The security administrator is currently unaware of an incident that occurred a week ago. Which of the following
will ensure the administrator is notified in a timely manner in the future?

A.
User permissions reviews

B.
Incident response team

C.
Change management

D.
Routine auditing

Explanation:
Routine audits are carried out after you have implemented security controls based on risk. These audits include
aspects such as user rights and permissions and specific events.