In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:
In a small IT web development company where developers must have write access to production, the BEST recommendation of an IS auditor would be to:
In a small IT web development company where developers must have write access to production, the best recommendation of an IS auditor would be to remove production access from the developers. This principle of separation of duties is a fundamental security control aimed at reducing the risk of unauthorized or erroneous changes to the production environment. By ensuring that developers do not have direct access to production, the risk of accidental or malicious changes is minimized, and the integrity of the production environment is better maintained.
D. remove production access from the developers.
Continuous monitoring provides a proactive and ongoing mechanism to monitor and safeguard production environments against security threats and unauthorized activities. It complements other security measures and helps ensure the integrity and security of production systems in a dynamic development environment. Therefore, it can be considered the BEST recommendation by an IS auditor in this scenario.
C is the answer
C is answer.