Software developers at a company routinely make changes to production systems they maintain based on code
deliveries that are only peer reviewed and are not rigorously tested by the test engineering group. These
changes frequently result in a loss of service.
Which of the following risk migration controls or strategies should be implemented to prevent these ad hoc
changes from occurring in the future?
User rights reviews