Sally is the Director of Security at HakMe Corporation. She discovered that the IT Director has increased his salary by a few pennies per hour each month. Sally wanted to report this issue to management but could not find out what security goal was violated. By the way, Sally wants to develop a security strategy to prevent this violation from ever happening again. The plan should include at least one administrative control and two technical controls.
Which security goal was violated by the IT Director? What plan would you suggest to Sally to meet the above security controls requirements? Justify your answer