Which of the following should be of MOST concern to an IS auditor?
A、Lack of reporting of a successful attack on the network
B、Failure to notify police of an attempted intrusion
C、Lack of periodic examination of access rights
D、Lack of notification to the public of an intrusion