A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the
contents of a confidential database, as well as other managerial permissions. On Monday morning, the
database administrator reported that log files indicated that several records were missing from the database
Which of the following risk mitigation strategies should have been implemented when the supervisor was
demoted?
A.
Incident management
B.
Routine auditing
C.
IT governance
D.
Monthly user rights reviews