How do you identify the requirements for any Information System changes? What are the last minutes problem that could happen? How do you plan for these problems?
What access controls are required for any Information System? Why are these controls needed? How do you prevent any unauthorized access?