Certified Information Systems Auditor (CISA) — Question 970

Which of the following should be responsible for verifying changes to an application are authorized?

Answer options

• A. Project oversight board
• B. Business line management
• C. Release management team
• D. Steering committee

Correct answer: C

Explanation

The Release management team is specifically responsible for overseeing the deployment of changes and ensuring that these changes are authorized. The other options, while they may have roles in project governance or management, do not directly handle the verification of application changes.