Certified Information Systems Auditor (CISA) — Question 757

An IS auditor is reviewing the system development practices of an organization that is about to move from a waterfall to an agile approach. Which of the following is MOST important for the auditor to focus on as a result of this move?

Answer options

• A. Capacity planning
• B. Code versioning
• C. Secure code review
• D. Release management

Correct answer: D

Explanation

Release management is crucial in Agile as it involves frequent and iterative releases, making it important for the auditor to ensure that the process is well-defined and controlled. While capacity planning, code versioning, and secure code review are important, they are not as critical to the immediate transition to Agile as effective release management.