Certified Information Systems Auditor (CISA) — Question 188

Which of the following access rights presents the GREATEST risk when granted to a new member of the system development staff?

Answer options

• A. Write access to production program libraries
• B. Execute access to development program libraries
• C. Write access to development data libraries
• D. Execute access to production program libraries

Correct answer: A

Explanation

Granting write access to production program libraries allows a new staff member to alter live code, which can lead to significant operational issues or security vulnerabilities. In contrast, execute access to libraries, whether in development or production, does not allow for modifications, thereby posing a lesser risk. Write access to development environments is also less critical since those changes do not impact live systems directly.