CISA Certified Information Systems Auditor – Question2015

During a review of information security procedures for disabling user accounts, an IS auditor discovers that IT is only disabling network access for terminated employees. IT management maintains if terminated users cannot access the network, they will not be able to access any applications. Which of the following is the GREATEST risk associated with application access?

A.
Unauthorized access to data
B. Inability to access data
C. Lack of segregation of duties
D. Loss of non-repudiation

Correct Answer: D