After a merger,
it was determined that several individuals could perform the tasks of a network administrator in the merged organization. Which of the following should have been performed to ensure that employees have proper access?
A. Time-of-day restrictions
B. Change
management
C. Periodic auditing of user credentials
D. User rights and permission review