An auditor is reviewing the 'Change Management' logs and notices a change labeled 'Standard Change'. How does a Standard Change typically differ from a Normal Change?

Answer options:

It is a high-risk change requiring board approval.

It is an emergency fix applied without testing.

It is a low-risk, pre-authorized change that follows a documented procedure.

It is a change to the physical building.

How to approach this question

Standard = Routine, Pre-approved. Normal = Needs CAB approval. Emergency = Fix it now.

Full Answer

C.It is a low-risk, pre-authorized change that follows a documented procedure.✓ Correct

It is a low-risk, pre-authorized change that follows a documented procedure.

Standard changes are low-risk, frequently occurring changes (like patching a server or resetting a password) that are pre-authorized and follow a standard operating procedure.

Common mistakes

Confusing Standard and Normal changes.

Question 52 All questions Question 54

Practice the full CPA ISC Practice Exam 4

82 questions · hints · full answers · grading

More questions from this exam

Q01A CPA is advising a client who is migrating their legacy on-premise ERP system to a cloud environ...Hard Q02An auditor is reviewing the Service Level Agreement (SLA) for a client using a public cloud provi...Hard Q03A company uses an Infrastructure as a Service (IaaS) model. During an IT audit, the auditor disco...Hard Q04An organization is implementing the COSO Enterprise Risk Management (ERM) framework to govern its...Hard Q05During a walkthrough of an order-to-cash process, the auditor observes that the sales manager can...Hard

View all 82 questions →