hiexam
isaca · CISA · Q427 · multiple_choice · topic_1

Which of the following should be the GREATEST concern for an IS auditor performing a post-implementation review for a m…

Which of the following should be the GREATEST concern for an IS auditor performing a post-implementation review for a major system upgrade?
  • A.Changes are promoted to production by the development group.
  • B.Developers have access to the testing environment.
  • C.Object code can be accessed by the development group.
  • D.Change approvals are not formally documented.
Explanation
Selected Answer: D The correct answer is D, Change approvals are not formally documented. When performing a post-implementation review for a major system upgrade, the greatest concern for an IS auditor should be whether change approvals are formally documented. This is because formal documentation of change approvals is an important control measure that helps to ensure that changes to systems and applications are authorized and properly controlled. If change approvals are not formally documented, there is a risk that unauthorized changes may be made to the system, which could compromise the system's integrity and security.

Reference: examtopics_top_comment

Practice with progress tracking

Sign in to track wrong answers, get spaced-repetition reminders, and run timed exam mode.

Start tracked practicePricing