An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment. Which of the following would have BEST prevented the update access from being migrated?
An IS auditor finds that a recently deployed application has a number of developers with inappropriate update access left over from the testing environment. Which of the following would have BEST prevented the update access from being migrated?
Including a step within the SDLC to clean-up access prior to go-live would have best prevented the issue. This step ensures that any inappropriate access given to developers or testers in earlier phases is properly cleaned up before the application goes live. This proactive approach addresses the root cause by integrating security into the development lifecycle and prevents such issues from being carried into production.
A. Including a step within the SDLC to clean-up access prior to go-live
A. Including a step within the SDLC to clean-up access prior to go-live