CISA Certified Information Systems Auditor – Question2930 - CISA Certified Information Systems Auditor

An IS auditor performing an application maintenance audit would review the log of program changes for the:

A. authorization of program changes.
B. creation date of a current object module.
C. number of program changes actually made.
D. creation date of a current source program.

Correct Answer: A

Explanation:

Explanation:
The manual log will most likely contain information on authorized changes to a program. Deliberate, unauthorized changes will not be documented by the responsible party. An automated log, found usually in library management products, and not a changelog would most likely contain date information for the source and executable modules.