WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Custom Search






Table Of Contents  CertiGuide to Security+
 9  Chapter 5:  Operational/Organizational Security (Domain 5.0; 15%)
      9  5.4  Policy and Procedures
           9  5.4.1  Security Policy

Previous Topic/Section
5.4.1.3  Privacy
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.4.1.5  Need to Know
Next Topic/Section

5.4.1.4  Separation of Duties

Separation of duties involves the use of multiple personnel to perform the different steps involved in a job activity. Sensitive operations operate with what is called dual control. This means two people are tasked to a job, often with one given the responsibility of doing something, and the other given the responsibility of signing off on it. For example, a bank teller informs a supervisor of a transaction, and the supervisor initials that they reviewed the transaction. The assumption is that with an additional person involved, collusion is required to engage in an inappropriate activity. It was Ben Franklin who said, “Two people can keep a secret if one of them is dead.”

Specific separation of duties is part of a security policy. A typical procedure would be to have different employees for accounts payable and accounts receivables. For specific examples click on the footnote432.

Separation of Duties

Job tasks are split between employees, limiting full control of sensitive information.



 __________________

432. http://www.uh.edu/infotech/pnp/security/rotation.html

Previous Topic/Section
5.4.1.3  Privacy
Previous Page
Pages in Current Topic/Section
1
Next Page
 5.4.1.5  Need to Know
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.