CISM Certified Information Security Manager – Question0867

Which of the following metrics is the BEST indicator of an abuse of the change management process that could compromise information security?

A.
Small number of change request
B. Large percentage decrease in monthly change requests
C. Percentage of changes that include post-approval supplemental add-ons
D. High ratio of lines of code changed to total lines of code

Correct Answer: B