An IS audit had identified that default passwords for a newly implemented application were not changed. During the follow-up audit, which of the following would provide the BEST evidence that the finding was effectively addressed?
A. Written confirmation from management that the passwords were changed
B. Screenshots of system parameters requiring password changes on next login
C. Application log files that record the password changes
D. System-generated emails requiring application users to change passwords
A. Written confirmation from management that the passwords were changed
B. Screenshots of system parameters requiring password changes on next login
C. Application log files that record the password changes
D. System-generated emails requiring application users to change passwords