Final answer:
True. Security audits often uncover excess access to critical data and unnecessary capabilities in personnel. This increases the risk of data breaches and unauthorized access.
Step-by-step explanation:
True. It is not uncommon for a security audit to reveal that too many people have access to critical data and that many people have capabilities beyond those needed to perform their jobs. This is a significant concern for organizations as it increases the risk of unauthorized access and potential data breaches.
For example, recent large-scale data breaches at Target, JP Morgan, Healthcare.gov, and Verizon exposed millions of people to the threat of identity theft when hackers gained access to personal information by compromising website security.
Organizations need to regularly conduct security audits to identify and address these vulnerabilities to ensure that only authorized individuals have access to critical data and that access privileges are aligned with job requirements.