Which audit technique is most effective for determining unauthorized program changes since the last authorized update?

The most effective audit technique for determining unauthorized program changes since the last authorized update is automated code comparison. This method involves using software tools to compare current versions of code against established baselines, which include the last authorized version. By automating this comparison, auditors can quickly identify discrepancies that may indicate unauthorized changes. This technique is efficient and precise, allowing for thorough examinations that manual methods might miss.

Automated code comparison is particularly beneficial because it can handle large volumes of code and reveal subtle changes that may otherwise go unnoticed. Additionally, it minimizes human error and provides a clear audit trail, making it easier to ascertain when unauthorized modifications occurred and what specific changes were made.

In this context, other techniques like test data runs, code reviews, or reviews of code migration procedures serve different purposes. They may help in testing functionality, assessing security vulnerabilities, or ensuring proper procedural adherence, but they do not specifically target discrepancies between authorized and unauthorized versions of code as effectively as automated code comparison does.