The internal audit group discovered that unauthorized users are making unapproved changes to various
system configuration settings. This issue occurs when previously authorized users transfer from one
department to another and maintain the same credentials. Which of the following controls can be
implemented to prevent such unauthorized changes in the future?
A.
Periodic access review
B.
Group based privileges
C.
Least privilege
D.
Account lockout