After a merger, it was determined that several individuals could perform the tasks of a network
administrator in the merged organization. Which of the following should have been performed to ensure
that employees have proper access?

A.
Time-of-day restrictions

B.
Change management

C.
Periodic auditing of user credentials

D.
User rights and permission review