Reviewing and testing script in a dedicated test environment is correct because it prevents the unintentional introduction of malware, bugs, accidental deletions, etc. onto live or production systems. Scripts should be thoroughly tested in an environment isolated from production to ensure they do not contain malicious code or unintended errors that could compromise system security or reliability. The other options are good ideas, but any time changes are introduced the code or application would need to be re-tested again. The final step before deploying to a production or live environment should be the testing/quality assurance stage in a dedicated non-production environment.