In the the most recent investment bank I worked at, no single person had the authority to make a change to a production system without multiple approvals, and a change would have to have a fellow technician verify the install and fallback process, there had to be documentation showing a test of the change as well as the implementation and fallback process on a staging system. If it was an emergency change that had implications to a live system with user impact, there would be 15 - 20 people dialed into a call and online to the system, observing every part of the change. Every user who would be impacted would have to be aware, and their C-level management would have to sign off on the change. And just getting the access to implement a one-time change required CIO approval.

But that's people's money. It's not just *actual lives at stake-*level stuff.