CRISC · Question #336
CRISC Question #336: Real Exam Question with Answer & Explanation
The correct answer is A: Implementing an emergency change authorization process. The best control for an organization that allows programmers to change production systems in emergency situations is to implement an emergency change authorization process.
Question
An organization allows programmers to change production systems in emergency situations. Which of the following is the BEST control?
Options
- AImplementing an emergency change authorization process
- BPeriodically reviewing operator logs
- CLimiting the number of super users
- DReviewing the programmers' emergency change reports
Explanation
The best control for an organization that allows programmers to change production systems in emergency situations is to implement an emergency change authorization process.
Common mistakes.
- B. Periodically reviewing operator logs is a detective control that identifies issues after they have occurred, not a proactive control to ensure proper authorization and control over emergency changes.
- C. Limiting the number of super users is a good general security practice for least privilege, but it does not specify the control mechanism for how those permitted super users make emergency changes.
- D. Reviewing programmers' emergency change reports is a detective control, similar to log review, providing oversight after the fact rather than upfront control and authorization for emergency changes.
Concept tested. Emergency change management control
Reference. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r5.pdf
Topics
Community Discussion
No community discussion yet for this question.