a security auditor discovered that several employees in the accounting department can print and sign checks. in her final report, she recommended restricting the number of people who can print checks and the number of people who can sign them. she also recommended that no one should be authorized to print and sign checks. which security policy does this describe?