The Chief Information Security Officer (CISO) suspects that a database administrator has been tampering with financial data to the administrator’s advantage.
Which of the following would allow a third-party consultant to conduct an on-site review of the administrator’s activity?
A. Separation of duties
B. Job rotation
C. Continuous monitoring
D. Mandatory vacation
Correct Answer: C