3The information systems director is concerned that someone might be able to enter fictitious orders from store terminals. Of the following, the best control for minimizing the likelihood of such an occurrence is to

AnoEncrypting transmissions from the stores would ensure the confidentiality of the transmissions but would not deter the entry of bogus transactions.

BChange controls for programs ensure that only program changes are authorized, tested, and documented. Initial data input also needs to be restricted and available only to those who are authorized.

CyesPassword control procedures, which are type of access control, prevent the improper use or manipulation of data files and programs. They ensure that only those persons with a bona fide purpose and authorization have access to data processing. The use of passwords is an effective control in an online system to prevent unauthorized access to computer files, especially if remote terminals are involved. List of authorized persons are maintained in the computer.

DEncouraging store employees to report suspicious activity is a good practice, but suspicious activity often goes undetected or an employee does not feel comfortable reporting on a co-worker.