A company requires that all program change requests (PCRs) be approved and all modifications be automatically logged. Which of the following IS audit procedures will BEST determine whether unauthorized changes have been made to production programs? 

Answer options:

A. Review a sample of PCRs for proper approval throughout the program change process.
B. Trace a sample of program changes from the log to completed PCR forms.
C. Use source code comparison software to determine whether any changes have been made to a sample of programs since the last audit date.
D. Trace a sample of complete PCR forms to the log of all program changes.

C