Which of the following would be considered the BEST compensating control to use when an emergency process, rather than the established control procedures, is used for database changes?
A. Using an emergency user account with the access to make changes to the database
B. Using the administrator’s own account to make out-of-hours changes
C. Logging detailed before-and-after images for later review by the administrator
D. Logging user’s ID and change details for later review by the administrator
A. Using an emergency user account with the access to make changes to the database
B. Using the administrator’s own account to make out-of-hours changes
C. Logging detailed before-and-after images for later review by the administrator
D. Logging user’s ID and change details for later review by the administrator