nerdexam
(ISC)2

CISSP · Question #1493

What is the PRIMARY reason for implementing change management?

The correct answer is D. Ensure accountability for changes to the environment. Ensuring accountability for changes to the environment is the primary reason for implementing change management. Change management is a process that ensures that any changes to the system or network environment, such as the hardware, software, configuration, or documentation, are

Submitted by kwame.gh· Mar 5, 2026Security and Risk Management

Question

What is the PRIMARY reason for implementing change management?

Options

  • ACertify and approve releases to the environment
  • BProvide version rollbacks for system changes
  • CEnsure that all applications are approved
  • DEnsure accountability for changes to the environment

How the community answered

(38 responses)
  • A
    3% (1)
  • B
    3% (1)
  • C
    5% (2)
  • D
    89% (34)

Explanation

Ensuring accountability for changes to the environment is the primary reason for implementing change management. Change management is a process that ensures that any changes to the system or network environment, such as the hardware, software, configuration, or documentation, are planned, approved, implemented, and documented in a controlled and consistent manner. Change management can provide several benefits, such as: Improving the security and reliability of the system or network environment by preventing or reducing the errors, conflicts, or disruptions that might occur due to the changes Enhancing the performance and efficiency of the system or network environment by optimizing the resources and functions Increasing the compliance and alignment of the system or network environment with the internal or external requirements and standards Facilitating the monitoring and improvement of the system or network environment by tracking and logging the changes and their outcomes Ensuring accountability for changes to the environment is the primary reason for implementing change management, because it can ensure that the changes are authorized, justified, and traceable, and that the parties involved in the changes are responsible and accountable for their actions and results. Accountability can also help to deter or detect any unauthorized or malicious changes that might compromise the system or network environment.

Topics

#Change management#Accountability#IT governance#Risk control

Community Discussion

No community discussion yet for this question.

Full CISSP Practice