An organization has been recently downsized. In light of this, an IS auditor decides to test logical access controls. The IS auditor's PRIMARY concern should be that:
A、all system access is authorized and appropriate for an individual's role and responsibilities.
B、management has authorized appropriate access for all newly-hired individuals.
C、only the system administrator has authority to grant or modify access to individuals.
D、access authorization forms are used to grant or modify access to individuals.