The most effective preventive control to enforce system administrator controls to manage the risks of operating system configurations that could result in breaches would be:

1) Penetration testing
2) Segregation of duties
3) Auditor review of activities
4) Management supervision