Certified Information Systems Auditor (CISA) — Question 571

Which of the following provides the MOST assurance that new information systems are ready for migration to the production environment?

Answer options

• A. Approval by the change advisory board
• B. Results of end user acceptance testing (UAT)
• C. Results of penetration testing performed by the development team
• D. System quality assurance (QA) performed by an in-house team

Correct answer: B

Explanation

The correct answer is B because end user acceptance testing (UAT) directly involves the actual users validating that the system meets their needs before it goes live. While A, C, and D are important processes, they do not provide the same level of assurance regarding user satisfaction and readiness for production as UAT does.