Which choice below best describes the function of change control?
A.
To assign parts of security-sensitive tasks to more than one individual
B.
To ensure that system changes are implemented in an orderly manner
C.
To guarantee that an operator is only given the privileges needed for the task
D.
To guarantee that transaction records are retained IAW compliance requirements
Explanation:
The correct answer is “To ensure that system changes are implemented in an orderly manner”.
Answer “To guarantee that an operator is only given the privileges needed for the task” describes
least privilege. Answer “To guarantee that transaction records are retained IAW compliance
requirements” describes record retention. Answer “To assign parts of security-sensitive tasks to
more than one individual” describes separation on duties.