Certified Information Systems Security Professional – CISSP – Question064

In a change-controlled environment, which of the following is MOST likely to lead to unauthorized changes to production programs?

A.
Modifying source code without approval
B. Promoting programs to production without approval
C. Developers checking out source code without approval
D. Developers using Rapid Application Development (RAD) methodologies without approval

Correct Answer: B