The correct answer is D, Change approvals are not formally documented. When performing a post-implementation review for a major system upgrade, the greatest concern for an IS auditor should be whether change approvals are formally documented. This is because formal documentation of change approvals is an important control measure that helps to ensure that changes to systems and applications are authorized and properly controlled. If change approvals are not formally documented, there is a risk that unauthorized changes may be made to the system, which could compromise the system's integrity and security.

In this context, while undocumented change approvals (Option D) are a serious concern, the direct involvement of developers in promoting changes to production (Option A) can pose a more immediate risk to the integrity and security of the system, especially in a major system upgrade where numerous and potentially significant changes are being made. This approach can undermine the control environment and increase the risk of errors or unauthorized alterations to the system.

The greatest concern for an IS auditor performing a post-implementation review for a major system upgrade is that object code can be accessed by the development group. Object code represents the compiled form of the source code, and it contains the machine-readable instructions that the computer can execute. Allowing the development group to access object code in a production environment poses a significant security risk. It could lead to unauthorized changes, debugging, or exploitation of vulnerabilities, potentially compromising the integrity and security of the system.

D. Change approvals are not formally documented. This is because the lack of formal documentation for change approvals can lead to a higher risk of unauthorized or untested changes being introduced into the production environment, potentially causing significant issues and security vulnerabilities. While the other options (A, B, and C) are also important considerations, the absence of formal change approval documentation can have broader and more immediate consequences for the system’s integrity and security.

Allowing changes to be promoted directly to production by the development group poses a higher risk to the stability and security of the production environment, as it bypasses many of the controls and safeguards that should be in place to manage changes effectively.

Auditor will look first Change Approval, if it is signed then he look who is executing the job. Here change approval is not signed , so correct answer will be D

Correct Answer is C: "Object code can be accessed by the development group," should be the greatest concern for an IS auditor performing a post-implementation review for a major system upgrade. Object code contains the machine-readable version of the software and includes the actual instructions that the computer executes to perform a particular task. Object code is not meant to be easily readable or modifiable by developers. However, if the development group has access to the object code, they could potentially modify the code and introduce errors or vulnerabilities, which could impact the security, functionality, or stability of the system. It is important to restrict access to object code to authorized personnel only and ensure that appropriate change management procedures are in place to manage changes to the code.

Answer is A.