GREATEST Assurance for Approved Systems Development Releases

C.

The correct answer to the question is C. Testing whether a sample of releases in production migration logs have corresponding approvals provides the greatest assurance that only approved systems development releases have been implemented in the production environment.

Explanation: In an organization's systems development life cycle, it is crucial to ensure that only approved releases are migrated to the production environment. This is done to ensure that the organization's systems and data are not exposed to unauthorized changes or errors that can lead to security breaches or operational failures.

A. Testing whether a sample of approved developments have releases in production migration logs is not the best approach to ensure that only approved releases are implemented. This is because it assumes that all approved developments are implemented, which may not be the case.

B. Testing whether a sample of developments in the systems development register have documented approvals may not provide the best assurance as it does not validate if the approved development release is migrated to the production environment or not.

C. Testing whether a sample of releases in production migration logs have corresponding approvals provides the greatest assurance as it validates that only approved releases are implemented in the production environment.

D. Testing whether a sample of releases followed the organization's segregation of duties access does not provide assurance that only approved releases have been implemented. It only validates that access controls are in place to prevent unauthorized changes.

In summary, option C provides the greatest assurance as it validates that only approved releases are implemented in the production environment.