A recent audit has revealed that several users have retained permissions to systems they should no
longer have rights to after being promoted or changed job positions. Which of the following controls
would BEST mitigate this issue?

A.
Separation of duties

B.
User account reviews

C.
Group based privileges

D.
Acceptable use policies