A development team has designed a new application and incorporated best practices for secure coding. Prior to launch, which of the following is the IS auditor’s BEST recommendation to mitigate the associated security risk?

A. User acceptance testing
B. Unit testing
C. Integration testing
D. Penetration testing