An IS auditor finds that a DBA has read and write access to production data. The IS auditor should:
A、accept the DBA access as a common practice.
B、assess the controls relevant to the DBA function.
C、recommend the immediate revocation of the DBA access to production data.
D、review user access authorizations approved by the DBA.