To audit changes to security roles, which action is recommended?

• A. Delete role change history after audit
• B. Review role change history in the security administration logs and require approval for changes
• C. Disable logging of role changes
• D. Create new roles without approvals

Answer: (B)

Maintaining an auditable trail of security role changes is essential in governance and security. Security roles control access, so when they change you need to know who requested the change, what was changed, and when it happened. The best practice is to review the role change history in the security administration logs and require approval for changes. This approach creates accountability and oversight: the logs provide a clear record for investigators and auditors, and the approval step helps ensure changes are inspected for correctness and legitimacy before they take effect. Regular review and mandatory approvals also deter unauthorized or risky modifications and support compliance with security policies. Deleting change history, disabling logging, or creating new roles without approvals all undermine governance and weaken the ability to detect and respond to inappropriate changes.