While conducting an audit of a service provider, an IS auditor observes that the service provider has outsourced a part of the work to another provider. Since the work involves confidential information, the IS auditor's PRIMARY concern should be that the: 
A、requirement for protecting confidentiality of information could be compromised. 
B、contract may be terminated because prior permission from the outsourcer was not obtained. 
C、other service provider to whom work has been outsourced is not subject to audit. 
D、outsourcer will approach the other service provider directly for further work.