Which control would best resolve unauthorized system data changes while maintaining business operations?

The optimal choice for addressing unauthorized system data changes while ensuring that business operations continue smoothly is a formal exception process. This approach allows organizations to handle instances where standard protocols may not cover every scenario, enabling necessary adjustments without completely disrupting business activities.

A formal exception process can define clear guidelines for when deviations from standard data controls are warranted, allowing personnel to adjust data as needed while maintaining oversight and accountability. This ensures that activities are tracked and authorized in a controlled manner, minimizing the risk of unauthorized changes while supporting operational efficiency.

In contrast to this, redesigning controls related to data authorization may involve significant time and resource investment, which could lead to operational bottlenecks. Similarly, implementing additional segregation of duties can enhance security but may complicate workflows and create potential delays in operations. Lastly, adding logging controls, while crucial for monitoring and detecting changes, does not actively prevent unauthorized modifications, making it less effective in resolving the fundamental issue of unauthorized changes.

Therefore, a well-structured exception process strikes a balance between flexibility and oversight, which is essential for maintaining business continuity alongside robust data integrity measures.