Which of the following should be of MOST concern to an IS auditor? 
A、Lack of reporting of a successful attack on the network 
B、Failure to notify police of an attempted intrusion 
C、Lack of periodic examination of access rights 
D、Lack of notification to the public of an intrusion