CISA Certified Information Systems Auditor – Question1973

In an organization that has a staff-rotation policy, the MOST appropriate access control model is:

A.
role based.
B. discretionary.
C. mandatory.
D. lattice based.

Correct Answer: A