Exam CISA topic 1 question 808 discussion

While approval from user management may also be necessary, especially if the change affects end-users or business processes, IS management approval generally takes precedence in terms of technical implications and risk management.

Changes to the system without the approval of the users of the production environment should be discouraged because of the significant business impact.

C. User management represents the stakeholders who will be directly impacted by the change, and their approval ensures that the change aligns with business & user requirements.

The MOST important approval required for implementing a program change in a production environment can vary depending on the organization's policies and procedures. However, in many cases, the most critical approval would typically come from: D. IS management (Information Systems management) IS management is responsible for overseeing the entire information systems environment, including production systems. They have a comprehensive view of the organization's IT infrastructure, resources, and potential risks. Approvals from IS management are often necessary to ensure that changes are aligned with the organization's IT strategy, security policies, and operational requirements. While approvals from other parties like the security administrator, project manager, and user management may also be necessary depending on the specific change and its impact, IS management often has the ultimate responsibility for ensuring that changes are in line with the organization's overarching IT goals and that they do not pose unnecessary risks to the production environment.

isnt it c?