diff --git a/scripts/changelog_check.rb b/scripts/changelog_check.rb
index df7cc6f5f88..812901306d5 100755
--- a/scripts/changelog_check.rb
+++ b/scripts/changelog_check.rb
@@ -134,7 +134,7 @@ def generate_changelog(git_log)
 
     changelog_entry = ChangelogEntry.new(
       category: category,
-      subcategory: change[:subcategory].capitalize,
+      subcategory: change[:subcategory],
       pr_number: pr_number&.named_captures&.fetch('pr'),
       change: change[:change].sub(/./, &:upcase),
     )
@@ -150,13 +150,14 @@ def generate_changelog(git_log)
 # Entries with the same category and change are grouped into one changelog line so that we can
 # support multi-PR changes.
 def format_changelog(changelog_entries)
-  changelog_entries = changelog_entries.group_by { |entry| [entry.category, entry.change] }
+  changelog_entries = changelog_entries.
+    sort_by(&:subcategory).
+    group_by { |entry| [entry.category, entry.change] }
 
   changelog = ''
   CATEGORIES.each do |category|
     category_changes = changelog_entries.
-      filter { |(changelog_category, _change), _changes| changelog_category == category }.
-      sort_by { |(_category, change), _changes| change }
+      filter { |(changelog_category, _change), _changes| changelog_category == category }
 
     next if category_changes.empty?
     changelog.concat("## #{category}\n")
diff --git a/spec/scripts/changelog_check_spec.rb b/spec/scripts/changelog_check_spec.rb
index de30504decb..81dac6be249 100644
--- a/spec/scripts/changelog_check_spec.rb
+++ b/spec/scripts/changelog_check_spec.rb
@@ -86,23 +86,21 @@
         - Security: Upgrade Rails to patch vulnerability ([#6041](https://github.com/18F/identity-idp/pull/6041), [#6042](https://github.com/18F/identity-idp/pull/6042))
       CHANGELOG
     end
-  end
-
-  describe '#generate_changelog' do
-    it 'capitalizes subcategory and capitalizes first letter of change description' do
-      git_log = <<~COMMIT
-        title: Add LOGIN_TASK_LOG_LEVEL env var (#6037)
-        body:- Lets us set log level to minimize STDOUT output
-          from Identity::Hostdata (downloading files from S3, etc)
-
-        * changelog: Improvements, authentication, provide better authentication (LG-4515)
-        DELIMITER
-      COMMIT
 
+    it 'sorts changelog by subcategory' do
+      commits = [
+        git_fixtures['squashed_commit_with_one_commit'],
+        git_fixtures['squashed_commit_2'],
+      ]
+      git_log = commits.pluck('commit_log').join("\n")
       changelogs = generate_changelog(git_log)
+      formatted_changelog = format_changelog(changelogs)
 
-      expect(changelogs.first.subcategory).to eq('Authentication')
-      expect(changelogs.first.change).to start_with('P')
+      expect(formatted_changelog).to eq <<~CHANGELOG.chomp
+        ## Internal
+        - Logging: Update logging flow ([#9999](https://github.com/18F/identity-idp/pull/9999))
+        - Security: Upgrade Rails to patch vulnerability ([#6041](https://github.com/18F/identity-idp/pull/6041))
+      CHANGELOG
     end
   end