Certified Information Systems Auditor (CISA) — Question 372

Which of the following concerns is BEST addressed by securing production source libraries?

Answer options

• A. Changes are applied to the wrong version of production source libraries.
• B. Programs are not approved before production source libraries are updated.
• C. Unauthorized changes can be moved into production.
• D. Production source and object libraries may not be synchronized

Correct answer: C

Explanation

The correct answer, C, highlights the risk of unauthorized changes being introduced to production, which can lead to significant security vulnerabilities. Options A and B focus on version control and approval processes, which are important but do not directly relate to the act of securing libraries. Option D refers to synchronization issues, which, while relevant, do not address the unauthorized changes aspect.