What control should an IS auditor recommend to avoid out-of-range data in a database?

Implementing integrity constraints in the database is the most effective control to avoid out-of-range data. Integrity constraints are rules established within a database to ensure the accuracy and consistency of the stored data. These constraints can specify acceptable values for a field, such as defining a range for numerical data or requiring that certain fields must be present (not null). By setting these parameters, the database will automatically reject any data entries that do not conform to the specified rules, thus preventing out-of-range values from being accepted in the first place.

Logging all table update transactions, while useful for auditing and tracking changes, does not prevent out-of-range data from being entered initially. Instead, it serves as a post-facto measure to identify issues after they have occurred.

Implementing before and after image reporting allows an auditor to see how data has changed over time, which can be helpful for tracking alterations, but it does not prevent incorrect data from being entered in a database in the first place.

Using tracing and tagging can aid in monitoring and resource management but does not address the fundamental issue of data integrity within the database itself. Thus, integrity constraints are crucial for ensuring that all data adheres to the defined criteria, safeguarding the quality and reliability of the data held within the database.