Which of the following is a control that can be implemented to reduce risk of internal fraud if application programmers are allowed to move programs into the production environment in a small organization?
A) Post-implementation functional testing
B) User acceptance testing
C) Validation of user requirements
D) Registration and review of changes