An IS auditor has identified the lack of an authorization process for users of an application. The IS auditor's main concern should be that:
A��、more than one individual can claim to be a specific user.
B�����、there is no way to limit the functions assigned to users.
C�、user accounts can be shared.
D�、users have a need-to-know privilege.
