CISA Certified Information Systems Auditor – Question0208

Which of the following should be of GREATEST concern to an IS auditor reviewing the controls for a continuous software release process?

A.
Release documentation is not updated to reflect successful deployment.
B. Test libraries have not been reviewed in over six months.
C. Developers are able to approve their own releases.
D. Testing documentation is not attached to production releases.

Correct Answer: C