Watch this video on YouTube
If an IS auditor discovers evidence of risk associated with improper segregation of duties, such as the security administrator performing an operations function, what is the auditor's main responsibility?