An IS auditor notes that several users have not logged into an application for more than one year.
Which of the following would be the BEST audit recommendation?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The BEST audit recommendation in this scenario would be option C, which is to periodically review user access. This is because the fact that several users have not logged into an application for more than one year suggests that their accounts may no longer be necessary or in use. By reviewing user access periodically, the organization can identify inactive accounts and take appropriate action, such as disabling or deleting them.
Option A, to periodically review the information security policy, may be a good recommendation in general but is not directly related to the issue of inactive user accounts.
Option B, to update the termination procedures, may also be a good recommendation if the reason for the inactive accounts is related to the organization's termination process. However, there is no information in the question to suggest that this is the case.
Option D, to delete the affected users' IDs, may not be the best course of action without first reviewing the user accounts and confirming that they are no longer needed. It is possible that some of the inactive accounts belong to employees who are still with the organization but have not needed to use the application in question for more than a year. In such cases, deleting their IDs would be unnecessary and potentially disruptive.
Therefore, the best recommendation would be to periodically review user access and take appropriate action based on the findings.