An IS audit team is evaluating the documentation related to the most recent application user-access review performed by IT and business management. It is determined the user list was not system-generated.
Which of the following should be the GREATEST concern?
A . Source of the user list reviewed
B . Availability of the user list reviewed
C . Confidentiality of the user list reviewed
D . Completeness of the user list reviewed
Answer: A