids: list[str],
+    repository: DeviceRepository,
+) -> Generator[Device, None, None]:
+    devices = list(
+        read_devices_by_unique_identifier(
+            questionnaire_ids=questionnaire_ids,
+            repository=repository,
+            value=modification_request.unique_identifier,
+        )
+    )
+    # Only apply modifications if there are devices to modify
+    modifications = modification_request.modifications if devices else []
+
+    _devices = devices
+    for modification_type, field, new_values in modifications:
+        device_type = _devices[0].type
+        model = NhsAccreditedSystem if device_type is DeviceType.PRODUCT else NhsMhs
+        field_name = model.get_field_name_for_alias(alias=field)
+
+        try:
+            modify_key = get_modify_key_function(
+                model=model,
+                field_name=field_name,
+                modification_type=modification_type,
+            )
+            _devices = list(
+                modify_key(devices=_devices, field_name=field_name, value=new_values)
+            )
+        except NotAnSdsKey:
+            update_metadata = partial(
+                update_device_metadata,
+                model=model,
+                modification_type=modification_type,
+                field_alias=field,
+                new_values=new_values,
+            )
+            _active_devices = list(filter(Device.is_active, _devices))
+            _inactive_devices = list(filterfalse(Device.is_active, _devices))
+            _devices = [*map(update_metadata, _active_devices), *_inactive_devices]
+    yield from _devices
 
 
 def delete_devices(
@@ -168,12 +190,11 @@ def delete_devices(
     repository: DeviceRepository,
 ) -> list[Device]:
     devices = []
-    for questionnaire_id in questionnaire_ids:
-        for _device in repository.read_by_index(
-            questionnaire_id=questionnaire_id,
-            question_name="unique_identifier",
-            value=deletion_request.unique_identifier,
-        ):
-            _device.delete()
-            devices.append(_device)
+    for _device in read_devices_by_unique_identifier(
+        questionnaire_ids=questionnaire_ids,
+        repository=repository,
+        value=deletion_request.unique_identifier,
+    ):
+        _device.delete()
+        devices.append(_device)
     return devices
diff --git a/src/layers/sds/cpm_translation/utils.py b/src/layers/sds/cpm_translation/utils.py
new file mode 100644
index 000000000..de8054f03
--- /dev/null
+++ b/src/layers/sds/cpm_translation/utils.py
@@ -0,0 +1,30 @@
+def update_in_list_of_dict(obj: list[dict[str, str]], key, value: list):
+    found = False
+    items_to_remove = []
+    for idx, item in enumerate(obj):
+        if key not in item:
+            continue
+        found = True
+        # Replace the value, if it is truthy
+        del item[key]
+        if value:
+            item[key] = value
+        # If the item is now empty, mark it for removal
+        if not item:
+            items_to_remove.append(idx)
+
+    # If the key was never found, create a new item
+    if value and not found:
+        obj.append({key: value})
+
+    # Create a new list from non-marked items
+    for idx in sorted(items_to_remove, reverse=True):
+        del obj[idx]
+
+
+def get_in_list_of_dict(obj: list[dict[str, str]], key):
+    for item in obj:
+        value = item.get(key)
+        if value is not None:
+            return value
+    return None
diff --git a/src/layers/sds/domain/__init__.py b/src/layers/sds/domain/__init__.py
new file mode 100644
index 000000000..a71932b22
--- /dev/null
+++ b/src/layers/sds/domain/__init__.py
@@ -0,0 +1,2 @@
+from .nhs_accredited_system import NhsAccreditedSystem  # noqa: F401
+from .nhs_mhs import NhsMhs  # noqa: F401
diff --git a/src/layers/sds/domain/base.py b/src/layers/sds/domain/base.py
index 92c2cafe7..2600e188c 100644
--- a/src/layers/sds/domain/base.py
+++ b/src/layers/sds/domain/base.py
@@ -20,6 +20,10 @@
 SET_ALIAS_NAME = f"{set[str]}"
 
 
+class AliasLookupError(Exception):
+    ...
+
+
 def _field_is_a_set(cls: "SdsBaseModel", field_name) -> bool:
     field = cls.alias_fields().get(field_name)
     return field is not None and str(field.outer_type_) == SET_ALIAS_NAME
@@ -32,7 +36,9 @@ def _strip_excluded_values_from_object_class(
 ) -> dict:
     object_class = values.get(OBJECT_CLASS_FIELD_NAME)
     if object_class:
-        values[OBJECT_CLASS_FIELD_NAME] = object_class - excluded_object_class_values
+        values[OBJECT_CLASS_FIELD_NAME] = (
+            set(object_class) - excluded_object_class_values
+        )
     return values
 
 
@@ -52,7 +58,7 @@ def _unpack_sets(cls: "SdsBaseModel", values: dict) -> dict:
 
 
 def _generate_distinguished_name(cls: "SdsBaseModel", values: dict) -> dict:
-    _distinguished_name: DistinguishedName = values.pop("_distinguished_name")
+    _distinguished_name: DistinguishedName = values.pop("_distinguished_name", None)
     if _distinguished_name is not None:
         values["distinguished_name"] = dict(_distinguished_name.parts)
     return values
@@ -67,6 +73,51 @@ def _validate_object_class(cls: "SdsBaseModel", values: dict) -> dict:
     return values
 
 
+def _get_field_name_for_alias(cls: BaseModel, alias):
+    try:
+        (field_name,) = (
+            field_name
+            for field_name, model_field in cls.__fields__.items()
+            if model_field.alias == alias
+        )
+    except ValueError:
+        raise AliasLookupError(f"No field with alias '{alias}' found")
+    return field_name
+
+
+def _get_alias_for_field_name(cls: BaseModel, field):
+    try:
+        (alias,) = (
+            model_field.alias
+            for field_name, model_field in cls.__fields__.items()
+            if field_name == field
+        )
+    except ValueError:
+        raise AliasLookupError(f"No alias for field '{field}' found")
+    return alias
+
+
+def _force_optional(cls: BaseModel):
+    """
+    Takes a copy of the input pydantic model class and forces
+    all fields to be optional. Useful for validating individual fields.
+    """
+    _model: BaseModel = type(f"{cls.__name__}-subclass", (cls,), {})
+    _model.__name__ = cls.__name__
+    for field in _model.__fields__.values():
+        field.required = False
+    return _model
+
+
+def _parse_and_validate_field(cls: "SdsBaseModel", field, value):
+    _model = _force_optional(cls)
+    field_alias = _get_alias_for_field_name(cls=cls, field=field)
+    _value = set(value) if isinstance(value, list) else value
+    instance = _model(**{field_alias: _value})
+    parsed_value = getattr(instance, field)
+    return parsed_value
+
+
 def _is_iterable(obj):
     return isinstance(obj, (set, list, tuple))
 
@@ -98,6 +149,10 @@ def alias_fields(cls) -> dict[str, ModelField]:
             for model_field in cls.__fields__.values()
         }
 
+    @classmethod
+    def get_field_name_for_alias(cls, alias) -> str:
+        return _get_field_name_for_alias(cls=cls, alias=alias)
+
     @root_validator(pre=True)
     def preprocess_inputs(cls, values):
         for transform in (
@@ -112,3 +167,19 @@ def preprocess_inputs(cls, values):
     def as_questionnaire_response_responses(self) -> list[dict[str, list]]:
         data = orjson.loads(self.json(exclude_none=True, exclude={"change_type"}))
         return [{k: (v if _is_iterable(v) else [v])} for k, v in data.items()]
+
+    @classmethod
+    def parse_and_validate_field(cls, field: str, value: list | set):
+        return _parse_and_validate_field(cls=cls, field=field, value=value)
+
+    @classmethod
+    def is_mandatory_field(cls, field: str):
+        return cls.__fields__[field].required
+
+    @classmethod
+    def key_fields(cls) -> tuple[str, ...]:
+        raise NotImplementedError()
+
+    @classmethod
+    def is_key_field(cls, field):
+        return field in cls.key_fields()
diff --git a/src/layers/sds/domain/changelog.py b/src/layers/sds/domain/changelog.py
index a6da9b67b..c0420268e 100644
--- a/src/layers/sds/domain/changelog.py
+++ b/src/layers/sds/domain/changelog.py
@@ -3,7 +3,12 @@
 from etl_utils.ldif.model import DistinguishedName
 from pydantic import BaseModel, Field, validator
 from sds.domain.base import OBJECT_CLASS_FIELD_NAME, SdsBaseModel
-from sds.domain.constants import ChangelogCommonName, ChangeType, OrganizationalUnitNhs
+from sds.domain.constants import (
+    REPLACE_UNIQUE_IDENTIFIER,
+    ChangelogCommonName,
+    ChangeType,
+    OrganizationalUnitNhs,
+)
 
 
 class InconsistentChangelogNumber(Exception):
@@ -16,6 +21,31 @@ class ChangelogDistinguishedName(BaseModel):
     organisation: OrganizationalUnitNhs = Field(alias="o")
 
 
+def _is_replacing_unique_identifier(ldif_lines: list[str]):
+    return any(REPLACE_UNIQUE_IDENTIFIER in ldif for ldif in ldif_lines)
+
+
+def _contains_unique_identifier_line(
+    ldif_lines: list[str], unique_identifier_line: str
+):
+    """
+    If this LDIF is replacing the unique identifier, we expect the
+    'unique_identifier_line' to appear multiple times, once per replace
+    statement, and once to indicate what is being replaced.
+
+    Otherwise, it should appear once to indicate what is being
+    added/deleted/modified.
+
+    In practice we allow for bad LDIF where the same unique identifier
+    appears multiple times, since our handling of LDIF explicitly
+    deduplicates anyway - and so our conditions are ">" rather than "=="
+    """
+    n_unique_identifier_lines = ldif_lines.count(unique_identifier_line)
+    if _is_replacing_unique_identifier(ldif_lines=ldif_lines):
+        return n_unique_identifier_lines > 1
+    return n_unique_identifier_lines > 0
+
+
 class ChangelogRecord(SdsBaseModel):
     distinguished_name: ChangelogDistinguishedName
 
@@ -61,11 +91,15 @@ def changes_as_ldif(self) -> str:
             f"dn: {self.target_distinguished_name.raw}",
             f"changetype: {self.change_type}",
         ]
+        change_lines = header_lines + list(filter(bool, self.changes.split("\n")))
+
         if self.change_type is not ChangeType.ADD:
-            header_lines.append(f"{OBJECT_CLASS_FIELD_NAME}: {self.change_type}")
+            change_lines.append(f"{OBJECT_CLASS_FIELD_NAME}: {self.change_type}")
 
-        change_lines = header_lines + list(filter(bool, self.changes.split("\n")))
-        if unique_identifier_line not in map(str.lower, change_lines):
+        _lower_lines = list(map(str.lower, change_lines))
+        if not _contains_unique_identifier_line(
+            ldif_lines=_lower_lines, unique_identifier_line=unique_identifier_line
+        ):
             change_lines.append(unique_identifier_line)
 
         return "\n".join(change_lines)
diff --git a/src/layers/sds/domain/constants.py b/src/layers/sds/domain/constants.py
index 7fa48930c..106bb3857 100644
--- a/src/layers/sds/domain/constants.py
+++ b/src/layers/sds/domain/constants.py
@@ -1,19 +1,24 @@
 from enum import StrEnum, auto
 
+REPLACE_UNIQUE_IDENTIFIER = "replace: uniqueidentifier\nuniqueidentifier:"
+
+
 FILTER_TERMS = [
     ("objectClass", "nhsMHS"),
     ("objectClass", "nhsAS"),
     ("objectClass", "delete"),
+    ("objectClass", "modify"),
 ]
 
 
 class CaseInsensitiveEnum(StrEnum):
     @classmethod
     def _missing_(cls, value):
-        value = value.lower()
-        for member in cls:
-            if member == value:
-                return member
+        if isinstance(value, str):
+            value = value.lower()
+            for member in cls:
+                if member == value:
+                    return member
         return None
 
 
@@ -71,3 +76,9 @@ class OrganizationalUnitNhs(CaseInsensitiveEnum):
 
 class ChangelogCommonName(CaseInsensitiveEnum):
     CHANGELOG = auto()
+
+
+class ModificationType(CaseInsensitiveEnum):
+    ADD = auto()
+    REPLACE = auto()
+    DELETE = auto()
diff --git a/src/layers/sds/domain/nhs_accredited_system.py b/src/layers/sds/domain/nhs_accredited_system.py
index 55af14331..4349cbd5a 100644
--- a/src/layers/sds/domain/nhs_accredited_system.py
+++ b/src/layers/sds/domain/nhs_accredited_system.py
@@ -5,6 +5,8 @@
 from .base import OBJECT_CLASS_FIELD_NAME, SdsBaseModel
 from .organizational_unit import OrganizationalUnitDistinguishedName
 
+ACCREDITED_SYSTEM_KEY_FIELDS = ("nhs_as_client",)
+
 
 class NhsAccreditedSystem(SdsBaseModel):
     distinguished_name: OrganizationalUnitDistinguishedName = Field(exclude=True)
@@ -29,3 +31,7 @@ class NhsAccreditedSystem(SdsBaseModel):
     nhs_temp_uid: Optional[str] = Field(alias="nhstempuid")
     description: Optional[str] = Field(alias="description")
     nhs_as_category_bag: Optional[set[str]] = Field(alias="nhsascategorybag")
+
+    @classmethod
+    def key_fields(cls) -> tuple[str, ...]:
+        return ACCREDITED_SYSTEM_KEY_FIELDS
diff --git a/src/layers/sds/domain/nhs_mhs.py b/src/layers/sds/domain/nhs_mhs.py
index 7b76c2975..c12f8b549 100644
--- a/src/layers/sds/domain/nhs_mhs.py
+++ b/src/layers/sds/domain/nhs_mhs.py
@@ -1,3 +1,4 @@
+from dataclasses import dataclass
 from typing import ClassVar, Literal, Optional
 
 from pydantic import Field
@@ -13,6 +14,16 @@
 from .organizational_unit import OrganizationalUnitDistinguishedName
 
 
+@dataclass
+class MessageHandlingSystemKey:
+    nhs_id_code: str
+    nhs_mhs_party_key: str
+    nhs_mhs_svc_ia: str
+
+
+KEY_FIELDS = tuple(MessageHandlingSystemKey.__dataclass_fields__.keys())
+
+
 class NhsMhs(SdsBaseModel):
     distinguished_name: OrganizationalUnitDistinguishedName = Field(exclude=True)
 
@@ -56,3 +67,7 @@ class NhsMhs(SdsBaseModel):
     nhs_mhs_retries: Optional[int | Literal[""]] = Field(alias="nhsmhsretries")
     nhs_mhs_retry_interval: Optional[str] = Field(alias="nhsmhsretryinterval")
     nhs_mhs_service_description: Optional[str] = Field(alias="nhsmhsservicedescription")
+
+    @classmethod
+    def key_fields(cls) -> tuple[str, ...]:
+        return KEY_FIELDS
diff --git a/src/layers/sds/domain/parse.py b/src/layers/sds/domain/parse.py
index cb0b4c40b..1eaf9b23e 100644
--- a/src/layers/sds/domain/parse.py
+++ b/src/layers/sds/domain/parse.py
@@ -1,6 +1,7 @@
 from etl_utils.ldif.model import DistinguishedName
 from sds.domain.nhs_mhs_cp import NhsMhsCp
 from sds.domain.sds_deletion_request import SdsDeletionRequest
+from sds.domain.sds_modification_request import SdsModificationRequest
 
 from .base import OBJECT_CLASS_FIELD_NAME, SdsBaseModel
 from .nhs_accredited_system import NhsAccreditedSystem
@@ -22,6 +23,7 @@ class UnknownSdsModel(Exception):
     NhsMhs,
     NhsMhsCp,
     SdsDeletionRequest,
+    SdsModificationRequest,
 )
 
 EMPTY_SET = set()
diff --git a/src/layers/sds/domain/sds_modification_request.py b/src/layers/sds/domain/sds_modification_request.py
new file mode 100644
index 000000000..c35f4feb5
--- /dev/null
+++ b/src/layers/sds/domain/sds_modification_request.py
@@ -0,0 +1,33 @@
+from typing import ClassVar, Literal
+
+from pydantic import Field, validator
+from sds.domain.base import OBJECT_CLASS_FIELD_NAME, SdsBaseModel
+from sds.domain.constants import ModificationType
+from sds.domain.organizational_unit import OrganizationalUnitDistinguishedName
+
+
+class ImmutableFieldError(ValueError):
+    pass
+
+
+IMMUTABLE_SDS_FIELDS = {
+    "uniqueidentifier",
+}
+
+
+class SdsModificationRequest(SdsBaseModel):
+    distinguished_name: OrganizationalUnitDistinguishedName = Field(exclude=True)
+    OBJECT_CLASS: ClassVar[Literal["modify"]] = "modify"
+    object_class: str = Field(alias=OBJECT_CLASS_FIELD_NAME)
+    unique_identifier: str = Field(alias="uniqueidentifier")
+
+    modifications: list[tuple[ModificationType, str, set[str]]]
+
+    @validator("modifications")
+    def validate_immutable_fields(
+        modifications: list[tuple[ModificationType, str, any]]
+    ):
+        for _, field, _ in modifications:
+            if field in IMMUTABLE_SDS_FIELDS:
+                raise ImmutableFieldError(field)
+        return modifications
diff --git a/src/layers/sds/domain/tests/test_base.py b/src/layers/sds/domain/tests/test_base.py
index 3bd07f32b..874672e59 100644
--- a/src/layers/sds/domain/tests/test_base.py
+++ b/src/layers/sds/domain/tests/test_base.py
@@ -1,13 +1,19 @@
-from typing import ClassVar, Literal
+from contextlib import nullcontext as does_not_raise
+from typing import ClassVar, Literal, Optional
 
 import pytest
 from etl_utils.ldif.model import DistinguishedName
-from pydantic import Field, ValidationError
+from pydantic import BaseModel, Field, ValidationError
 from sds.domain.base import (
     OBJECT_CLASS_FIELD_NAME,
+    AliasLookupError,
     SdsBaseModel,
     _field_is_a_set,
+    _force_optional,
     _generate_distinguished_name,
+    _get_alias_for_field_name,
+    _get_field_name_for_alias,
+    _parse_and_validate_field,
     _strip_excluded_values_from_object_class,
     _unpack_sets,
     _validate_object_class,
@@ -67,6 +73,11 @@ def test__generate_distinguished_name():
     }
 
 
+def test__generate_distinguished_name_when_not_provided():
+    _values = _generate_distinguished_name(cls=None, values={"foo": "bar"})
+    assert _values == {"foo": "bar"}
+
+
 @pytest.mark.parametrize("object_class", ("foo", "FOO", "FoO"))
 def test__validate_object_class(object_class):
     class MyModel(SdsBaseModel):
@@ -106,3 +117,83 @@ class MyModel(SdsBaseModel):
     with pytest.raises(ValidationError) as exc:
         MyModel(_distinguished_name=None, extra_field="not allowed")
     assert "extra fields not permitted" in exc.value.json()
+
+
+class MyAliasModel(BaseModel):
+    foo: str = Field(alias="bar")
+
+
+@pytest.mark.parametrize(
+    ["function", "input_string", "expected_output", "raises"],
+    [
+        (_get_field_name_for_alias, "bar", "foo", does_not_raise()),
+        (_get_alias_for_field_name, "foo", "bar", does_not_raise()),
+        (_get_field_name_for_alias, "foo", None, pytest.raises(AliasLookupError)),
+        (_get_alias_for_field_name, "bar", None, pytest.raises(AliasLookupError)),
+    ],
+)
+def test_get_field_name_for_alias(function, input_string, expected_output, raises):
+    with raises:
+        assert function(MyAliasModel, input_string) == expected_output
+
+
+def test_force_optional():
+    MyOptionalAliasModel = _force_optional(MyAliasModel)
+    assert MyOptionalAliasModel is not MyAliasModel
+    assert MyOptionalAliasModel.__fields__.keys() == MyAliasModel.__fields__.keys()
+    with does_not_raise():
+        MyOptionalAliasModel(bar=123)  # alias still works
+        MyOptionalAliasModel()  # allowed to skip mandatory fields
+    with pytest.raises(ValidationError):
+        MyOptionalAliasModel(bar={})  # validation still works
+
+
+@pytest.mark.parametrize(
+    ["field", "value", "raises"],
+    [
+        ("my_field", "hi", does_not_raise()),
+        ("myField", None, pytest.raises(AliasLookupError)),
+        ("my_field", {}, pytest.raises(ValidationError)),
+    ],
+)
+def test__parse_and_validate_field(field, value, raises):
+    class MyModel(SdsBaseModel):
+        my_field: str = Field(alias="myField")
+        other_field: str
+
+    with raises:
+        _parse_and_validate_field(MyModel, field=field, value=value)
+
+
+@pytest.mark.parametrize(
+    ["field", "is_mandatory"],
+    [
+        ("my_field", True),
+        ("other_field", False),
+    ],
+)
+def test__parse_and_validate_field(field, is_mandatory):
+    class MyModel(SdsBaseModel):
+        my_field: str = Field(alias="myField")
+        other_field: Optional[str]
+
+    assert MyModel.is_mandatory_field(field) is is_mandatory
+
+
+@pytest.mark.parametrize(
+    ["field", "is_key_field"],
+    [
+        ("my_field", True),
+        ("other_field", False),
+    ],
+)
+def test_key_fields(field, is_key_field):
+    class MyModel(SdsBaseModel):
+        my_field: str = Field(alias="myField")
+        other_field: Optional[str]
+
+        @classmethod
+        def key_fields(cls) -> tuple[str, ...]:
+            return ("my_field",)
+
+    assert MyModel.is_key_field(field) is is_key_field
diff --git a/src/layers/sds/domain/tests/test_constants.py b/src/layers/sds/domain/tests/test_constants.py
new file mode 100644
index 000000000..44d221452
--- /dev/null
+++ b/src/layers/sds/domain/tests/test_constants.py
@@ -0,0 +1,27 @@
+from enum import auto
+
+import pytest
+from sds.domain.constants import CaseInsensitiveEnum
+
+
+def test_CaseInsensitiveEnum():
+    class MyType(CaseInsensitiveEnum):
+        FOO = auto()
+        BAR = auto()
+
+    assert MyType("FOO") == MyType.FOO
+    assert MyType("foO") == MyType.FOO
+    assert MyType("foo") == MyType.FOO
+
+
+def test_CaseInsensitiveEnum_not_a_string():
+    class MyType(CaseInsensitiveEnum):
+        ...
+
+    with pytest.raises(ValueError) as error:
+        MyType(123)
+
+    assert (
+        str(error.value)
+        == "123 is not a valid test_CaseInsensitiveEnum_not_a_string.<locals>.MyType"
+    )
diff --git a/src/layers/sds/domain/tests/test_sds_modification_request.py b/src/layers/sds/domain/tests/test_sds_modification_request.py
new file mode 100644
index 000000000..b0d073c87
--- /dev/null
+++ b/src/layers/sds/domain/tests/test_sds_modification_request.py
@@ -0,0 +1,32 @@
+from contextlib import nullcontext as does_not_raise
+
+import pytest
+from pydantic import ValidationError
+from sds.domain.organizational_unit import OrganizationalUnitDistinguishedName
+from sds.domain.sds_modification_request import SdsModificationRequest
+
+
+@pytest.mark.parametrize(
+    ["field_name", "raises"],
+    (
+        [
+            "uniqueidentifier",
+            pytest.raises(ValidationError),
+        ],
+        [
+            "foo",
+            does_not_raise(),
+        ],
+    ),
+)
+def test_immutable_field_error(field_name, raises):
+    with raises:
+        SdsModificationRequest(
+            distinguished_name=OrganizationalUnitDistinguishedName(
+                ou="services", o="nhs", uniqueidentifier=""
+            ),
+            objectclass={"modify"},
+            changetype={"add"},
+            uniqueidentifier={"123"},
+            modifications=[("add", field_name, {"a", "b"})],
+        )