The internal audit group discovered that unauthorized users are making unapproved changes to
various system configuration settings. This issue occurs when previously authorized users transfer
from one department to another and maintain the same credentials. Which of the following
controls can be implemented to prevent such unauthorized changes in the future?
A.
Periodic access review
B.
Group based privileges
C.
Least privilege
D.
Account lockout