Directive controls are a form of change management policy and procedures. Which of the following subsections are recommended as part of the change management process?
Build and test is a subsection that is recommended as part of the change management process. Change management is a process that ensures that any changes to the organization’s information systems and assets are controlled, documented, and approved, and that they do not adversely affect the security and the performance of the systems and the assets. Change management is based on the principles of directive controls, which are the policies and the procedures that guide and regulate the change management process. One of the subsections of the change management process is build and test, which involves developing and verifying the proposed changes before implementing them in the production environment. Build and test can help ensure that the changes are consistent with the design specifications, that they meet the security and the functional requirements, and that they do not introduce any errors, flaws, or vulnerabilities. Build and test can also help evaluate the impact and the benefits of the changes, and identify and resolve any issues or conflicts that may arise during the change process. References: CISSP All-in-One Exam Guide, Eighth Edition, Chapter 8: Software Development Security, page 467. Free daily CISSP practice questions, Question
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit