CISA Certified Information Systems Auditor – Question1092

In an IT organization where many responsibilities are shared, which of the following would be the BEST control for detecting unauthorized data changes?

A.
Data changes are independently reviewed by another group.
B. Users are required to periodically rotate responsibilities.
C. Segregation of duties conflicts are periodically reviewed.
D. Data changes are logged in an outside application.

Correct Answer: D