As an IT administrator, you notice that unauthorized changes have been made to several important company files. To identify the party responsible for these changes, which practice would be the most effective?
Performing regular system audits
Enforcing frequent password changes for all user accounts
Restoring the files from the most recent backup
Implementing stricter firewall rules
Maintaining and reviewing logs