An organization-s internal auditor discovers that large sums of money have recently been paid to a vendor that management does not recognize. The IT security department is asked to investigate the organizations the organization-s ERP system to determine how the accounts payable module has been used to make these vendor payments.

The IT security department finds the following security configuration for the accounts payable module:

New Vendor Entry – Required Role: Accounts Payable Clerk

New Vendor Approval – Required Role: Accounts Payable Clerk

Vendor Payment Entry – Required Role: Accounts Payable Clerk

Vendor Payment Approval – Required Role: Accounts Payable Manager

Which of the following changes to the security configuration of the accounts payable module would BEST mitigate the risk?

A.



B.



C.



D.



A. Option A

B. Option B

C. Option C

D. Option D