Change Control refers to which of the following?

Change control is a formal process that governs modifications to systems and software. It involves reviewing the proposed change for potential impact, testing it in a controlled environment, obtaining approvals from the right people, and documenting the change before it is deployed. This helps protect system availability and security, ensures accountability, and provides a clear rollback path if issues arise. The other options describe policies or activities that don’t manage changes to production environments: a monthly password-change policy is about access management, secure coding guidelines relate to development practices, and incident response training focuses on reacting to incidents rather than controlling changes.