To determine if unauthorized changes have been made to production code the BEST audit procedure is to:

To determine if unauthorized changes have been made to production code the BEST audit procedure is to:

To determine if unauthorized changes have been made to production code the BEST audit procedure is to:

A.
examine the change control system records and trace them forward to object code files.

B.
review access control permissions operating within the production program libraries.

C.
examine object code to find instances of changes and trace them back to change control records.

D.
review change approved designations established within the change control system.

Explanation:
The procedure of examining object code files to establish instances of code changes and tracing these back to change control system records is a substantive test that directly addresses the risk of unauthorized code changes. The other choices are valid procedures to apply in a change control audit but they do not directly address the risk of unauthorized code changes.



Leave a Reply 0

Your email address will not be published. Required fields are marked *